mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-28 18:44:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2021/10/07 00:13:09

Browse source
This commit is contained in:
motikan2010-bot 2021-10-07 00:13:09 +09:00
parent 602e270632
commit 40bab68388
1108 changed files with 3471 additions and 36157 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
2006/CVE-2006-4468.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412621001,
"name": "CVE-2006-4468",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2006-4468",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2006-4468",
"description": "PoC for exploiting CVE-2006-4468 : Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of globals.php in administrator\/index.php; (5) the Admin User Manager; and (6) the poll module.",
"fork": false,
"created_at": "2021-10-01T21:25:41Z",
"updated_at": "2021-10-05T10:45:32Z",
"pushed_at": "2021-10-05T10:45:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2006/CVE-2006-4469.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412620965,
"name": "CVE-2006-4469",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2006-4469",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2006-4469",
"description": "PoC for exploiting CVE-2006-4469 : Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform \"remote execution,\" related to \"Injection Flaws.\"",
"fork": false,
"created_at": "2021-10-01T21:25:26Z",
"updated_at": "2021-10-05T10:45:23Z",
"pushed_at": "2021-10-05T10:45:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2006/CVE-2006-4470.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412620971,
"name": "CVE-2006-4470",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2006-4470",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2006-4470",
"description": "PoC for exploiting CVE-2006-4470 : Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion.",
"fork": false,
"created_at": "2021-10-01T21:25:30Z",
"updated_at": "2021-10-05T10:45:26Z",
"pushed_at": "2021-10-05T10:45:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2006/CVE-2006-4471.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413772943,
"name": "CVE-2006-4471",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2006-4471",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2006-4471",
"description": "PoC for exploiting CVE-2006-4471 : The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the \/images\/stories\/ directory via unspecified vectors.",
"fork": false,
"created_at": "2021-10-05T10:36:17Z",
"updated_at": "2021-10-05T10:36:22Z",
"pushed_at": "2021-10-05T10:36:19Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2006/CVE-2006-4472.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412620946,
"name": "CVE-2006-4472",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2006-4472",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2006-4472",
"description": "PoC for exploiting CVE-2006-4472 : Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authentication via unknown vectors involving the (1) do_pdf command and the (2) emailform com_content task.",
"fork": false,
"created_at": "2021-10-01T21:25:22Z",
"updated_at": "2021-10-05T10:45:20Z",
"pushed_at": "2021-10-05T10:45:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2007/CVE-2007-4188.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412620989,
"name": "CVE-2007-4188",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2007-4188",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2007-4188",
"description": "PoC for exploiting CVE-2007-4188 : Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hijack administrative web sessions via unspecified vectors.",
"fork": false,
"created_at": "2021-10-01T21:25:37Z",
"updated_at": "2021-10-05T10:45:29Z",
"pushed_at": "2021-10-05T10:45:26Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2007/CVE-2007-4189.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412621036,
"name": "CVE-2007-4189",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2007-4189",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2007-4189",
"description": "PoC for exploiting CVE-2007-4189 : Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, (2) com_content, and (3) mod_login components. NOTE: some of these details are obtained from third party information.",
"fork": false,
"created_at": "2021-10-01T21:25:52Z",
"updated_at": "2021-10-05T10:45:42Z",
"pushed_at": "2021-10-05T10:45:39Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2007/CVE-2007-4190.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412621051,
"name": "CVE-2007-4190",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2007-4190",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2007-4190",
"description": "PoC for exploiting CVE-2007-4190 : CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to inject arbitrary HTTP headers and probably conduct HTTP response splitting attacks via CRLF sequences in the url parameter. NOTE: this can be leveraged for cross-site scripting (XSS) attacks. NOTE: some of these details are obtained from third party information.",
"fork": false,
"created_at": "2021-10-01T21:25:56Z",
"updated_at": "2021-10-05T10:45:46Z",
"pushed_at": "2021-10-05T10:45:42Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2007/CVE-2007-5577.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412621024,
"name": "CVE-2007-5577",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2007-5577",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2007-5577",
"description": "PoC for exploiting CVE-2007-5577 : Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Section Name form fields in the Section Manager component, or (3) multiple unspecified fields in New Menu Item.",
"fork": false,
"created_at": "2021-10-01T21:25:49Z",
"updated_at": "2021-10-05T10:45:38Z",
"pushed_at": "2021-10-05T10:45:36Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2008/CVE-2008-4796.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413778059,
"name": "CVE-2008-4796",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2008-4796",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2008-4796",
"description": "PoC for exploiting CVE-2008-4796 : The _httpsrequest function (Snoopy\/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.",
"fork": false,
"created_at": "2021-10-05T10:53:26Z",
"updated_at": "2021-10-05T10:53:32Z",
"pushed_at": "2021-10-05T10:53:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2010/CVE-2010-4756.json
View file

@ -1,27 +0,0 @@
[
{
"id": 402134582,
"name": "CVE-2010-4756",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2010-4756",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2010-4756",
"description": "PoC for exploiting CVE-2010-4756 : The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.",
"fork": false,
"created_at": "2021-09-01T16:45:48Z",
"updated_at": "2021-09-01T16:45:53Z",
"pushed_at": "2021-09-01T16:45:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2012/CVE-2012-0881.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413781951,
"name": "CVE-2012-0881",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2012-0881",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2012-0881",
"description": "PoC for exploiting CVE-2012-0881 : Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.",
"fork": false,
"created_at": "2021-10-05T11:05:16Z",
"updated_at": "2021-10-05T11:05:21Z",
"pushed_at": "2021-10-05T11:05:19Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2013/CVE-2013-0340.json
View file

