From 41f4801cdcd66211f5c21495d375a2a2b099fea5 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Tue, 10 Dec 2024 03:32:54 +0900 Subject: [PATCH] Auto Update 2024/12/09 18:32:54 --- 2004/CVE-2004-1561.json | 2 +- 2012/CVE-2012-1823.json | 2 +- 2017/CVE-2017-5638.json | 2 +- 2018/CVE-2018-25031.json | 31 +++++++++++++++++++++++++++++++ 2018/CVE-2018-6622.json | 8 ++++---- 2019/CVE-2019-1010174.json | 8 ++++---- 2020/CVE-2020-15916.json | 8 ++++---- 2021/CVE-2021-1675.json | 4 ++-- 2021/CVE-2021-34429.json | 8 ++++---- 2021/CVE-2021-34527.json | 4 ++-- 2021/CVE-2021-4034.json | 8 ++++---- 2022/CVE-2022-0944.json | 16 ++++++++-------- 2022/CVE-2022-22965.json | 12 ++++++------ 2022/CVE-2022-26134.json | 8 ++++---- 2022/CVE-2022-27925.json | 16 ++++++++-------- 2023/CVE-2023-21768.json | 8 ++++---- 2023/CVE-2023-2255.json | 8 ++++---- 2023/CVE-2023-23752.json | 8 ++++---- 2023/CVE-2023-3519.json | 8 ++++---- 2023/CVE-2023-38831.json | 8 ++++---- 2024/CVE-2024-0044.json | 2 +- 2024/CVE-2024-10914.json | 8 ++++---- 2024/CVE-2024-11393.json | 12 ++++++------ 2024/CVE-2024-12155.json | 2 +- 2024/CVE-2024-12209.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-12270.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-21413.json | 8 ++++---- 2024/CVE-2024-24549.json | 8 ++++---- 2024/CVE-2024-3094.json | 8 ++++---- 2024/CVE-2024-3400.json | 4 ++-- 2024/CVE-2024-38193.json | 12 ++++++------ 2024/CVE-2024-42327.json | 2 +- 2024/CVE-2024-6387.json | 8 ++++---- 2024/CVE-2024-9441.json | 31 +++++++++++++++++++++++++++++++ README.md | 16 ++++++++++++++++ 35 files changed, 254 insertions(+), 110 deletions(-) create mode 100644 2024/CVE-2024-12209.json create mode 100644 2024/CVE-2024-12270.json diff --git a/2004/CVE-2004-1561.json b/2004/CVE-2004-1561.json index cbb56dbde3..2fc47f1df4 100644 --- a/2004/CVE-2004-1561.json +++ b/2004/CVE-2004-1561.json @@ -152,6 +152,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2012/CVE-2012-1823.json b/2012/CVE-2012-1823.json index 1272b37361..b0c283a97c 100644 --- a/2012/CVE-2012-1823.json +++ b/2012/CVE-2012-1823.json @@ -183,6 +183,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json index d97dfebb63..c0c641fab5 100644 --- a/2017/CVE-2017-5638.json +++ b/2017/CVE-2017-5638.json @@ -2252,6 +2252,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2018/CVE-2018-25031.json b/2018/CVE-2018-25031.json index b10ba3efc5..44ad391d74 100644 --- a/2018/CVE-2018-25031.json +++ b/2018/CVE-2018-25031.json @@ -370,5 +370,36 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 900870658, + "name": "CVE-2018-25031-tests", + "full_name": "Proklinius897\/CVE-2018-25031-tests", + "owner": { + "login": "Proklinius897", + "id": 37267266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37267266?v=4", + "html_url": "https:\/\/github.com\/Proklinius897", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Proklinius897\/CVE-2018-25031-tests", + "description": "Testing for exploitation", + "fork": false, + "created_at": "2024-12-09T16:13:18Z", + "updated_at": "2024-12-09T16:13:19Z", + "pushed_at": "2024-12-09T16:13:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-6622.json b/2018/CVE-2018-6622.json index 4456280fe9..47aea8298a 100644 --- a/2018/CVE-2018-6622.json +++ b/2018/CVE-2018-6622.json @@ -14,10 +14,10 @@ "description": "TPM vulnerability checking tool for CVE-2018-6622. This