From 4745cca1c842ac95e4dbe11c79ff8b7300713429 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Wed, 3 Jul 2024 09:28:39 +0900 Subject: [PATCH] Auto Update 2024/07/03 00:28:39 --- 2006/CVE-2006-5051.json | 8 +- 2008/CVE-2008-4109.json | 8 +- 2014/CVE-2014-6271.json | 4 +- 2019/CVE-2019-16253.json | 8 +- 2019/CVE-2019-9053.json | 8 +- 2020/CVE-2020-0668.json | 8 +- 2020/CVE-2020-1472.json | 4 +- 2021/CVE-2021-31630.json | 8 +- 2021/CVE-2021-41773.json | 12 +- 2021/CVE-2021-43798.json | 2 +- 2021/CVE-2021-44228.json | 16 +- 2022/CVE-2022-30190.json | 24 +-- 2022/CVE-2022-34556.json | 8 +- 2022/CVE-2022-34913.json | 8 +- 2022/CVE-2022-36234.json | 8 +- 2022/CVE-2022-36752.json | 8 +- 2022/CVE-2022-41220.json | 8 +- 2022/CVE-2022-43343.json | 8 +- 2022/CVE-2022-44311.json | 8 +- 2022/CVE-2022-44312.json | 8 +- 2022/CVE-2022-44318.json | 8 +- 2022/CVE-2022-46689.json | 8 +- 2023/CVE-2023-20198.json | 8 +- 2023/CVE-2023-2375.json | 32 ++++ 2023/CVE-2023-38434.json | 8 +- 2023/CVE-2023-38632.json | 8 +- 2023/CVE-2023-40294.json | 8 +- 2023/CVE-2023-40296.json | 8 +- 2023/CVE-2023-46747.json | 8 +- 2024/CVE-2024-20399.json | 32 ++++ 2024/CVE-2024-27292.json | 8 +- 2024/CVE-2024-28995.json | 8 +- 2024/CVE-2024-2961.json | 8 +- 2024/CVE-2024-6387.json | 310 ++++++++++++++++++++++++++++++++------- README.md | 22 ++- 35 files changed, 475 insertions(+), 183 deletions(-) create mode 100644 2023/CVE-2023-2375.json create mode 100644 2024/CVE-2024-20399.json diff --git a/2006/CVE-2006-5051.json b/2006/CVE-2006-5051.json index 80db63cfb6..2de00d309c 100644 --- a/2006/CVE-2006-5051.json +++ b/2006/CVE-2006-5051.json @@ -13,10 +13,10 @@ "description": "Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 , CVE-2008-4109 and others.", "fork": false, "created_at": "2024-07-01T20:45:53Z", - "updated_at": "2024-07-02T16:57:40Z", + "updated_at": "2024-07-02T19:49:22Z", "pushed_at": "2024-07-02T10:55:06Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 16, + "watchers_count": 16, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 15, + "watchers": 16, "score": 0, "subscribers_count": 1 } diff --git a/2008/CVE-2008-4109.json b/2008/CVE-2008-4109.json index 80db63cfb6..2de00d309c 100644 --- a/2008/CVE-2008-4109.json +++ b/2008/CVE-2008-4109.json @@ -13,10 +13,10 @@ "description": "Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 , CVE-2008-4109 and others.", "fork": false, "created_at": "2024-07-01T20:45:53Z", - "updated_at": "2024-07-02T16:57:40Z", + "updated_at": "2024-07-02T19:49:22Z", "pushed_at": "2024-07-02T10:55:06Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 16, + "watchers_count": 16, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 15, + "watchers": 16, "score": 0, "subscribers_count": 1 } diff --git a/2014/CVE-2014-6271.json b/2014/CVE-2014-6271.json index 05d94391fd..d7606c56c4 100644 --- a/2014/CVE-2014-6271.json +++ b/2014/CVE-2014-6271.json @@ -2213,8 +2213,8 @@ "description": "Shellshock exploit (CVE-2014-6271)", "fork": false, "created_at": "2024-02-04T18:19:49Z", - "updated_at": "2024-04-25T19:47:41Z", - "pushed_at": "2024-04-25T19:47:38Z", + "updated_at": "2024-07-02T18:18:26Z", + "pushed_at": "2024-07-02T18:18:22Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2019/CVE-2019-16253.json b/2019/CVE-2019-16253.json index 230cefd478..1982e0749c 100644 --- a/2019/CVE-2019-16253.json +++ b/2019/CVE-2019-16253.json @@ -13,10 +13,10 @@ "description": "Exploit I discovered in October of 2022 with androids Package manager binary (pm) and the way it handled debugging flags, patched out by march 2023. Uses CVE-2019-16253 as a payload to obtain a system shell. ", "fork": false, "created_at": "2023-01-19T19:47:13Z", - "updated_at": "2024-06-26T04:54:46Z", + "updated_at": "2024-07-02T19:21:35Z", "pushed_at": "2024-03-20T19:12:39Z", - "stargazers_count": 74, - "watchers_count": 74, + "stargazers_count": 75, + "watchers_count": 75, "has_discussions": false, "forks_count": 13, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 13, - "watchers": 74, + "watchers": 75, "score": 0, "subscribers_count": 11 } diff --git a/2019/CVE-2019-9053.json b/2019/CVE-2019-9053.json index ccaf4f70fb..0ecece31e9 100644 --- a/2019/CVE-2019-9053.json +++ b/2019/CVE-2019-9053.json @@ -253,10 +253,10 @@ "description": "The exploit is edited to work with