@ -1,27 +0,0 @@
[
{
"id": 408768920,
"name": "CVE-2013-0340",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2013-0340",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2013-0340",
"description": "PoC for exploiting CVE-2013-0340 : expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"fork": false,
"created_at": "2021-09-21T10:00:32Z",
"updated_at": "2021-09-21T10:00:32Z",
"pushed_at": "2021-09-21T10:00:32Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2013/CVE-2013-1914.json
View file

@ -1,27 +0,0 @@
[
{
"id": 402134453,
"name": "CVE-2013-1914",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2013-1914",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2013-1914",
"description": "PoC for exploiting CVE-2013-1914 : Stack-based buffer overflow in the getaddrinfo function in sysdeps\/posix\/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results.",
"fork": false,
"created_at": "2021-09-01T16:45:26Z",
"updated_at": "2021-09-01T16:45:31Z",
"pushed_at": "2021-09-01T16:45:28Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2013/CVE-2013-2763.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132839,
"name": "CVE-2013-2763",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2013-2763",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2013-2763",
"description": "PoC for exploiting CVE-2013-2763 : ** DISPUTED ** The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it \"could not be duplicated\" and \"an attacker could not remotely exploit this observed behavior to deny PLC control functions.\"",
"fork": false,
"created_at": "2021-08-20T02:32:25Z",
"updated_at": "2021-08-20T02:37:21Z",
"pushed_at": "2021-08-20T02:37:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2013/CVE-2013-6276.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132271,
"name": "CVE-2013-6276",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2013-6276",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2013-6276",
"description": "PoC for exploiting CVE-2013-6276 : ** UNSUPPORTED WHEN ASSIGNED ** QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models.",
"fork": false,
"created_at": "2021-08-20T02:29:44Z",
"updated_at": "2021-08-20T02:35:27Z",
"pushed_at": "2021-08-20T02:35:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2013/CVE-2013-7423.json
View file

@ -1,27 +0,0 @@
[
{
"id": 402134383,
"name": "CVE-2013-7423",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2013-7423",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2013-7423",
"description": "PoC for exploiting CVE-2013-7423 : The send_dg function in resolv\/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.",
"fork": false,
"created_at": "2021-09-01T16:45:14Z",
"updated_at": "2021-09-01T16:45:19Z",
"pushed_at": "2021-09-01T16:45:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2014/CVE-2014-0160.json
View file

@ -13,15 +13,15 @@
"description": "A checker (site and tool) for CVE-2014-0160",
"fork": false,
"created_at": "2014-04-07T23:03:09Z",
"updated_at": "2021-09-23T12:27:47Z",
"updated_at": "2021-10-06T09:10:34Z",
"pushed_at": "2021-02-24T09:17:24Z",
"stargazers_count": 2255,
"watchers_count": 2255,
"stargazers_count": 2256,
"watchers_count": 2256,
"forks_count": 480,
"allow_forking": true,
"visibility": "public",
"forks": 480,
"watchers": 2255,
"watchers": 2256,
"score": 0
},
{

25
2014/CVE-2014-3704.json
View file

@ -23,30 +23,5 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 413781076,
"name": "CVE-2014-3704",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2014-3704",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2014-3704",
"description": "PoC for exploiting CVE-2014-3704 : The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.",
"fork": false,
"created_at": "2021-10-05T11:02:27Z",
"updated_at": "2021-10-05T11:02:32Z",
"pushed_at": "2021-10-05T11:02:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2014/CVE-2014-4611.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413784251,
"name": "CVE-2014-4611",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2014-4611",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2014-4611",
"description": "PoC for exploiting CVE-2014-4611 : Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib\/lz4\/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.",
"fork": false,
"created_at": "2021-10-05T11:12:15Z",
"updated_at": "2021-10-05T11:12:20Z",
"pushed_at": "2021-10-05T11:12:17Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2015/CVE-2015-0235.json
View file

@ -448,30 +448,5 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 402134472,
"name": "CVE-2015-0235",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2015-0235",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2015-0235",
"description": "PoC for exploiting CVE-2015-0235 : Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\"",
"fork": false,
"created_at": "2021-09-01T16:45:30Z",
"updated_at": "2021-09-01T16:45:35Z",
"pushed_at": "2021-09-01T16:45:32Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2015/CVE-2015-7547.json
View file

@ -298,30 +298,5 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 402134408,
"name": "CVE-2015-7547",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2015-7547",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2015-7547",
"description": "PoC for exploiting CVE-2015-7547 : Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing \"dual A\/AAAA DNS queries\" and the libnss_dns.so.2 NSS module.",
"fork": false,
"created_at": "2021-09-01T16:45:18Z",
"updated_at": "2021-09-01T16:45:23Z",
"pushed_at": "2021-09-01T16:45:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2016/CVE-2016-10033.json
View file

