From 4eaa5360f9955e2dc915c4017edcb4b4c8e97201 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Wed, 1 May 2024 09:27:38 +0900 Subject: [PATCH] Auto Update 2024/05/01 00:27:38 --- 2006/CVE-2006-3392.json | 8 ++++---- 2013/CVE-2013-3827.json | 32 -------------------------------- 2016/CVE-2016-10956.json | 8 ++++---- 2017/CVE-2017-0144.json | 8 ++++---- 2017/CVE-2017-12149.json | 30 ++++++++++++++++++++++++++++++ 2017/CVE-2017-7494.json | 8 ++++---- 2018/CVE-2018-13382.json | 8 ++++---- 2018/CVE-2018-25031.json | 30 ------------------------------ 2018/CVE-2018-6789.json | 30 ------------------------------ 2018/CVE-2018-7600.json | 8 ++++---- 2019/CVE-2019-18634.json | 8 ++++---- 2019/CVE-2019-8781.json | 8 ++++---- 2021/CVE-2021-21972.json | 12 ++++++------ 2021/CVE-2021-4034.json | 8 ++++---- 2022/CVE-2022-0847.json | 8 ++++---- 2022/CVE-2022-28219.json | 8 ++++---- 2022/CVE-2022-40684.json | 12 ++++++------ 2022/CVE-2022-47966.json | 8 ++++---- 2023/CVE-2023-20198.json | 8 ++++---- 2023/CVE-2023-27532.json | 12 ++++++------ 2023/CVE-2023-34051.json | 8 ++++---- 2023/CVE-2023-34362.json | 12 ++++++------ 2023/CVE-2023-36844.json | 12 ++++++------ 2023/CVE-2023-38035.json | 12 ++++++------ 2023/CVE-2023-48788.json | 12 ++++++------ 2024/CVE-2024-0204.json | 12 ++++++------ 2024/CVE-2024-1086.json | 8 ++++---- 2024/CVE-2024-1403.json | 12 ++++++------ 2024/CVE-2024-21762.json | 8 ++++---- 2024/CVE-2024-25600.json | 8 ++++---- 2024/CVE-2024-26218.json | 8 ++++---- 2024/CVE-2024-3094.json | 8 ++++---- 2024/CVE-2024-32766.json | 32 ++++++++++++++++++++++++++++++++ 2024/CVE-2024-3400.json | 8 ++++---- README.md | 17 ++++++++--------- 35 files changed, 204 insertions(+), 235 deletions(-) delete mode 100644 2013/CVE-2013-3827.json create mode 100644 2024/CVE-2024-32766.json diff --git a/2006/CVE-2006-3392.json b/2006/CVE-2006-3392.json index ad9eb41e4e..b5d0d0dea8 100644 --- a/2006/CVE-2006-3392.json +++ b/2006/CVE-2006-3392.json @@ -43,10 +43,10 @@ "description": "This small script helps to avoid using MetaSploit (msfconsole) during the Enterprise pentests and OSCP-like exams. Grep included function will help you to get only the important information.", "fork": false, "created_at": "2020-12-04T11:44:22Z", - "updated_at": "2023-06-27T00:46:27Z", + "updated_at": "2024-04-30T19:19:30Z", "pushed_at": "2023-03-09T17:44:39Z", - "stargazers_count": 12, - "watchers_count": 12, + "stargazers_count": 13, + "watchers_count": 13, "has_discussions": true, "forks_count": 4, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 12, + "watchers": 13, "score": 0, "subscribers_count": 1 }, diff --git a/2013/CVE-2013-3827.json b/2013/CVE-2013-3827.json deleted file mode 100644 index 374e3bcf65..0000000000 --- a/2013/CVE-2013-3827.json +++ /dev/null @@ -1,32 +0,0 @@ -[ - { - "id": 674938712, - "name": "CVE-2013-3827", - "full_name": "thistehneisen\/CVE-2013-3827", - "owner": { - "login": "thistehneisen", - "id": 6432992, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6432992?v=4", - "html_url": "https:\/\/github.com\/thistehneisen" - }, - "html_url": "https:\/\/github.com\/thistehneisen\/CVE-2013-3827", - "description": "Quick PoC checker for common configurations that might be available via directory traversal due to CVE-2013-3827", - "fork": false, - "created_at": "2023-08-05T08:26:22Z", - "updated_at": "2023-08-05T08:29:17Z", - "pushed_at": "2023-08-05T08:29:14Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 1, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 1, - "watchers": 0, - "score": 0, - "subscribers_count": 2 - } -] \ No newline at end of file diff --git a/2016/CVE-2016-10956.json b/2016/CVE-2016-10956.json index e8e28f6608..a3a7785c2c 100644 --- a/2016/CVE-2016-10956.json +++ b/2016/CVE-2016-10956.json @@ -13,10 +13,10 @@ "description": "MailMasta wordpress plugin Local File Inclusion vulnerability (CVE-2016-10956)", "fork": false, "created_at": "2021-12-10T16:06:46Z", - "updated_at": "2024-04-25T09:29:29Z", + "updated_at": "2024-04-30T19:27:19Z", "pushed_at": "2022-05-03T10:37:18Z", - "stargazers_count": 13, - "watchers_count": 13, + "stargazers_count": 14, + "watchers_count": 14, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -33,7 +33,7 @@ ], "visibility": "public", "forks": 2, - "watchers": 13, + "watchers": 14, "score": 0, "subscribers_count": 2 } diff --git a/2017/CVE-2017-0144.json b/2017/CVE-2017-0144.json index b589583526..a589374543 100644 --- a/2017/CVE-2017-0144.json +++ b/2017/CVE-2017-0144.json @@ -13,10 +13,10 @@ "description": "An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance)", "fork": false, "created_at": "2017-07-16T19:44:04Z", - "updated_at": "2024-04-24T17:26:03Z", + "updated_at": "2024-04-30T18:13:44Z", "pushed_at": "2023-09-10T20:29:05Z", - "stargazers_count": 314, - "watchers_count": 314, + "stargazers_count": 313, + "watchers_count": 313, "has_discussions": false, "forks_count": 105, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 105, - "watchers": 314, + "watchers": 313, "score": 0, "subscribers_count": 22 }, diff --git a/2017/CVE-2017-12149.json b/2017/CVE-2017-12149.json index b00d655403..c6ed34ca26 100644 --- a/2017/CVE-2017-12149.json +++ b/2017/CVE-2017-12149.json @@ -208,5 +208,35 @@ "watchers": 0, "score": 0, "subscribers_count": 2 + }, + { + "id": 794249748, + "name": "CVE-2017-12149", + "full_name": "JesseClarkND\/CVE-2017-12149", + "owner": { + "login": "JesseClarkND", + "id": 7518924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7518924?v=4", + "html_url": "https:\/\/github.com\/JesseClarkND" + }, + "html_url": "https:\/\/github.com\/JesseClarkND\/CVE-2017-12149", + "description": "Update of https:\/\/github.com\/1337g\/CVE-2017-12149 to work with python3", + "fork": false, + "created_at": "2024-04-30T18:40:48Z", + "updated_at": "2024-04-30T18:41:54Z", + "pushed_at": "2024-04-30T18:41:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-7494.json b/2017/CVE-2017-7494.json index 16e6329103..e622d3345c 100644 --- a/2017/CVE-2017-7494.json +++ b/2017/CVE-2017-7494.json @@ -169,10 +169,10 @@ "description": "Remote root exploit for the SAMBA CVE-2017-7494 vulnerability", "fork": false, "created_at": "2017-06-05T16:25:57Z", - "updated_at": "2024-03-27T20:05:20Z", + "updated_at": "2024-04-30T18:13:43Z", "pushed_at": "2021-03-09T09:12:55Z", - "stargazers_count": 259, - "watchers_count": 259, + "stargazers_count": 258, + "watchers_count": 258, "has_discussions": false, "forks_count": 80, "allow_forking": true, @@ -181,7 +181,7 @@ "topics": [], "visibility": "public", "forks": 80, - "watchers": 259, + "watchers": 258, "score": 0, "subscribers_count": 14 }, diff --git a/2018/CVE-2018-13382.json b/2018/CVE-2018-13382.json index ae492e88c4..280287b06f 100644 --- a/2018/CVE-2018-13382.json +++ b/2018/CVE-2018-13382.json @@ -13,10 +13,10 @@ "description": "CVE-2018-13382", "fork": false, "created_at": "2019-08-11T11:13:44Z", - "updated_at": "2023-09-28T11:05:01Z", + "updated_at": "2024-04-30T18:14:01Z", "pushed_at": "2019-08-13T15:06:28Z", - "stargazers_count": 146, - "watchers_count": 146, + "stargazers_count": 145, + "watchers_count": 145, "has_discussions": false, "forks_count": 58, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 58, - "watchers": 146, + "watchers": 145, "score": 0, "subscribers_count": 7 }, diff --git a/2018/CVE-2018-25031.json b/2018/CVE-2018-25031.json index 781b11b259..173c4e1dbc 100644 --- a/2018/CVE-2018-25031.json +++ b/2018/CVE-2018-25031.json @@ -268,35 +268,5 @@ "watchers": 0, "score": 0, "subscribers_count": 1 - }, - { - "id": 792114063, - "name": "CVE-2018-25031", - "full_name": "nullbyter19\/CVE-2018-25031", - "owner": { - "login": "nullbyter19", - "id": 168153661, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168153661?v=4", - "html_url": "https:\/\/github.com\/nullbyter19" - }, - "html_url": "https:\/\/github.com\/nullbyter19\/CVE-2018-25031", - "description": null, - "fork": false, - "created_at": "2024-04-26T02:18:36Z", - "updated_at": "2024-04-27T22:48:16Z", - "pushed_at": "2024-04-27T22:48:13Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2018/CVE-2018-6789.json b/2018/CVE-2018-6789.json index 426a937458..d77d2ef0af 100644 --- a/2018/CVE-2018-6789.json +++ b/2018/CVE-2018-6789.json @@ -133,35 +133,5 @@ "watchers": 8, "score": 0, "subscribers_count": 1 - }, - { - "id": 674981101, - "name": "CVE-2018-6789-Python3", - "full_name": "thistehneisen\/CVE-2018-6789-Python3", - "owner": { - "login": "thistehneisen", - "id": 6432992, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6432992?v=4", - "html_url": "https:\/\/github.com\/thistehneisen" - }, - "html_url": "https:\/\/github.com\/thistehneisen\/CVE-2018-6789-Python3", - "description": "Exim < 4.90.1 RCE Vulnerability remake for Python3 with arguments passed from CLI", - "fork": false, - "created_at": "2023-08-05T11:28:49Z", - "updated_at": "2023-08-05T11:29:43Z", - "pushed_at": "2023-08-05T11:30:52Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 1, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 1, - "watchers": 0, - "score": 0, - "subscribers_count": 2 } ] \ No newline at end of file diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json index 3075a3d4b4..fa4d7868ad 100644 --- a/2018/CVE-2018-7600.json +++ b/2018/CVE-2018-7600.json @@ -80,10 +80,10 @@ "description": "Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 \/ CVE-2018-7600 \/ SA-CORE-2018-002)", "fork": false, "created_at": "2018-04-12T22:53:14Z", - "updated_at": "2024-04-27T20:14:35Z", + "updated_at": "2024-04-30T18:13:50Z", "pushed_at": "2021-01-08T10:31:22Z", - "stargazers_count": 564, - "watchers_count": 564, + "stargazers_count": 563, + "watchers_count": 563, "has_discussions": false, "forks_count": 178, "allow_forking": true, @@ -102,7 +102,7 @@ ], "visibility": "public", "forks": 178, - "watchers": 564, + "watchers": 563, "score": 0, "subscribers_count": 23 }, diff --git a/2019/CVE-2019-18634.json b/2019/CVE-2019-18634.json index f2111fd4a8..b3fd7613fc 100644 --- a/2019/CVE-2019-18634.json +++ b/2019/CVE-2019-18634.json @@ -43,10 +43,10 @@ "description": "Proof of Concept for CVE-2019-18634", "fork": false, "created_at": "2020-02-07T18:07:03Z", - "updated_at": "2024-04-30T04:45:43Z", + "updated_at": "2024-04-30T23:12:43Z", "pushed_at": "2021-09-12T02:55:24Z", - "stargazers_count": 