different text encodings and Python 3 and is compatible with CMSMS version 2.2.9 and below.", "fork": false, "created_at": "2023-05-29T17:59:09Z", - "updated_at": "2024-06-22T20:19:04Z", + "updated_at": "2024-07-02T19:17:17Z", "pushed_at": "2024-06-09T12:39:47Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -265,7 +265,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 }, diff --git a/2020/CVE-2020-0668.json b/2020/CVE-2020-0668.json index cb5b6bf546..f86d7b91ca 100644 --- a/2020/CVE-2020-0668.json +++ b/2020/CVE-2020-0668.json @@ -13,10 +13,10 @@ "description": "Use CVE-2020-0668 to perform an arbitrary privileged file move operation.", "fork": false, "created_at": "2020-02-20T06:22:40Z", - "updated_at": "2024-06-26T20:08:30Z", + "updated_at": "2024-07-02T21:04:11Z", "pushed_at": "2020-02-20T11:03:18Z", - "stargazers_count": 201, - "watchers_count": 201, + "stargazers_count": 202, + "watchers_count": 202, "has_discussions": false, "forks_count": 54, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 54, - "watchers": 201, + "watchers": 202, "score": 0, "subscribers_count": 7 }, diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 4c20510c1b..9142a4e01a 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -1812,13 +1812,13 @@ "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 2, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 1 diff --git a/2021/CVE-2021-31630.json b/2021/CVE-2021-31630.json index 6d83622308..ac151a4da5 100644 --- a/2021/CVE-2021-31630.json +++ b/2021/CVE-2021-31630.json @@ -73,10 +73,10 @@ "description": "Python script for exploiting command injection in Open PLC Webserver v3", "fork": false, "created_at": "2024-03-28T21:31:45Z", - "updated_at": "2024-06-19T08:17:09Z", + "updated_at": "2024-07-02T20:09:57Z", "pushed_at": "2024-03-28T22:14:23Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -90,7 +90,7 @@ ], "visibility": "public", "forks": 2, - "watchers": 11, + "watchers": 12, "score": 0, "subscribers_count": 2 }, diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json index 57a0e73d8e..7c5526b2ec 100644 --- a/2021/CVE-2021-41773.json +++ b/2021/CVE-2021-41773.json @@ -995,10 +995,10 @@ "description": "CVE-2021-41773: Path Traversal Zero-Day in Apache HTTP Server Exploited", "fork": false, "created_at": "2021-10-07T11:55:10Z", - "updated_at": "2024-03-04T01:30:32Z", + "updated_at": "2024-07-02T20:29:43Z", "pushed_at": "2021-10-10T05:19:29Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -1014,7 +1014,7 @@ ], "visibility": "public", "forks": 3, - "watchers": 3, + "watchers": 4, "score": 0, "subscribers_count": 2 }, @@ -3019,7 +3019,7 @@ "fork": false, "created_at": "2022-09-15T09:38:04Z", "updated_at": "2022-09-15T09:38:16Z", - "pushed_at": "2024-04-06T16:46:07Z", + "pushed_at": "2024-07-03T00:10:47Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, @@ -3169,7 +3169,7 @@ "fork": false, "created_at": "2022-09-15T14:17:45Z", "updated_at": "2022-09-16T01:01:16Z", - "pushed_at": "2024-04-06T22:17:37Z", + "pushed_at": "2024-07-02T22:24:15Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, diff --git a/2021/CVE-2021-43798.json b/2021/CVE-2021-43798.json index 8be17d0095..a8392db367 100644 --- a/2021/CVE-2021-43798.json +++ b/2021/CVE-2021-43798.json @@ -1395,6 +1395,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index fc06fd5006..f9e48c801f 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -3636,10 +3636,10 @@ "description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ", "fork": false, "created_at": "2021-12-13T03:57:50Z", - "updated_at": "2024-06-29T20:20:05Z", + "updated_at": "2024-07-02T20:09:08Z", "pushed_at": "2022-11-23T18:23:24Z", - "stargazers_count": 3378, - "watchers_count": 3378, + "stargazers_count": 3379, + "watchers_count": 3379, "has_discussions": true, "forks_count": 740, "allow_forking": true, @@ -3648,7 +3648,7 @@ "topics": [], "visibility": "public", "forks": 740, - "watchers": 3378, + "watchers": 3379, "score": 0, "subscribers_count": 57 }, @@ -6548,10 +6548,10 @@ "description": "Apache Log4j Zero Day Vulnerability aka Log4Shell aka CVE-2021-44228", "fork": false, "created_at": "2021-12-15T10:55:35Z", - "updated_at": "2022-08-08T14:05:52Z", + "updated_at": "2024-07-02T20:27:26Z", "pushed_at": "2021-12-15T16:29:14Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -6560,7 +6560,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 7, + "watchers": 8, "score": 0, "subscribers_count": 6 }, diff --git a/2022/CVE-2022-30190.json b/2022/CVE-2022-30190.json index eda7dafaa5..a355c7f2a3 100644 --- a/2022/CVE-2022-30190.json +++ b/2022/CVE-2022-30190.json @@ -1561,10 +1561,10 @@ "description": "Exploit Microsoft Zero-Day Vulnerability Follina (CVE-2022-30190)", "fork": false, "created_at": "2022-06-09T09:32:10Z", - "updated_at": "2024-06-24T07:05:46Z", + "updated_at": "2024-07-02T20:25:55Z", "pushed_at": "2022-06-16T07:28:13Z", - "stargazers_count": 26, - "watchers_count": 26, + "stargazers_count": 27, + "watchers_count": 27, "has_discussions": false, "forks_count": 14, "allow_forking": true, @@ -1583,7 +1583,7 @@ ], "visibility": "public", "forks": 14, - "watchers": 26, + "watchers": 27, "score": 0, "subscribers_count": 2 }, @@ -2286,10 +2286,10 @@ "description": "A Command Line based python tool for exploit Zero-Day vulnerability in MSDT (Microsoft Support Diagnostic Tool) also know as 'Follina' CVE-2022-30190.", "fork": false, "created_at": "2022-11-19T18:09:47Z", - "updated_at": "2024-05-15T06:21:19Z", + "updated_at": "2024-07-02T20:29:31Z", "pushed_at": "2022-11-19T18:41:57Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -2298,7 +2298,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 9, + "watchers": 10, "score": 0, "subscribers_count": 1 }, @@ -2466,10 +2466,10 @@ "description": "Follina (CVE-2022-30190) is a Microsoft Office zero-day vulnerability that has recently been discovered. It’s a high-severity vulnerability that hackers can leverage for remote code execution (RCE) attacks.", "fork": false, "created_at": "2023-05-14T13:38:43Z", - "updated_at": "2024-05-19T22:43:57Z", + "updated_at": "2024-07-02T20:28:39Z", "pushed_at": "2023-05-14T13:45:18Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 6, + "watchers_count": 6, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -2478,7 +2478,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 5, + "watchers": 6, "score": 0, "subscribers_count": 1 }, diff --git a/2022/CVE-2022-34556.json b/2022/CVE-2022-34556.json index 52a8316e34..203e214a9b 100644 --- a/2022/CVE-2022-34556.json +++ b/2022/CVE-2022-34556.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2022-34556", "fork": false, "created_at": "2023-01-31T22:07:50Z", - "updated_at": "2023-01-31T22:18:14Z", + "updated_at": "2024-07-02T20:34:40Z", "pushed_at": "2023-01-31T22:31:39Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-34913.json b/2022/CVE-2022-34913.json index 0c42ab8e67..d840bcb451 100644 --- a/2022/CVE-2022-34913.json +++ b/2022/CVE-2022-34913.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2022-34913", "fork": false, "created_at": "2023-01-31T22:37:29Z", - "updated_at": "2023-01-31T22:37:29Z", + "updated_at": "2024-07-02T20:34:32Z", "pushed_at": "2023-01-31T23:00:35Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-36234.json b/2022/CVE-2022-36234.json index 700d3921cc..fbc3d8cd3f 100644 --- a/2022/CVE-2022-36234.json +++ b/2022/CVE-2022-36234.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2022-36234", "fork": false, "created_at": "2023-01-31T20:59:35Z", - "updated_at": "2023-03-31T19:14:37Z", + "updated_at": "2024-07-02T20:33:25Z", "pushed_at": "2023-07-19T16:13:01Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-36752.json b/2022/CVE-2022-36752.json index e7f8d565da..0b27faee90 100644 --- a/2022/CVE-2022-36752.json +++ b/2022/CVE-2022-36752.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2022-36752", "fork": false, "created_at": "2023-01-31T23:14:06Z", - "updated_at": "2023-01-31T23:14:06Z", + "updated_at": "2024-07-02T20:34:25Z", "pushed_at": "2023-01-31T23:51:30Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-41220.json b/2022/CVE-2022-41220.json index 4ecb4f6746..04795afb86 100644 --- a/2022/CVE-2022-41220.json +++ b/2022/CVE-2022-41220.