@ -298,30 +298,5 @@
"forks": 0,
"watchers": 1,
"score": 0
},
{
"id": 413777891,
"name": "CVE-2016-10033",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-10033",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-10033",
"description": "PoC for exploiting CVE-2016-10033 : The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \\\" (backslash double quote) in a crafted Sender property.",
"fork": false,
"created_at": "2021-10-05T10:52:57Z",
"updated_at": "2021-10-05T10:53:02Z",
"pushed_at": "2021-10-05T10:53:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2016/CVE-2016-10045.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413777911,
"name": "CVE-2016-10045",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-10045",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-10045",
"description": "PoC for exploiting CVE-2016-10045 : The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.",
"fork": false,
"created_at": "2021-10-05T10:53:01Z",
"updated_at": "2021-10-05T10:53:07Z",
"pushed_at": "2021-10-05T10:53:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2016/CVE-2016-1234.json
View file

@ -1,27 +0,0 @@
[
{
"id": 402134429,
"name": "CVE-2016-1234",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-1234",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-1234",
"description": "PoC for exploiting CVE-2016-1234 : Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.",
"fork": false,
"created_at": "2021-09-01T16:45:22Z",
"updated_at": "2021-09-01T16:45:27Z",
"pushed_at": "2021-09-01T16:45:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2016/CVE-2016-20012.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413777434,
"name": "CVE-2016-20012",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-20012",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-20012",
"description": "PoC for exploiting CVE-2016-20012 : OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session.",
"fork": false,
"created_at": "2021-10-05T10:51:32Z",
"updated_at": "2021-10-05T10:51:37Z",
"pushed_at": "2021-10-05T10:51:34Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2016/CVE-2016-2568.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413781433,
"name": "CVE-2016-2568",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-2568",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-2568",
"description": "PoC for exploiting CVE-2016-2568 : pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
"fork": false,
"created_at": "2021-10-05T11:03:34Z",
"updated_at": "2021-10-05T11:03:40Z",
"pushed_at": "2021-10-05T11:03:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2016/CVE-2016-3720.json
View file

@ -1,27 +0,0 @@
[
{
"id": 404132322,
"name": "CVE-2019-10172",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10172",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10172",
"description": "PoC for exploiting CVE-2019-10172 : A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.",
"fork": false,
"created_at": "2021-09-07T21:51:57Z",
"updated_at": "2021-09-09T02:36:07Z",
"pushed_at": "2021-09-09T02:36:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2016/CVE-2016-4529.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132822,
"name": "CVE-2016-4529",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-4529",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-4529",
"description": "PoC for exploiting CVE-2016-4529 : An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171\/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag.",
"fork": false,
"created_at": "2021-08-20T02:32:21Z",
"updated_at": "2021-08-20T02:37:18Z",
"pushed_at": "2021-08-20T02:37:15Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

4
2016/CVE-2016-5195.json
View file

@ -192,10 +192,10 @@
"pushed_at": "2017-02-27T18:56:12Z",
"stargazers_count": 384,
"watchers_count": 384,
"forks_count": 136,
"forks_count": 135,
"allow_forking": true,
"visibility": "public",
"forks": 136,
"forks": 135,
"watchers": 384,
"score": 0
},

27
2016/CVE-2016-5385.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413780314,
"name": "CVE-2016-5385",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-5385",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-5385",
"description": "PoC for exploiting CVE-2016-5385 : PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue.",
"fork": false,
"created_at": "2021-10-05T11:00:29Z",
"updated_at": "2021-10-05T11:00:34Z",
"pushed_at": "2021-10-05T11:00:32Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2016/CVE-2016-6555.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412620685,
"name": "CVE-2016-6555",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-6555",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-6555",
"description": "PoC for exploiting CVE-2016-6555 : OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in version 18.0.2, released on September 20, 2016.",
"fork": false,
"created_at": "2021-10-01T21:24:13Z",
"updated_at": "2021-10-05T10:44:23Z",
"pushed_at": "2021-10-05T10:44:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2016/CVE-2016-6556.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412620703,
"name": "CVE-2016-6556",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2016-6556",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2016-6556",
"description": "PoC for exploiting CVE-2016-6556 : OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This issue was fixed in version 18.0.2, released on September 20, 2016.",
"fork": false,
"created_at": "2021-10-01T21:24:18Z",
"updated_at": "2021-10-05T10:44:26Z",
"pushed_at": "2021-10-05T10:44:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2016/CVE-2016-7190.json
View file

@ -13,15 +13,15 @@
"description": "ChakraCore exploitation techniques",
"fork": false,
"created_at": "2018-02-13T20:35:04Z",
"updated_at": "2019-09-12T20:50:20Z",
"updated_at": "2021-10-06T10:28:33Z",
"pushed_at": "2018-02-14T09:55:35Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 6,
"watchers": 7,
"score": 0
}
]

27
2017/CVE-2017-11189.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413778907,
"name": "CVE-2017-11189",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2017-11189",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2017-11189",
"description": "PoC for exploiting CVE-2017-11189 : unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121.",
"fork": false,
"created_at": "2021-10-05T10:55:53Z",
"updated_at": "2021-10-05T10:55:58Z",
"pushed_at": "2021-10-05T10:55:55Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2017/CVE-2017-12613.json
View file

@ -1,27 +0,0 @@
[
{
"id": 402244198,
"name": "CVE-2021-35940",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2021-35940",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2021-35940",
"description": "PoC for exploiting CVE-2021-35940 : An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue.",
"fork": false,
"created_at": "2021-09-02T00:47:46Z",
"updated_at": "2021-09-02T09:50:32Z",
"pushed_at": "2021-09-02T09:50:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