tool will be published at Black Hat Asia 2019 and Black Hat Europe 2019", "fork": false, "created_at": "2019-02-07T06:45:27Z", - "updated_at": "2024-10-22T13:18:26Z", + "updated_at": "2024-12-09T14:22:47Z", "pushed_at": "2022-06-26T06:08:02Z", - "stargazers_count": 100, - "watchers_count": 100, + "stargazers_count": 101, + "watchers_count": 101, "has_discussions": false, "forks_count": 20, "allow_forking": true, @@ -34,7 +34,7 @@ ], "visibility": "public", "forks": 20, - "watchers": 100, + "watchers": 101, "score": 0, "subscribers_count": 12 } diff --git a/2019/CVE-2019-1010174.json b/2019/CVE-2019-1010174.json index f8c5e4d740..f60612dcbb 100644 --- a/2019/CVE-2019-1010174.json +++ b/2019/CVE-2019-1010174.json @@ -14,10 +14,10 @@ "description": " CImg Library v.2.3.3 - command injection", "fork": false, "created_at": "2024-12-01T05:32:57Z", - "updated_at": "2024-12-01T05:38:08Z", + "updated_at": "2024-12-09T13:10:18Z", "pushed_at": "2024-12-01T05:38:05Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2020/CVE-2020-15916.json b/2020/CVE-2020-15916.json index 52ae273144..a5b28da0f8 100644 --- a/2020/CVE-2020-15916.json +++ b/2020/CVE-2020-15916.json @@ -14,10 +14,10 @@ "description": "This project is a PoC for exploiting CVE-2020-15916, a vulnerability that allows unauthorized changes to the LAN configuration of a device", "fork": false, "created_at": "2024-10-13T17:30:19Z", - "updated_at": "2024-10-21T08:14:50Z", + "updated_at": "2024-12-09T17:16:19Z", "pushed_at": "2024-10-13T17:31:06Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 1 } diff --git a/2021/CVE-2021-1675.json b/2021/CVE-2021-1675.json index b0fd43c53a..1b4ae972eb 100644 --- a/2021/CVE-2021-1675.json +++ b/2021/CVE-2021-1675.json @@ -316,13 +316,13 @@ "stargazers_count": 1019, "watchers_count": 1019, "has_discussions": false, - "forks_count": 230, + "forks_count": 231, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 230, + "forks": 231, "watchers": 1019, "score": 0, "subscribers_count": 26 diff --git a/2021/CVE-2021-34429.json b/2021/CVE-2021-34429.json index 570839365d..c93a8a0b5f 100644 --- a/2021/CVE-2021-34429.json +++ b/2021/CVE-2021-34429.json @@ -14,10 +14,10 @@ "description": "POC for CVE-2021-34429 - Eclipse Jetty 11.0.5 Sensitive File Disclosure", "fork": false, "created_at": "2021-11-03T09:13:12Z", - "updated_at": "2024-09-27T11:59:51Z", + "updated_at": "2024-12-09T18:18:43Z", "pushed_at": "2021-11-03T11:51:41Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -34,7 +34,7 @@ ], "visibility": "public", "forks": 2, - "watchers": 3, + "watchers": 4, "score": 0, "subscribers_count": 1 } diff --git a/2021/CVE-2021-34527.json b/2021/CVE-2021-34527.json index 469cd7ba40..1dd34a3da9 100644 --- a/2021/CVE-2021-34527.json +++ b/2021/CVE-2021-34527.json @@ -249,13 +249,13 @@ "stargazers_count": 786, "watchers_count": 786, "has_discussions": false, - "forks_count": 122, + "forks_count": 123, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 122, + "forks": 123, "watchers": 786, "score": 0, "subscribers_count": 10 diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index c58122f7c5..c6facdfbf0 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -967,10 +967,10 @@ "description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation", "fork": false, "created_at": "2022-01-26T14:26:10Z", - "updated_at": "2024-12-04T05:08:31Z", + "updated_at": "2024-12-09T15:53:46Z", "pushed_at": "2022-06-21T14:52:05Z", - "stargazers_count": 