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2022-41220", "fork": false, "created_at": "2023-01-31T23:05:31Z", - "updated_at": "2023-01-31T23:05:31Z", + "updated_at": "2024-07-02T20:33:18Z", "pushed_at": "2023-07-27T23:01:05Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-43343.json b/2022/CVE-2022-43343.json index e84c92370d..56d27ae609 100644 --- a/2022/CVE-2022-43343.json +++ b/2022/CVE-2022-43343.json @@ -13,10 +13,10 @@ "description": "Proof of concept for (CVE-2022-43343)", "fork": false, "created_at": "2023-02-01T00:33:57Z", - "updated_at": "2023-02-01T00:33:57Z", + "updated_at": "2024-07-02T20:34:09Z", "pushed_at": "2023-02-01T00:54:27Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-44311.json b/2022/CVE-2022-44311.json index d3333f28c2..805aa0b9af 100644 --- a/2022/CVE-2022-44311.json +++ b/2022/CVE-2022-44311.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2022-44311", "fork": false, "created_at": "2023-01-31T23:53:39Z", - "updated_at": "2023-01-31T23:53:39Z", + "updated_at": "2024-07-02T20:34:18Z", "pushed_at": "2023-02-01T00:32:46Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 }, diff --git a/2022/CVE-2022-44312.json b/2022/CVE-2022-44312.json index 6b5625ce78..3537f4e5e2 100644 --- a/2022/CVE-2022-44312.json +++ b/2022/CVE-2022-44312.json @@ -13,10 +13,10 @@ "description": "Reproduction files for CVE-2022-44312 through CVE-2022-44321", "fork": false, "created_at": "2023-06-23T00:16:52Z", - "updated_at": "2023-06-23T00:16:52Z", + "updated_at": "2024-07-02T20:33:00Z", "pushed_at": "2023-08-14T01:35:37Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-44318.json b/2022/CVE-2022-44318.json index 0816be8538..0d9abcd36e 100644 --- a/2022/CVE-2022-44318.json +++ b/2022/CVE-2022-44318.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2022-44318", "fork": false, "created_at": "2023-02-01T01:00:33Z", - "updated_at": "2023-02-01T01:01:43Z", + "updated_at": "2024-07-02T20:33:56Z", "pushed_at": "2023-02-01T01:13:26Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index b204095997..5596ff73df 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -103,10 +103,10 @@ "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", "fork": false, "created_at": "2022-12-26T06:56:35Z", - "updated_at": "2024-06-15T06:14:59Z", + "updated_at": "2024-07-02T23:24:11Z", "pushed_at": "2023-08-02T09:35:14Z", - "stargazers_count": 873, - "watchers_count": 873, + "stargazers_count": 874, + "watchers_count": 874, "has_discussions": false, "forks_count": 70, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 70, - "watchers": 873, + "watchers": 874, "score": 0, "subscribers_count": 25 }, diff --git a/2023/CVE-2023-20198.json b/2023/CVE-2023-20198.json index 2d60a8923f..e756fbc54f 100644 --- a/2023/CVE-2023-20198.json +++ b/2023/CVE-2023-20198.json @@ -562,10 +562,10 @@ "description": "An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS routers ", "fork": false, "created_at": "2023-11-03T13:05:59Z", - "updated_at": "2024-05-27T02:50:37Z", + "updated_at": "2024-07-02T20:29:59Z", "pushed_at": "2023-11-03T13:54:43Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -574,7 +574,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 3, + "watchers": 4, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-2375.json b/2023/CVE-2023-2375.json new file mode 100644 index 0000000000..90ed61bb3f --- /dev/null +++ b/2023/CVE-2023-2375.json @@ -0,0 +1,32 @@ +[ + { + "id": 823381127, + "name": "HTB-Devvortex-CVE-2023-2375-PoC", + "full_name": "0x0jr\/HTB-Devvortex-CVE-2023-2375-PoC", + "owner": { + "login": "0x0jr", + "id": 166342298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166342298?v=4", + "html_url": "https:\/\/github.com\/0x0jr" + }, + "html_url": "https:\/\/github.com\/0x0jr\/HTB-Devvortex-CVE-2023-2375-PoC", + "description": "CVE-2023-23752 Unauthenticated Information Disclosure Showcase Using Devvortex From HTB.", + "fork": false, + "created_at": "2024-07-02T23:50:31Z", + "updated_at": "2024-07-02T23:59:34Z", + "pushed_at": "2024-07-02T23:59:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-38434.json b/2023/CVE-2023-38434.json index 31840fac3a..f9bd7b48c5 100644 --- a/2023/CVE-2023-38434.json +++ b/2023/CVE-2023-38434.json @@ -13,10 +13,10 @@ "description": "Proof of Concept for CVE-2023-38434", "fork": false, "created_at": "2023-07-18T16:09:04Z", - "updated_at": "2023-07-18T16:09:06Z", + "updated_at": "2024-07-02T20:33:32Z", "pushed_at": "2023-07-18T16:27:30Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-38632.json b/2023/CVE-2023-38632.json index 6b22598919..8440fc2b14 100644 --- a/2023/CVE-2023-38632.json +++ b/2023/CVE-2023-38632.