4
2017/CVE-2017-12617.json
View file

@ -17,10 +17,10 @@
"pushed_at": "2017-10-11T07:43:50Z",
"stargazers_count": 362,
"watchers_count": 362,
"forks_count": 135,
"forks_count": 136,
"allow_forking": true,
"visibility": "public",
"forks": 135,
"forks": 136,
"watchers": 362,
"score": 0
},

27
2017/CVE-2017-12678.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413777197,
"name": "CVE-2017-12678",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2017-12678",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2017-12678",
"description": "PoC for exploiting CVE-2017-12678 : In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file.",
"fork": false,
"created_at": "2021-10-05T10:50:46Z",
"updated_at": "2021-10-05T10:50:51Z",
"pushed_at": "2021-10-05T10:50:49Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2017/CVE-2017-14121.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413778887,
"name": "CVE-2017-14121",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2017-14121",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2017-14121",
"description": "PoC for exploiting CVE-2017-14121 : The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references.",
"fork": false,
"created_at": "2021-10-05T10:55:49Z",
"updated_at": "2021-10-05T10:55:54Z",
"pushed_at": "2021-10-05T10:55:52Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

4
2017/CVE-2017-5638.json
View file

@ -1017,10 +1017,10 @@
"pushed_at": "2017-09-28T21:10:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 3,
"forks_count": 2,
"allow_forking": true,
"visibility": "public",
"forks": 3,
"forks": 2,
"watchers": 0,
"score": 0
},

27
2017/CVE-2017-6026.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132815,
"name": "CVE-2017-6026",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2017-6026",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2017-6026",
"description": "PoC for exploiting CVE-2017-6026 : A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The session numbers generated by the web application are lacking randomization and are shared between several users. This may allow a current session to be compromised.",
"fork": false,
"created_at": "2021-08-20T02:32:17Z",
"updated_at": "2021-08-20T02:37:15Z",
"pushed_at": "2021-08-20T02:37:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2017/CVE-2017-6028.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132735,
"name": "CVE-2017-6028",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2017-6028",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2017-6028",
"description": "PoC for exploiting CVE-2017-6028 : An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them susceptible to sniffing. Sniffed credentials could then be used to log into the web application.",
"fork": false,
"created_at": "2021-08-20T02:31:57Z",
"updated_at": "2021-08-20T02:37:01Z",
"pushed_at": "2021-08-20T02:36:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2017/CVE-2017-6030.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132803,
"name": "CVE-2017-6030",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2017-6030",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2017-6030",
"description": "PoC for exploiting CVE-2017-6030 : A Predictable Value Range from Previous Values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected products generate insufficiently random TCP initial sequence numbers that may allow an attacker to predict the numbers from previous values. This may allow an attacker to spoof or disrupt TCP connections.",
"fork": false,
"created_at": "2021-08-20T02:32:13Z",
"updated_at": "2021-08-20T02:37:12Z",
"pushed_at": "2021-08-20T02:37:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-10023.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412620933,
"name": "CVE-2018-10023",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-10023",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-10023",
"description": "PoC for exploiting CVE-2018-10023 : Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat\/index\/index\/pinglun (aka an authenticated comment).",
"fork": false,
"created_at": "2021-10-01T21:25:18Z",
"updated_at": "2021-10-05T10:45:17Z",
"pushed_at": "2021-10-05T10:45:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-11439.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413777174,
"name": "CVE-2018-11439",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-11439",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-11439",
"description": "PoC for exploiting CVE-2018-11439 : The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.",
"fork": false,
"created_at": "2021-10-05T10:50:42Z",
"updated_at": "2021-10-05T10:50:47Z",
"pushed_at": "2021-10-05T10:50:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-14773.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413780299,
"name": "CVE-2018-14773",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-14773",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-14773",
"description": "PoC for exploiting CVE-2018-14773 : An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \\Symfony\\Component\\HttpFoundation\\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning.",
"fork": false,
"created_at": "2021-10-05T11:00:25Z",
"updated_at": "2021-10-05T11:00:30Z",
"pushed_at": "2021-10-05T11:00:27Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-16177.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413781414,
"name": "CVE-2018-16177",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-16177",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-16177",
"description": "PoC for exploiting CVE-2018-16177 : Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.",
"fork": false,
"created_at": "2021-10-05T11:03:31Z",
"updated_at": "2021-10-05T11:03:36Z",
"pushed_at": "2021-10-05T11:03:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-16871.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413768379,
"name": "CVE-2018-16871",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-16871",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-16871",
"description": "PoC for exploiting CVE-2018-16871 : A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.",
"fork": false,
"created_at": "2021-10-05T10:20:48Z",
"updated_at": "2021-10-05T10:31:14Z",
"pushed_at": "2021-10-05T10:31:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-20217.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413777236,
"name": "CVE-2018-20217",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-20217",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-20217",
"description": "PoC for exploiting CVE-2018-20217 : A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
"fork": false,
"created_at": "2021-10-05T10:50:55Z",
"updated_at": "2021-10-05T10:51:00Z",
"pushed_at": "2021-10-05T10:50:57Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-5729.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413777270,
"name": "CVE-2018-5729",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-5729",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-5729",
"description": "PoC for exploiting CVE-2018-5729 : MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.",
"fork": false,
"created_at": "2021-10-05T10:51:03Z",
"updated_at": "2021-10-05T10:51:08Z",
"pushed_at": "2021-10-05T10:51:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-5730.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413777254,
"name": "CVE-2018-5730",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-5730",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-5730",
"description": "PoC for exploiting CVE-2018-5730 : MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a \"linkdn\" and \"containerdn\" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.",
"fork": false,
"created_at": "2021-10-05T10:50:59Z",
"updated_at": "2021-10-05T10:51:04Z",
"pushed_at": "2021-10-05T10:51:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2018/CVE-2018-6242.json
View file