1088, - "watchers_count": 1088, + "stargazers_count": 1089, + "watchers_count": 1089, "has_discussions": false, "forks_count": 190, "allow_forking": true, @@ -981,7 +981,7 @@ ], "visibility": "public", "forks": 190, - "watchers": 1088, + "watchers": 1089, "score": 0, "subscribers_count": 13 }, diff --git a/2022/CVE-2022-0944.json b/2022/CVE-2022-0944.json index dc25e3289d..8c63454bcb 100644 --- a/2022/CVE-2022-0944.json +++ b/2022/CVE-2022-0944.json @@ -76,10 +76,10 @@ "description": "SQLPad - Template injection (POC exploit for SQLPad RCE [CVE-2022-0944])", "fork": false, "created_at": "2024-09-09T19:09:43Z", - "updated_at": "2024-11-20T02:17:10Z", + "updated_at": "2024-12-09T18:18:45Z", "pushed_at": "2024-09-10T14:23:01Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 1 }, @@ -138,10 +138,10 @@ "description": null, "fork": false, "created_at": "2024-09-13T09:30:08Z", - "updated_at": "2024-09-27T11:59:56Z", + "updated_at": "2024-12-09T18:18:46Z", "pushed_at": "2024-09-13T09:44:56Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -150,7 +150,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 }, diff --git a/2022/CVE-2022-22965.json b/2022/CVE-2022-22965.json index b547404277..3659a255e4 100644 --- a/2022/CVE-2022-22965.json +++ b/2022/CVE-2022-22965.json @@ -137,13 +137,13 @@ "stargazers_count": 311, "watchers_count": 311, "has_discussions": false, - "forks_count": 236, + "forks_count": 237, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 236, + "forks": 237, "watchers": 311, "score": 0, "subscribers_count": 10 @@ -323,10 +323,10 @@ "description": "Exploit a vulnerable Spring application with the Spring4Shell (CVE-2022-22965) Vulnerability.", "fork": false, "created_at": "2022-03-31T15:01:12Z", - "updated_at": "2024-08-12T20:22:02Z", + "updated_at": "2024-12-09T12:42:11Z", "pushed_at": "2022-04-06T15:00:14Z", - "stargazers_count": 43, - "watchers_count": 43, + "stargazers_count": 44, + "watchers_count": 44, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -335,7 +335,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 43, + "watchers": 44, "score": 0, "subscribers_count": 2 }, diff --git a/2022/CVE-2022-26134.json b/2022/CVE-2022-26134.json index e74c1946e4..cc1d47d525 100644 --- a/2022/CVE-2022-26134.json +++ b/2022/CVE-2022-26134.json @@ -14,10 +14,10 @@ "description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。", "fork": false, "created_at": "2022-05-31T07:44:01Z", - "updated_at": "2024-12-08T11:14:01Z", + "updated_at": "2024-12-09T12:28:39Z", "pushed_at": "2023-02-26T14:06:05Z", - "stargazers_count": 1176, - "watchers_count": 1176, + "stargazers_count": 1177, + "watchers_count": 1177, "has_discussions": true, "forks_count": 190, "allow_forking": true, @@ -46,7 +46,7 @@ ], "visibility": "public", "forks": 190, - "watchers": 1176, + "watchers": 1177, "score": 0, "subscribers_count": 19 }, diff --git a/2022/CVE-2022-27925.json b/2022/CVE-2022-27925.json index f1ea4d7407..0230da524a 100644 --- a/2022/CVE-2022-27925.json +++ b/2022/CVE-2022-27925.json @@ -14,10 +14,10 @@ "description": "Zimbra RCE simple poc", "fork": false, "created_at": "2022-08-12T18:35:52Z", - "updated_at": "2024-08-12T20:26:08Z", + "updated_at": "2024-12-09T12:34:59Z", "pushed_at": "2022-08-13T18:54:58Z", - "stargazers_count": 