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2023-38632", "fork": false, "created_at": "2023-07-21T05:03:57Z", - "updated_at": "2023-07-22T21:41:48Z", + "updated_at": "2024-07-02T20:33:08Z", "pushed_at": "2023-08-02T14:42:57Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-40294.json b/2023/CVE-2023-40294.json index 2fbb01bf12..a7cf69a443 100644 --- a/2023/CVE-2023-40294.json +++ b/2023/CVE-2023-40294.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2023-40294 and CVE-2023-40295", "fork": false, "created_at": "2023-08-14T05:12:05Z", - "updated_at": "2023-08-14T05:12:06Z", + "updated_at": "2024-07-02T20:32:50Z", "pushed_at": "2023-08-14T05:14:59Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-40296.json b/2023/CVE-2023-40296.json index 03de5cf05f..9404a1707b 100644 --- a/2023/CVE-2023-40296.json +++ b/2023/CVE-2023-40296.json @@ -13,10 +13,10 @@ "description": "Proof of Concept for CVE-2023-40296", "fork": false, "created_at": "2023-08-14T05:21:27Z", - "updated_at": "2023-08-14T05:21:27Z", + "updated_at": "2024-07-02T20:32:43Z", "pushed_at": "2023-08-14T05:24:23Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-46747.json b/2023/CVE-2023-46747.json index bf234b1da2..c5e7efcf1c 100644 --- a/2023/CVE-2023-46747.json +++ b/2023/CVE-2023-46747.json @@ -43,10 +43,10 @@ "description": "exploit for f5-big-ip RCE cve-2023-46747", "fork": false, "created_at": "2023-11-01T09:31:05Z", - "updated_at": "2024-06-24T02:21:12Z", + "updated_at": "2024-07-02T19:21:16Z", "pushed_at": "2024-03-26T03:01:04Z", - "stargazers_count": 199, - "watchers_count": 199, + "stargazers_count": 200, + "watchers_count": 200, "has_discussions": false, "forks_count": 45, "allow_forking": true, @@ -61,7 +61,7 @@ ], "visibility": "public", "forks": 45, - "watchers": 199, + "watchers": 200, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-20399.json b/2024/CVE-2024-20399.json new file mode 100644 index 0000000000..bb7847b712 --- /dev/null +++ b/2024/CVE-2024-20399.json @@ -0,0 +1,32 @@ +[ + { + "id": 823378897, + "name": "CVE-2024-20399-Cisco-RCE", + "full_name": "Blootus\/CVE-2024-20399-Cisco-RCE", + "owner": { + "login": "Blootus", + "id": 174553869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174553869?v=4", + "html_url": "https:\/\/github.com\/Blootus" + }, + "html_url": "https:\/\/github.com\/Blootus\/CVE-2024-20399-Cisco-RCE", + "description": "Private exploit for Cisco Nexus giving RCE", + "fork": false, + "created_at": "2024-07-02T23:40:49Z", + "updated_at": "2024-07-02T23:48:04Z", + "pushed_at": "2024-07-02T23:47:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27292.json b/2024/CVE-2024-27292.json index afd8ea81fb..92a40948fd 100644 --- a/2024/CVE-2024-27292.json +++ b/2024/CVE-2024-27292.json @@ -13,10 +13,10 @@ "description": "CVE-2024-27292 : Docassemble V1.4.96 Unauthenticated Path Traversal", "fork": false, "created_at": "2024-07-02T04:41:35Z", - "updated_at": "2024-07-02T12:50:51Z", + "updated_at": "2024-07-02T22:22:20Z", "pushed_at": "2024-07-02T11:39:54Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 0 } diff --git a/2024/CVE-2024-28995.json b/2024/CVE-2024-28995.json index 351c96245b..2f7a325477 100644 --- a/2024/CVE-2024-28995.json +++ b/2024/CVE-2024-28995.json @@ -223,10 +223,10 @@ "description": "CVE-2024-28955 Exploitation PoC ", "fork": false, "created_at": "2024-07-01T11:49:51Z", - "updated_at": "2024-07-02T18:31:46Z", + "updated_at": "2024-07-02T20:00:26Z", "pushed_at": "2024-07-01T12:53:21Z", - "stargazers_count": 17, - "watchers_count": 17, + "stargazers_count": 18, + "watchers_count": 18, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -244,7 +244,7 @@ ], "visibility": "public", "forks": 2, - "watchers": 17, + "watchers": 18, "score": 0, "subscribers_count": 2 } diff --git a/2024/CVE-2024-2961.json b/2024/CVE-2024-2961.json index 9ff5f9c552..9d7c832887 100644 --- a/2024/CVE-2024-2961.json +++ b/2024/CVE-2024-2961.json @@ -73,10 +73,10 @@ "description": "Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()", "fork": false, "created_at": "2024-05-27T08:30:06Z", - "updated_at": "2024-07-02T03:07:52Z", + "updated_at": "2024-07-02T18:44:18Z", "pushed_at": "2024-06-17T08:10:13Z", - "stargazers_count": 296, - "watchers_count": 296, + "stargazers_count": 297, + "watchers_count": 297, "has_discussions": false, "forks_count": 31, "allow_forking": true, @@ -85,7 +85,7 @@ "topics": [], "visibility": "public", "forks": 