@ -13,15 +13,15 @@
"description": "My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)",
"fork": false,
"created_at": "2018-04-28T11:50:00Z",
"updated_at": "2021-09-29T03:04:51Z",
"updated_at": "2021-10-06T12:12:38Z",
"pushed_at": "2018-08-30T05:37:03Z",
"stargazers_count": 428,
"watchers_count": 428,
"stargazers_count": 429,
"watchers_count": 429,
"forks_count": 53,
"allow_forking": true,
"visibility": "public",
"forks": 53,
"watchers": 428,
"watchers": 429,
"score": 0
},
{

27
2018/CVE-2018-7789.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132773,
"name": "CVE-2018-7789",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-7789",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-7789",
"description": "PoC for exploiting CVE-2018-7789 : An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.",
"fork": false,
"created_at": "2021-08-20T02:32:05Z",
"updated_at": "2021-08-20T02:37:07Z",
"pushed_at": "2021-08-20T02:37:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-7790.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132787,
"name": "CVE-2018-7790",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-7790",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-7790",
"description": "PoC for exploiting CVE-2018-7790 : An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.",
"fork": false,
"created_at": "2021-08-20T02:32:09Z",
"updated_at": "2021-08-20T02:37:10Z",
"pushed_at": "2021-08-20T02:37:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-7821.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132692,
"name": "CVE-2018-7821",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-7821",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-7821",
"description": "PoC for exploiting CVE-2018-7821 : An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet\/IP adapter is activated.",
"fork": false,
"created_at": "2021-08-20T02:31:46Z",
"updated_at": "2021-08-20T02:36:53Z",
"pushed_at": "2021-08-20T02:36:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-7842.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132751,
"name": "CVE-2018-7842",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-7842",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-7842",
"description": "PoC for exploiting CVE-2018-7842 : A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller.",
"fork": false,
"created_at": "2021-08-20T02:32:01Z",
"updated_at": "2021-08-20T02:37:04Z",
"pushed_at": "2021-08-20T02:37:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2018/CVE-2018-8256.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413777938,
"name": "CVE-2018-8256",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2018-8256",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2018-8256",
"description": "PoC for exploiting CVE-2018-8256 : A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka \"Microsoft PowerShell Remote Code Execution Vulnerability.\" This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1.",
"fork": false,
"created_at": "2021-10-05T10:53:06Z",
"updated_at": "2021-10-05T10:53:11Z",
"pushed_at": "2021-10-05T10:53:08Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-0205.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413768005,
"name": "CVE-2019-0205",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-0205",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-0205",
"description": "PoC for exploiting CVE-2019-0205 : In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.",
"fork": false,
"created_at": "2021-10-05T10:19:24Z",
"updated_at": "2021-10-05T10:30:08Z",
"pushed_at": "2021-10-05T10:30:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-0227.json
View file

@ -23,30 +23,5 @@
"forks": 3,
"watchers": 1,
"score": 0
},
{
"id": 413781478,
"name": "CVE-2019-0227",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-0227",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-0227",
"description": "PoC for exploiting CVE-2019-0227 : A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.",
"fork": false,
"created_at": "2021-10-05T11:03:43Z",
"updated_at": "2021-10-05T11:03:48Z",
"pushed_at": "2021-10-05T11:03:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-10095.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413784142,
"name": "CVE-2019-10095",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10095",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10095",
"description": "PoC for exploiting CVE-2019-10095 : bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.",
"fork": false,
"created_at": "2021-10-05T11:11:55Z",
"updated_at": "2021-10-05T11:12:00Z",
"pushed_at": "2021-10-05T11:11:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-10156.json
View file

@ -1,27 +0,0 @@
[
{
"id": 393781839,
"name": "CVE-2019-10156",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10156",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10156",
"description": "PoC for exploiting CVE-2019-10156 : A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.",
"fork": false,
"created_at": "2021-08-07T20:07:06Z",
"updated_at": "2021-08-07T20:07:10Z",
"pushed_at": "2021-08-07T20:07:08Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-10172.json
View file

@ -23,30 +23,5 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 404132322,
"name": "CVE-2019-10172",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10172",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10172",
"description": "PoC for exploiting CVE-2019-10172 : A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.",
"fork": false,
"created_at": "2021-09-07T21:51:57Z",
"updated_at": "2021-09-09T02:36:07Z",
"pushed_at": "2021-09-09T02:36:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-10181.json
View file

@ -1,27 +0,0 @@
[
{
"id": 389094980,
"name": "CVE-2019-10181",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10181",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10181",
"description": "PoC for exploiting CVE-2019-10181 : It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox.",
"fork": false,
"created_at": "2021-07-24T12:33:56Z",
"updated_at": "2021-07-24T12:34:02Z",
"pushed_at": "2021-07-24T12:34:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-10206.json
View file