63, - "watchers_count": 63, + "stargazers_count": 64, + "watchers_count": 64, "has_discussions": false, "forks_count": 27, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 27, - "watchers": 63, + "watchers": 64, "score": 0, "subscribers_count": 3 }, @@ -273,10 +273,10 @@ "description": "CVE-2022-27925", "fork": false, "created_at": "2022-09-25T15:09:49Z", - "updated_at": "2024-09-25T02:18:08Z", + "updated_at": "2024-12-09T12:28:12Z", "pushed_at": "2022-09-25T15:10:50Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -285,7 +285,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 7, + "watchers": 8, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-21768.json b/2023/CVE-2023-21768.json index ab3e8878c7..5932869a9e 100644 --- a/2023/CVE-2023-21768.json +++ b/2023/CVE-2023-21768.json @@ -45,10 +45,10 @@ "description": "cve-2023-21768", "fork": false, "created_at": "2023-03-10T03:36:52Z", - "updated_at": "2024-10-24T16:47:31Z", + "updated_at": "2024-12-09T13:08:59Z", "pushed_at": "2023-03-10T04:03:04Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 20, + "watchers_count": 20, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 8, - "watchers": 19, + "watchers": 20, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-2255.json b/2023/CVE-2023-2255.json index 21b3d25f11..982cb9daf3 100644 --- a/2023/CVE-2023-2255.json +++ b/2023/CVE-2023-2255.json @@ -14,10 +14,10 @@ "description": "CVE-2023-2255 Libre Office ", "fork": false, "created_at": "2023-07-10T20:54:56Z", - "updated_at": "2024-12-05T17:13:20Z", + "updated_at": "2024-12-09T18:18:44Z", "pushed_at": "2023-07-10T21:00:09Z", - "stargazers_count": 55, - "watchers_count": 55, + "stargazers_count": 56, + "watchers_count": 56, "has_discussions": false, "forks_count": 12, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 12, - "watchers": 55, + "watchers": 56, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-23752.json b/2023/CVE-2023-23752.json index d8bc6066c9..e0a8f1b8ec 100644 --- a/2023/CVE-2023-23752.json +++ b/2023/CVE-2023-23752.json @@ -421,10 +421,10 @@ "description": "Joomla! < 4.2.8 - Unauthenticated information disclosure", "fork": false, "created_at": "2023-03-24T11:50:16Z", - "updated_at": "2024-12-05T17:13:24Z", + "updated_at": "2024-12-09T18:18:44Z", "pushed_at": "2023-12-27T11:30:46Z", - "stargazers_count": 78, - "watchers_count": 78, + "stargazers_count": 79, + "watchers_count": 79, "has_discussions": false, "forks_count": 17, "allow_forking": true, @@ -440,7 +440,7 @@ ], "visibility": "public", "forks": 17, - "watchers": 78, + "watchers": 79, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-3519.json b/2023/CVE-2023-3519.json index daf4b98669..3cac67703f 100644 --- a/2023/CVE-2023-3519.json +++ b/2023/CVE-2023-3519.json @@ -85,10 +85,10 @@ "description": null, "fork": false, "created_at": "2023-07-21T08:55:28Z", - "updated_at": "2024-09-27T11:59:54Z", + "updated_at": "2024-12-09T18:18:44Z", "pushed_at": "2023-07-21T09:02:23Z", - "stargazers_count": 14, - "watchers_count": 14, + "stargazers_count": 15, + "watchers_count": 15, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -97,7 +97,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 14, + "watchers": 15, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-38831.json b/2023/CVE-2023-38831.json index 699dda98dc..accdc7c05a 100644 --- a/2023/CVE-2023-38831.json +++ b/2023/CVE-2023-38831.json @@ -45,10 +45,10 @@ "description": "CVE-2023-38831 winrar exploit generator", "fork": false, "created_at": "2023-08-25T09:44:08Z", - "updated_at": "2024-12-09T01:45:15Z", + "updated_at": "2024-12-09T18:18:45Z", "pushed_at": "2023-11-26T06:46:44Z", - "stargazers_count": 782, - "watchers_count": 782, + "stargazers_count": 783, + "watchers_count": 783, "has_discussions": false, "forks_count": 139, "allow_forking": true, @@ -61,7 +61,7 @@ ], "visibility": "public", "forks": 139, - "watchers": 782, + "watchers": 783, "score": 0, "subscribers_count": 9 }, diff --git a/2024/CVE-2024-0044.json b/2024/CVE-2024-0044.json index 52d262fe73..02c2d5cdc8 100644 --- a/2024/CVE-2024-0044.json +++ b/2024/CVE-2024-0044.json @@ -45,7 +45,7 @@ "description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13", "fork": false, "created_at": "2024-06-18T12:30:53Z", - "updated_at": "2024-12-08T09:14:20Z", + "updated_at": "2024-12-09T15:35:29Z", "pushed_at": "2024-12-02T06:29:52Z", "stargazers_count": 264, "watchers_count": 264, diff --git a/2024/CVE-2024-10914.json b/2024/CVE-2024-10914.json index 08383df30d..c18b44d8e1 100644 --- a/2024/CVE-2024-10914.json +++ b/2024/CVE-2024-10914.json @@ -277,10 +277,10 @@ "description": "CVE-2024-10914 D-Link Remote Code Execution (RCE)", "fork": false, "created_at": "2024-12-06T19:03:34Z", - "updated_at": "2024-12-08T16:46:28Z", + "updated_at": "2024-12-09T12:47:31Z", "pushed_at": "2024-12-07T07:32:30Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -293,7 +293,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-11393.json b/2024/CVE-2024-11393.json index 194e3336e4..692ea56513 100644 --- a/2024/CVE-2024-11393.json +++ b/2024/CVE-2024-11393.json @@ -14,19 +14,19 @@ "description": "Technical Details and Exploit for CVE-2024-11393", "fork": false, "created_at": "2024-12-07T11:24:06Z", - "updated_at": "2024-12-08T00:31:29Z", + "updated_at": "2024-12-09T17:16:32Z", "pushed_at": "2024-12-08T00:31:25Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 0, + "forks": 1, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-12155.json b/2024/CVE-2024-12155.json index ae8cda29e3..f511640178 100644 --- a/2024/CVE-2024-12155.json +++ b/2024/CVE-2024-12155.json @@ -14,7 +14,7 @@ "description": "CVE-2024-12155 Missing Authorization (CWE-862)", "fork": false, "created_at": "2024-12-06T13:03:09Z", - "updated_at": "2024-12-06T13:15:58Z", + "updated_at": "2024-12-09T12:49:04Z", "pushed_at": "2024-12-06T13:13:21Z", "stargazers_count": 2, "watchers_count": 2, diff --git a/2024/CVE-2024-12209.json b/2024/CVE-2024-12209.json new file mode 100644 index 0000000000..d64b77133d --- /dev/null +++ b/2024/CVE-2024-12209.json @@ -0,0 +1,33 @@ +[ + { + "id": 900744942, + "name": "CVE-2024-12209", + "full_name": "RandomRobbieBF\/CVE-2024-12209", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12209", + "description": "WP Umbrella: Update Backup Restore & Monitoring <= 2.17.0 - Unauthenticated Local File Inclusion", + "fork": false, + "created_at": "2024-12-09T11:51:10Z", + "updated_at": "2024-12-09T14:21:52Z", + "pushed_at": "2024-12-09T11:52:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12270.json b/2024/CVE-2024-12270.json new file mode 100644 index 0000000000..e2d055c3bf --- /dev/null +++ b/2024/CVE-2024-12270.json @@ -0,0 +1,33 @@ +[ + { + "id": 