31, - "watchers": 296, + "watchers": 297, "score": 0, "subscribers_count": 8 }, diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index c4140917fd..299a18d2a3 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -56,19 +56,19 @@ "description": "a signal handler race condition in OpenSSH's server (sshd)", "fork": false, "created_at": "2024-07-01T10:55:29Z", - "updated_at": "2024-07-02T18:33:52Z", + "updated_at": "2024-07-03T00:27:23Z", "pushed_at": "2024-07-01T10:54:02Z", - "stargazers_count": 282, - "watchers_count": 282, + "stargazers_count": 300, + "watchers_count": 300, "has_discussions": false, - "forks_count": 160, + "forks_count": 163, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 160, - "watchers": 282, + "forks": 163, + "watchers": 300, "score": 0, "subscribers_count": 3 }, @@ -86,19 +86,19 @@ "description": "32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo\/cve-2024-6387-poc", "fork": false, "created_at": "2024-07-01T12:16:21Z", - "updated_at": "2024-07-02T16:59:11Z", + "updated_at": "2024-07-02T20:25:02Z", "pushed_at": "2024-07-01T12:25:01Z", - "stargazers_count": 93, - "watchers_count": 93, + "stargazers_count": 95, + "watchers_count": 95, "has_discussions": false, - "forks_count": 45, + "forks_count": 46, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 45, - "watchers": 93, + "forks": 46, + "watchers": 95, "score": 0, "subscribers_count": 3 }, @@ -116,12 +116,12 @@ "description": "32-bit PoC for CVE-2024-6387 \"regreSSHion\" -- mirror of the original 7etsuo\/cve-2024-6387-poc", "fork": false, "created_at": "2024-07-01T12:26:40Z", - "updated_at": "2024-07-02T17:44:47Z", + "updated_at": "2024-07-02T20:52:21Z", "pushed_at": "2024-07-01T14:16:36Z", - "stargazers_count": 49, - "watchers_count": 49, + "stargazers_count": 52, + "watchers_count": 52, "has_discussions": false, - "forks_count": 27, + "forks_count": 28, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -134,8 +134,8 @@ "ssh" ], "visibility": "public", - "forks": 27, - "watchers": 49, + "forks": 28, + "watchers": 52, "score": 0, "subscribers_count": 2 }, @@ -183,10 +183,10 @@ "description": null, "fork": false, "created_at": "2024-07-01T12:51:18Z", - "updated_at": "2024-07-02T16:34:53Z", + "updated_at": "2024-07-02T21:12:21Z", "pushed_at": "2024-07-01T13:34:47Z", - "stargazers_count": 10, - "watchers_count": 10, + "stargazers_count": 11, + "watchers_count": 11, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -195,7 +195,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 10, + "watchers": 11, "score": 0, "subscribers_count": 1 }, @@ -303,19 +303,19 @@ "description": "CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH", "fork": false, "created_at": "2024-07-01T20:33:20Z", - "updated_at": "2024-07-02T18:33:57Z", - "pushed_at": "2024-07-02T17:20:15Z", - "stargazers_count": 177, - "watchers_count": 177, + "updated_at": "2024-07-03T00:20:10Z", + "pushed_at": "2024-07-02T20:39:05Z", + "stargazers_count": 198, + "watchers_count": 198, "has_discussions": false, - "forks_count": 45, + "forks_count": 49, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 45, - "watchers": 177, + "forks": 49, + "watchers": 198, "score": 0, "subscribers_count": 1 }, @@ -333,10 +333,10 @@ "description": "Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 , CVE-2008-4109 and others.", "fork": false, "created_at": "2024-07-01T20:45:53Z", - "updated_at": "2024-07-02T16:57:40Z", + "updated_at": "2024-07-02T19:49:22Z", "pushed_at": "2024-07-02T10:55:06Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 16, + "watchers_count": 16, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -345,7 +345,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 15, + "watchers": 16, "score": 0, "subscribers_count": 1 }, @@ -543,10 +543,10 @@ "description": "Recently, the OpenSSH maintainers released security updates to fix a critical vulnerability that could lead to unauthenticated remote code execution (RCE) with root privileges. This vulnerability, identified as CVE-2024-6387, resides in the OpenSSH server component (sshd), which is designed to listen for connections from client applications.", "fork": false, "created_at": "2024-07-02T02:51:37Z", - "updated_at": "2024-07-02T10:20:04Z", + "updated_at": "2024-07-03T00:08:47Z", "pushed_at": "2024-07-02T03:23:00Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -555,7 +555,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 0 }, @@ -913,10 +913,10 @@ "description": "CVE-2024-6387-nmap", "fork": false, "created_at": "2024-07-02T08:19:55Z", - "updated_at": "2024-07-02T08:26:50Z", + "updated_at": "2024-07-02T22:42:52Z", "pushed_at": "2024-07-02T08:26:46Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -925,7 +925,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 0 }, @@ -1120,22 +1120,32 @@ "html_url": "https:\/\/github.com\/devarshishimpi" }, "html_url": "https:\/\/github.com\/devarshishimpi\/CVE-2024-6387-Check", - "description": null, + "description": "CVE-2024-6387 Checker is a fast, efficient tool for detecting OpenSSH servers vulnerable to the regreSSHion exploit. It quickly scans multiple IPs, domain names, and CIDR ranges to identify risks and help secure your infrastructure.", "fork": false, "created_at": "2024-07-02T11:55:39Z", - "updated_at": "2024-07-02T11:55:42Z", - "pushed_at": "2024-07-02T11:55:39Z", - "stargazers_count": 0, - "watchers_count": 0, + "updated_at": "2024-07-02T23:33:17Z", + "pushed_at": "2024-07-02T23:32:12Z", + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "bash", + "cve-2024-6387", + "cve-2024-6387-checker", + "devarshishimpi", + "openssh", + "regresshion", + "ssh", + "vulnerability-detection", + "vulnerability-scanners" + ], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 0 }, @@ -1291,7 +1301,7 @@ "description": "CVE-2024-6387 (regreSSHion) Exploit (PoC), a vulnerability in OpenSSH's server (sshd) on glibc-based Linux systems.", "fork": false, "created_at": "2024-07-02T14:41:43Z", - "updated_at": "2024-07-02T18:04:44Z", + "updated_at": "2024-07-02T19:08:59Z", "pushed_at": "2024-07-02T15:16:04Z", "stargazers_count": 0, "watchers_count": 0, @@ -1304,6 +1314,7 @@ "c", "cve-2024-6387", "exploit", + "glibc", "linux", "openssh", "poc", @@ -1480,8 +1491,205 @@ "description": "PoC - Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387) ", "fork": false, "created_at": "2024-07-02T18:32:46Z", - "updated_at": "2024-07-02T18:34:03Z", - "pushed_at": "2024-07-02T18:33:59Z", + "updated_at": "2024-07-03T00:03:53Z", + "pushed_at": "2024-07-03T00:03:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-6387", + "exploit", + "openssh-server", + "payload", + "poc", + "python3", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 823291064, + "name": "CVE-2024-6387-Checker", + "full_name": "RickGeex\/CVE-2024-6387-Checker", + "owner": { + "login": "RickGeex", + "id": 7975904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7975904?v=4", + "html_url": "https:\/\/github.com\/RickGeex" + }, + "html_url": "https:\/\/github.com\/RickGeex\/CVE-2024-6387-Checker", + "description": "CVE-2024-6387-Check is a streamlined and efficient tool created to detect servers operating on vulnerable versions of OpenSSH.", + "fork": false, + "created_at": "2024-07-02T18:46:24Z", + "updated_at": "2024-07-02T20:32:50Z", + "pushed_at": "2024-07-02T20:32:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 823296113, + "name": "regreSSHion-checker", + "full_name": "xonoxitron\/regreSSHion-checker", + "owner": { + "login": "xonoxitron", + "id": 7057784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7057784?v=4", + "html_url": "https:\/\/github.com\/xonoxitron" + }, + "html_url": "https:\/\/github.com\/xonoxitron\/regreSSHion-checker", + "description": "Quickly identifies servers vulnerable to OpenSSH 'regreSSHion' (CVE-2024-6387).", + "fork": false, + "created_at": "2024-07-02T18:59:54Z", + "updated_at": "2024-07-02T19:09:13Z", + "pushed_at": "2024-07-02T19:06:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "glibc", + "golang", + "linux", + "openssh", + "regresshion", + "sshd" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 823323116, + "name": "cve-2024-6387-nuclei-template", + "full_name": "BrandonLynch2402\/cve-2024-6387-nuclei-template", + "owner": { + "login": "BrandonLynch2402", + "id": 19439875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19439875?v=4", + "html_url": "https:\/\/github.com\/BrandonLynch2402" + }, + "html_url": "https:\/\/github.com\/BrandonLynch2402\/cve-2024-6387-nuclei-template", + "description": null, + "fork": false, + "created_at": "2024-07-02T20:19:12Z", + "updated_at": "2024-07-02T23:03:06Z", + "pushed_at": "2024-07-02T20:28:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 