@ -1,27 +0,0 @@
[
{
"id": 393781825,
"name": "CVE-2019-10206",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10206",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10206",
"description": "PoC for exploiting CVE-2019-10206 : ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.",
"fork": false,
"created_at": "2021-08-07T20:07:01Z",
"updated_at": "2021-08-07T20:07:08Z",
"pushed_at": "2021-08-07T20:07:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-10910.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413780270,
"name": "CVE-2019-10910",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10910",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10910",
"description": "PoC for exploiting CVE-2019-10910 : In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony\/dependency-injection.",
"fork": false,
"created_at": "2021-10-05T11:00:17Z",
"updated_at": "2021-10-05T11:00:22Z",
"pushed_at": "2021-10-05T11:00:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-10911.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413780247,
"name": "CVE-2019-10911",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10911",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10911",
"description": "PoC for exploiting CVE-2019-10911 : In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony\/security.",
"fork": false,
"created_at": "2021-10-05T11:00:13Z",
"updated_at": "2021-10-05T11:00:18Z",
"pushed_at": "2021-10-05T11:00:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-10953.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132847,
"name": "CVE-2019-10953",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-10953",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-10953",
"description": "PoC for exploiting CVE-2019-10953 : ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.",
"fork": false,
"created_at": "2021-08-20T02:32:29Z",
"updated_at": "2021-08-20T02:37:23Z",
"pushed_at": "2021-08-20T02:37:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-11358.json
View file

@ -98,30 +98,5 @@
"forks": 6,
"watchers": 8,
"score": 0
},
{
"id": 412620887,
"name": "CVE-2019-11358",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-11358",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-11358",
"description": "PoC for exploiting CVE-2019-11358 : jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"fork": false,
"created_at": "2021-10-01T21:25:07Z",
"updated_at": "2021-10-05T10:45:07Z",
"pushed_at": "2021-10-05T10:45:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-11595.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413785534,
"name": "CVE-2019-11595",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-11595",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-11595",
"description": "PoC for exploiting CVE-2019-11595 : In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.",
"fork": false,
"created_at": "2021-10-05T11:16:23Z",
"updated_at": "2021-10-05T11:16:28Z",
"pushed_at": "2021-10-05T11:16:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2019/CVE-2019-11708.json
View file

@ -13,15 +13,15 @@
"description": "Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.",
"fork": false,
"created_at": "2019-09-29T07:08:52Z",
"updated_at": "2021-09-30T14:15:09Z",
"updated_at": "2021-10-06T12:11:03Z",
"pushed_at": "2020-06-13T17:40:14Z",
"stargazers_count": 594,
"watchers_count": 594,
"stargazers_count": 595,
"watchers_count": 595,
"forks_count": 83,
"allow_forking": true,
"visibility": "public",
"forks": 83,
"watchers": 594,
"watchers": 595,
"score": 0
}
]

27
2019/CVE-2019-11831.json
View file

@ -1,27 +0,0 @@
[
{
"id": 412620870,
"name": "CVE-2019-11831",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-11831",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-11831",
"description": "PoC for exploiting CVE-2019-11831 : The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:\/\/\/path\/bad.phar\/..\/good.phar URL.",
"fork": false,
"created_at": "2021-10-01T21:25:03Z",
"updated_at": "2021-10-05T10:45:03Z",
"pushed_at": "2021-10-05T10:45:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-12823.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413781332,
"name": "CVE-2019-12823",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-12823",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-12823",
"description": "PoC for exploiting CVE-2019-12823 : Craft CMS before 3.1.31 does not properly filter XML feeds and thus allowing XSS.",
"fork": false,
"created_at": "2021-10-05T11:03:19Z",
"updated_at": "2021-10-05T11:03:24Z",
"pushed_at": "2021-10-05T11:03:21Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-14846.json
View file

@ -1,27 +0,0 @@
[
{
"id": 393781627,
"name": "CVE-2019-14846",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-14846",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-14846",
"description": "PoC for exploiting CVE-2019-14846 : In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.",
"fork": false,
"created_at": "2021-08-07T20:06:10Z",
"updated_at": "2021-08-07T20:06:15Z",
"pushed_at": "2021-08-07T20:06:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-14864.json
View file

@ -1,27 +0,0 @@
[
{
"id": 393781712,
"name": "CVE-2019-14864",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-14864",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-14864",
"description": "PoC for exploiting CVE-2019-14864 : Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.",
"fork": false,
"created_at": "2021-08-07T20:06:33Z",
"updated_at": "2021-08-07T20:06:38Z",
"pushed_at": "2021-08-07T20:06:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-14904.json
View file

@ -1,27 +0,0 @@
[
{
"id": 393781777,
"name": "CVE-2019-14904",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-14904",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-14904",
"description": "PoC for exploiting CVE-2019-14904 : A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.",
"fork": false,
"created_at": "2021-08-07T20:06:49Z",
"updated_at": "2021-08-07T20:06:54Z",
"pushed_at": "2021-08-07T20:06:52Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-17495.json
View file

@ -23,30 +23,5 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 408768952,
"name": "CVE-2019-17495",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-17495",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-17495",
"description": "PoC for exploiting CVE-2019-17495 : A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method.",
"fork": false,
"created_at": "2021-09-21T10:00:35Z",
"updated_at": "2021-09-21T10:00:41Z",
"pushed_at": "2021-09-21T10:00:38Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-17571.json
View file