900786065, + "name": "CVE-2024-12270", + "full_name": "RandomRobbieBF\/CVE-2024-12270", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12270", + "description": "Beautiful Taxonomy Filters <= 2.4.3 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-12-09T13:22:10Z", + "updated_at": "2024-12-09T17:13:59Z", + "pushed_at": "2024-12-09T13:24:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21413.json b/2024/CVE-2024-21413.json index 675c418eda..3b58121519 100644 --- a/2024/CVE-2024-21413.json +++ b/2024/CVE-2024-21413.json @@ -45,10 +45,10 @@ "description": "Microsoft-Outlook-Remote-Code-Execution-Vulnerability", "fork": false, "created_at": "2024-02-16T15:17:59Z", - "updated_at": "2024-12-09T09:21:37Z", + "updated_at": "2024-12-09T18:18:45Z", "pushed_at": "2024-02-19T20:00:35Z", - "stargazers_count": 707, - "watchers_count": 707, + "stargazers_count": 708, + "watchers_count": 708, "has_discussions": false, "forks_count": 153, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 153, - "watchers": 707, + "watchers": 708, "score": 0, "subscribers_count": 10 }, diff --git a/2024/CVE-2024-24549.json b/2024/CVE-2024-24549.json index 17e6a40e47..9c988badab 100644 --- a/2024/CVE-2024-24549.json +++ b/2024/CVE-2024-24549.json @@ -45,10 +45,10 @@ "description": "Proof of concept of the CVE-2024-24549, Exploit in Python. ", "fork": false, "created_at": "2024-12-09T04:59:07Z", - "updated_at": "2024-12-09T05:09:47Z", + "updated_at": "2024-12-09T17:19:08Z", "pushed_at": "2024-12-09T05:09:43Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 0 } diff --git a/2024/CVE-2024-3094.json b/2024/CVE-2024-3094.json index 6ac42e9fe6..f08b37fa74 100644 --- a/2024/CVE-2024-3094.json +++ b/2024/CVE-2024-3094.json @@ -952,10 +952,10 @@ "description": "notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)", "fork": false, "created_at": "2024-04-01T14:28:09Z", - "updated_at": "2024-12-08T04:13:39Z", + "updated_at": "2024-12-09T16:18:28Z", "pushed_at": "2024-04-03T04:58:50Z", - "stargazers_count": 3496, - "watchers_count": 3496, + "stargazers_count": 3497, + "watchers_count": 3497, "has_discussions": false, "forks_count": 239, "allow_forking": true, @@ -964,7 +964,7 @@ "topics": [], "visibility": "public", "forks": 239, - "watchers": 3496, + "watchers": 3497, "score": 0, "subscribers_count": 38 }, diff --git a/2024/CVE-2024-3400.json b/2024/CVE-2024-3400.json index 0c27f7ae45..ef9e44253e 100644 --- a/2024/CVE-2024-3400.json +++ b/2024/CVE-2024-3400.json @@ -484,13 +484,13 @@ "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 2, "score": 0, "subscribers_count": 2 diff --git a/2024/CVE-2024-38193.json b/2024/CVE-2024-38193.json index 349055c331..a3dd976753 100644 --- a/2024/CVE-2024-38193.json +++ b/2024/CVE-2024-38193.json @@ -14,19 +14,19 @@ "description": null, "fork": false, "created_at": "2024-12-03T08:56:59Z", - "updated_at": "2024-12-09T11:39:03Z", + "updated_at": "2024-12-09T16:48:45Z", "pushed_at": "2024-11-18T23:48:31Z", - "stargazers_count": 14, - "watchers_count": 14, + "stargazers_count": 20, + "watchers_count": 20, "has_discussions": false, - "forks_count": 11, + "forks_count": 14, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 11, - "watchers": 14, + "forks": 14, + "watchers": 20, "score": 0, "subscribers_count": 0 } diff --git a/2024/CVE-2024-42327.json b/2024/CVE-2024-42327.json index 1c3283f23f..e30e52bf33 100644 --- a/2024/CVE-2024-42327.json +++ b/2024/CVE-2024-42327.json @@ -14,7 +14,7 @@ "description": "cve-2024-42327 ZBX-25623", "fork": false, "created_at": "2024-12-01T00:15:27Z", - "updated_at": "2024-12-08T21:29:10Z", + "updated_at": "2024-12-09T18:27:35Z", "pushed_at": "2024-12-01T01:18:36Z", "stargazers_count": 24, "watchers_count": 24, diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index a639bcc584..5cd76fb526 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -2211,10 +2211,10 @@ "description": "Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)", "fork": false, "created_at": "2024-07-08T11:27:49Z", - "updated_at": "2024-12-08T08:25:24Z", + "updated_at": "2024-12-09T18:18:45Z", "pushed_at": "2024-08-22T08:50:25Z", - "stargazers_count": 57, - "watchers_count": 57, + "stargazers_count": 58, + "watchers_count": 58, "has_discussions": false, "forks_count": 23, "allow_forking": true, @@ -2223,7 +2223,7 @@ "topics": [], "visibility": "public", "forks": 23, - "watchers": 57, + "watchers": 58, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-9441.json b/2024/CVE-2024-9441.json index 293b784e1d..1ecb717192 100644 --- a/2024/CVE-2024-9441.json +++ b/2024/CVE-2024-9441.json @@ -96,5 +96,36 @@ "watchers": 3, "score": 0, "subscribers_count": 1 + }, + { + "id": 900915677, + "name": "CVE-2024-9441-Checker", + "full_name": "jk-mayne\/CVE-2024-9441-Checker", + "owner": { + "login": "jk-mayne", + "id": 18690206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18690206?v=4", + "html_url": "https:\/\/github.com\/jk-mayne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jk-mayne\/CVE-2024-9441-Checker", + "description": "A simple python script to test for CVE-2024-9441. ", + "fork": false, + "created_at": "2024-12-09T17:49:37Z", + "updated_at": "2024-12-09T17:50:01Z", + "pushed_at": "2024-12-09T17:49:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index 0fbfd232b8..71462d75bb 100644 --- a/README.md +++ b/README.md @@ -1861,6 +1861,7 @@ - [adhikara13/CVE-2024-9441](https://github.com/adhikara13/CVE-2024-9441) - [p33d/CVE-2024-9441](https://github.com/p33d/CVE-2024-9441) - [XiaomingX/cve-2024-9441-poc](https://github.com/XiaomingX/cve-2024-9441-poc) +- [jk-mayne/CVE-2024-9441-Checker](https://github.com/jk-mayne/CVE-2024-9441-Checker) ### CVE-2024-9464 (2024-10-09) @@ -2295,6 +2296,20 @@ - [McTavishSue/CVE-2024-12155](https://github.com/McTavishSue/CVE-2024-12155) +### CVE-2024-12209 (2024-12-08) + +The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. + + +- [RandomRobbieBF/CVE-2024-12209](https://github.com/RandomRobbieBF/CVE-2024-12209) + +### CVE-2024-12270 (2024-12-07) + +The Beautiful taxonomy filters plugin for WordPress is vulnerable to SQL Injection via the 'selects[0][term]' parameter in all versions up to, and including, 2.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-12270](https://github.com/RandomRobbieBF/CVE-2024-12270) + ### CVE-2024-12345 - [RoyaRadin/CVE-2024-12345-POC](https://github.com/RoyaRadin/CVE-2024-12345-POC) @@ -42003,6 +42018,7 @@ - [h2oa/CVE-2018-25031](https://github.com/h2oa/CVE-2018-25031) - [natpakun/SSRF-CVE-2018-25031-](https://github.com/natpakun/SSRF-CVE-2018-25031-) - [KonEch0/CVE-2018-25031-SG](https://github.com/KonEch0/CVE-2018-25031-SG) +- [Proklinius897/CVE-2018-25031-tests](https://github.com/Proklinius897/CVE-2018-25031-tests) ### CVE-2018-25032 (2022-03-25)