823328220, + "name": "CVE-2024-6387_Check", + "full_name": "edsonjt81\/CVE-2024-6387_Check", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2024-6387_Check", + "description": null, + "fork": false, + "created_at": "2024-07-02T20:35:53Z", + "updated_at": "2024-07-02T20:38:08Z", + "pushed_at": "2024-07-02T20:38:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 823339380, + "name": "CVE-2024-6387-regreSSHion-Checker", + "full_name": "EkaterinaMarchetti\/CVE-2024-6387-regreSSHion-Checker", + "owner": { + "login": "EkaterinaMarchetti", + "id": 166263130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166263130?v=4", + "html_url": "https:\/\/github.com\/EkaterinaMarchetti" + }, + "html_url": "https:\/\/github.com\/EkaterinaMarchetti\/CVE-2024-6387-regreSSHion-Checker", + "description": null, + "fork": false, + "created_at": "2024-07-02T21:13:45Z", + "updated_at": "2024-07-02T21:13:46Z", + "pushed_at": "2024-07-02T21:13:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 823340268, + "name": "CVE-2024-6387-Tester", + "full_name": "grupooruss\/CVE-2024-6387-Tester", + "owner": { + "login": "grupooruss", + "id": 43943489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43943489?v=4", + "html_url": "https:\/\/github.com\/grupooruss" + }, + "html_url": "https:\/\/github.com\/grupooruss\/CVE-2024-6387-Tester", + "description": "regreSSHion vulnerability in OpenSSH CVE-2024-6387 Testing Script", + "fork": false, + "created_at": "2024-07-02T21:16:45Z", + "updated_at": "2024-07-02T21:30:15Z", + "pushed_at": "2024-07-02T21:30:12Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/README.md b/README.md index 6f86d0da24..b2f02abd10 100644 --- a/README.md +++ b/README.md @@ -869,7 +869,7 @@ ### CVE-2024-6387 (2024-07-01) -A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). +A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. - [theaog/spirit](https://github.com/theaog/spirit) @@ -920,6 +920,12 @@ - [th3gokul/CVE-2024-6387](https://github.com/th3gokul/CVE-2024-6387) - [n1cks0n/Test_CVE-2024-6387](https://github.com/n1cks0n/Test_CVE-2024-6387) - [l0n3m4n/CVE-2024-6387](https://github.com/l0n3m4n/CVE-2024-6387) +- [RickGeex/CVE-2024-6387-Checker](https://github.com/RickGeex/CVE-2024-6387-Checker) +- [xonoxitron/regreSSHion-checker](https://github.com/xonoxitron/regreSSHion-checker) +- [BrandonLynch2402/cve-2024-6387-nuclei-template](https://github.com/BrandonLynch2402/cve-2024-6387-nuclei-template) +- [edsonjt81/CVE-2024-6387_Check](https://github.com/edsonjt81/CVE-2024-6387_Check) +- [EkaterinaMarchetti/CVE-2024-6387-regreSSHion-Checker](https://github.com/EkaterinaMarchetti/CVE-2024-6387-regreSSHion-Checker) +- [grupooruss/CVE-2024-6387-Tester](https://github.com/grupooruss/CVE-2024-6387-Tester) ### CVE-2024-12883 - [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883) @@ -946,6 +952,13 @@ - [nettitude/CVE-2024-20356](https://github.com/nettitude/CVE-2024-20356) - [SherllyNeo/CVE_2024_20356](https://github.com/SherllyNeo/CVE_2024_20356) +### CVE-2024-20399 (2024-07-01) + +A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device.\r\n\r This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.\r\n\r Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. + + +- [Blootus/CVE-2024-20399-Cisco-RCE](https://github.com/Blootus/CVE-2024-20399-Cisco-RCE) + ### CVE-2024-20404 (2024-06-05) A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device. @@ -3556,6 +3569,13 @@ - [elweth-sec/CVE-2023-2255](https://github.com/elweth-sec/CVE-2023-2255) - [SaintMichae64/CVE-2023-2255](https://github.com/SaintMichae64/CVE-2023-2255) +### CVE-2023-2375 (2023-04-28) + +Eine kritische Schwachstelle wurde in Ubiquiti EdgeRouter X bis 2.0.9-hotfix.6 gefunden. Es geht hierbei um eine nicht näher spezifizierte Funktion der Komponente Web Management Interface. Mittels Manipulieren des Arguments src mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [0x0jr/HTB-Devvortex-CVE-2023-2375-PoC](https://github.com/0x0jr/HTB-Devvortex-CVE-2023-2375-PoC) + ### CVE-2023-2437 (2023-11-22) The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. An attacker can leverage CVE-2023-2448 and CVE-2023-2446 to get the user's email address to successfully exploit this vulnerability.