@ -48,30 +48,5 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 402368782,
"name": "CVE-2019-17571",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-17571",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-17571",
"description": "PoC for exploiting CVE-2019-17571 : Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
"fork": false,
"created_at": "2021-09-02T09:49:19Z",
"updated_at": "2021-09-02T09:49:19Z",
"pushed_at": "2021-09-02T09:49:19Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-18413.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413784218,
"name": "CVE-2019-18413",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-18413",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-18413",
"description": "PoC for exploiting CVE-2019-18413 : In TypeStack class-validator 0.10.2, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input. NOTE: a software maintainer agrees with the \"is not documented\" finding but suggests that much of the responsibility for the risk lies in a different product.",
"fork": false,
"created_at": "2021-10-05T11:12:08Z",
"updated_at": "2021-10-05T11:12:13Z",
"pushed_at": "2021-10-05T11:12:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-19797.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413773189,
"name": "CVE-2019-19797",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-19797",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-19797",
"description": "PoC for exploiting CVE-2019-19797 : read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.",
"fork": false,
"created_at": "2021-10-05T10:37:13Z",
"updated_at": "2021-10-05T10:37:18Z",
"pushed_at": "2021-10-05T10:37:15Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-25052.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132877,
"name": "CVE-2019-25052",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-25052",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-25052",
"description": "PoC for exploiting CVE-2019-25052 : In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.",
"fork": false,
"created_at": "2021-08-20T02:32:37Z",
"updated_at": "2021-08-20T02:37:29Z",
"pushed_at": "2021-08-20T02:37:26Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-3820.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413781034,
"name": "CVE-2019-3820",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-3820",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-3820",
"description": "PoC for exploiting CVE-2019-3820 : It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.",
"fork": false,
"created_at": "2021-10-05T11:02:19Z",
"updated_at": "2021-10-05T11:02:24Z",
"pushed_at": "2021-10-05T11:02:22Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2019/CVE-2019-6447.json
View file

@ -13,15 +13,15 @@
"description": "ES File Explorer Open Port Vulnerability - CVE-2019-6447",
"fork": false,
"created_at": "2019-01-09T22:30:42Z",
"updated_at": "2021-10-02T14:58:57Z",
"updated_at": "2021-10-06T13:21:09Z",
"pushed_at": "2021-09-01T08:56:40Z",
"stargazers_count": 635,
"watchers_count": 635,
"stargazers_count": 636,
"watchers_count": 636,
"forks_count": 137,
"allow_forking": true,
"visibility": "public",
"forks": 137,
"watchers": 635,
"watchers": 636,
"score": 0
},
{

27
2019/CVE-2019-6820.json
View file

@ -1,27 +0,0 @@
[
{
"id": 398132723,
"name": "CVE-2019-6820",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-6820",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-6820",
"description": "PoC for exploiting CVE-2019-6820 : A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2",
"fork": false,
"created_at": "2021-08-20T02:31:53Z",
"updated_at": "2021-08-20T02:36:58Z",
"pushed_at": "2021-08-20T02:36:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-7254.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413771931,
"name": "CVE-2019-7254",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-7254",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-7254",
"description": "PoC for exploiting CVE-2019-7254 : Linear eMerge E3-Series devices allow File Inclusion.",
"fork": false,
"created_at": "2021-10-05T10:32:37Z",
"updated_at": "2021-10-05T10:32:42Z",
"pushed_at": "2021-10-05T10:32:39Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2019/CVE-2019-9060.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413782170,
"name": "CVE-2019-9060",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2019-9060",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2019-9060",
"description": "PoC for exploiting CVE-2019-9060 : An issue was discovered in CMS Made Simple 2.2.8. It is possible to achieve unauthenticated path traversal in the CGExtensions module (in the file action.setdefaulttemplate.php) with the m1_filename parameter; and through the action.showmessage.php file, it is possible to read arbitrary file content (by using that path traversal with m1_prefname set to cg_errormsg and m1_resettodefault=1).",
"fork": false,
"created_at": "2021-10-05T11:05:51Z",
"updated_at": "2021-10-05T11:05:56Z",
"pushed_at": "2021-10-05T11:05:53Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-10684.json
View file

@ -1,27 +0,0 @@
[
{
"id": 393781854,
"name": "CVE-2020-10684",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-10684",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-10684",
"description": "PoC for exploiting CVE-2020-10684 : A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.",
"fork": false,
"created_at": "2021-08-07T20:07:10Z",
"updated_at": "2021-08-07T20:07:14Z",
"pushed_at": "2021-08-07T20:07:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-10685.json
View file

@ -1,27 +0,0 @@
[
{
"id": 393781807,
"name": "CVE-2020-10685",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-10685",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-10685",
"description": "PoC for exploiting CVE-2020-10685 : A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in \/tmp leaves the s ts unencrypted. On Operating Systems which \/tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.",
"fork": false,
"created_at": "2021-08-07T20:06:57Z",
"updated_at": "2021-08-07T20:07:01Z",
"pushed_at": "2021-08-07T20:06:59Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-10729.json
View file

@ -1,27 +0,0 @@
[
{
"id": 393781591,
"name": "CVE-2020-10729",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-10729",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-10729",
"description": "PoC for exploiting CVE-2020-10729 : A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.",
"fork": false,
"created_at": "2021-08-07T20:06:01Z",
"updated_at": "2021-08-07T20:06:06Z",
"pushed_at": "2021-08-07T20:06:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-12080.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413782129,
"name": "CVE-2020-12080",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-12080",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-12080",
"description": "PoC for exploiting CVE-2020-12080 : A Denial of Service vulnerability has been identified in FlexNet Publisher's lmadmin.exe version 11.16.6. A certain message protocol can be exploited to cause lmadmin to crash.",
"fork": false,
"created_at": "2021-10-05T11:05:43Z",
"updated_at": "2021-10-05T11:05:49Z",
"pushed_at": "2021-10-05T11:05:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-12082.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413782055,
"name": "CVE-2020-12082",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-12082",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-12082",
"description": "PoC for exploiting CVE-2020-12082 : A stored cross-site scripting issue impacts certain areas of the Web UI for Code Insight v7.x releases up to and including 2020 R1 (7.11.0-64).",
"fork": false,
"created_at": "2021-10-05T11:05:32Z",
"updated_at": "2021-10-05T11:05:37Z",
"pushed_at": "2021-10-05T11:05:34Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-12083.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413781149,
"name": "CVE-2020-12083",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-12083",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-12083",
"description": "PoC for exploiting CVE-2020-12083 : An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to and including 2020 R1 (7.11.0-64).",
"fork": false,
"created_at": "2021-10-05T11:02:43Z",
"updated_at": "2021-10-05T11:02:48Z",
"pushed_at": "2021-10-05T11:02:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-13929.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413784169,
"name": "CVE-2020-13929",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-13929",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-13929",
"description": "PoC for exploiting CVE-2020-13929 : Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.",
"fork": false,
"created_at": "2021-10-05T11:11:59Z",
"updated_at": "2021-10-05T11:12:05Z",
"pushed_at": "2021-10-05T11:12:02Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-13936.json
View file

@ -1,27 +0,0 @@
[
{
"id": 389094904,
"name": "CVE-2020-13936",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-13936",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-13936",
"description": "PoC for exploiting CVE-2020-13936 : An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload\/modify velocity templates running Apache Velocity Engine versions up to 2.2.",
"fork": false,
"created_at": "2021-07-24T12:33:32Z",
"updated_at": "2021-07-24T12:33:38Z",
"pushed_at": "2021-07-24T12:33:36Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-13949.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413773171,
"name": "CVE-2020-13949",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-13949",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-13949",
"description": "PoC for exploiting CVE-2020-13949 : In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.",
"fork": false,
"created_at": "2021-10-05T10:37:09Z",
"updated_at": "2021-10-05T10:37:14Z",
"pushed_at": "2021-10-05T10:37:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-13959.json
View file

@ -1,27 +0,0 @@
[
{
"id": 389094922,
"name": "CVE-2020-13959",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-13959",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-13959",
"description": "PoC for exploiting CVE-2020-13959 : The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL. An attacker can set an XSS payload file as this vm file in the URL which results in this payload being executed. XSS vulnerabilities allow attackers to execute arbitrary JavaScript in the context of the attacked website and the attacked user. This can be abused to steal session cookies, perform requests in the name of the victim or for phishing attacks.",
"fork": false,
"created_at": "2021-07-24T12:33:37Z",
"updated_at": "2021-07-24T12:33:44Z",
"pushed_at": "2021-07-24T12:33:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-14119.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413785798,
"name": "CVE-2020-14119",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-14119",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-14119",
"description": "PoC for exploiting CVE-2020-14119 : There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12",
"fork": false,
"created_at": "2021-10-05T11:17:13Z",
"updated_at": "2021-10-05T11:17:19Z",
"pushed_at": "2021-10-05T11:17:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-14124.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413785625,
"name": "CVE-2020-14124",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-14124",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-14124",
"description": "PoC for exploiting CVE-2020-14124 : There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.",
"fork": false,
"created_at": "2021-10-05T11:16:39Z",
"updated_at": "2021-10-05T11:16:44Z",
"pushed_at": "2021-10-05T11:16:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-1416.json
View file

@ -1,27 +0,0 @@
[
{
"id": 413778425,
"name": "CVE-2020-1416",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-1416",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-1416",
"description": "PoC for exploiting CVE-2020-1416 : An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.",
"fork": false,
"created_at": "2021-10-05T10:54:32Z",
"updated_at": "2021-10-05T10:54:37Z",
"pushed_at": "2021-10-05T10:54:34Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-14308.json
View file

@ -1,27 +0,0 @@
[
{
"id": 407737048,
"name": "CVE-2020-14308",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-14308",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-14308",
"description": "PoC for exploiting CVE-2020-14308 : In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.",
"fork": false,
"created_at": "2021-09-18T02:46:42Z",
"updated_at": "2021-09-18T02:46:47Z",
"pushed_at": "2021-09-18T02:46:44Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

27
2020/CVE-2020-14311.json
View file

@ -1,27 +0,0 @@
[
{
"id": 407737079,
"name": "CVE-2020-14311",
"full_name": "AKIA27TACKEDYE76PUGU\/CVE-2020-14311",
"owner": {
"login": "AKIA27TACKEDYE76PUGU",
"id": 86665563,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86665563?v=4",
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU"
},
"html_url": "https:\/\/github.com\/AKIA27TACKEDYE76PUGU\/CVE-2020-14311",
"description": "PoC for exploiting CVE-2020-14311 : There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.",
"fork": false,
"created_at": "2021-09-18T02:46:50Z",
"updated_at": "2021-09-18T02:46:55Z",
"pushed_at": "2021-09-18T02:46:52Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

Some files were not shown because too many files have changed in this diff Show more