196, - "watchers_count": 196, + "stargazers_count": 197, + "watchers_count": 197, "has_discussions": false, "forks_count": 44, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 44, - "watchers": 196, + "watchers": 197, "score": 0, "subscribers_count": 3 }, diff --git a/2019/CVE-2019-8781.json b/2019/CVE-2019-8781.json index d2070a924e..8474be21f6 100644 --- a/2019/CVE-2019-8781.json +++ b/2019/CVE-2019-8781.json @@ -13,10 +13,10 @@ "description": "macOS Kernel Exploit for CVE-2019-8781. ", "fork": false, "created_at": "2019-09-17T17:59:26Z", - "updated_at": "2024-04-16T18:43:53Z", + "updated_at": "2024-04-30T19:25:10Z", "pushed_at": "2019-10-15T17:05:38Z", - "stargazers_count": 290, - "watchers_count": 290, + "stargazers_count": 291, + "watchers_count": 291, "has_discussions": false, "forks_count": 43, "allow_forking": true, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 43, - "watchers": 290, + "watchers": 291, "score": 0, "subscribers_count": 17 }, diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 71a0e437b2..34cbd0662b 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -152,19 +152,19 @@ "description": "Proof of Concept Exploit for vCenter CVE-2021-21972", "fork": false, "created_at": "2021-02-24T16:31:34Z", - "updated_at": "2024-03-25T17:52:56Z", + "updated_at": "2024-04-30T19:30:55Z", "pushed_at": "2021-02-25T16:05:02Z", - "stargazers_count": 244, - "watchers_count": 244, + "stargazers_count": 245, + "watchers_count": 245, "has_discussions": false, - "forks_count": 85, + "forks_count": 86, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 85, - "watchers": 244, + "forks": 86, + "watchers": 245, "score": 0, "subscribers_count": 10 }, diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index 35f2aca1e3..c4e2e54f93 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -938,10 +938,10 @@ "description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation", "fork": false, "created_at": "2022-01-26T14:26:10Z", - "updated_at": "2024-04-30T16:46:18Z", + "updated_at": "2024-04-30T19:54:06Z", "pushed_at": "2022-06-21T14:52:05Z", - "stargazers_count": 985, - "watchers_count": 985, + "stargazers_count": 986, + "watchers_count": 986, "has_discussions": false, "forks_count": 180, "allow_forking": true, @@ -952,7 +952,7 @@ ], "visibility": "public", "forks": 180, - "watchers": 985, + "watchers": 986, "score": 0, "subscribers_count": 14 }, diff --git a/2022/CVE-2022-0847.json b/2022/CVE-2022-0847.json index 64fd2bdc84..b848b0e558 100644 --- a/2022/CVE-2022-0847.json +++ b/2022/CVE-2022-0847.json @@ -1185,10 +1185,10 @@ "description": "A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.", "fork": false, "created_at": "2022-03-12T20:57:24Z", - "updated_at": "2024-04-28T07:00:10Z", + "updated_at": "2024-04-30T23:51:18Z", "pushed_at": "2023-05-20T05:55:45Z", - "stargazers_count": 508, - "watchers_count": 508, + "stargazers_count": 509, + "watchers_count": 509, "has_discussions": false, "forks_count": 136, "allow_forking": true, @@ -1197,7 +1197,7 @@ "topics": [], "visibility": "public", "forks": 136, - "watchers": 508, + "watchers": 509, "score": 0, "subscribers_count": 15 }, diff --git a/2022/CVE-2022-28219.json b/2022/CVE-2022-28219.json index 8e4497788d..a811de78ba 100644 --- a/2022/CVE-2022-28219.json +++ b/2022/CVE-2022-28219.json @@ -13,10 +13,10 @@ "description": "PoC for ManageEngine ADAudit Plus CVE-2022-28219", "fork": false, "created_at": "2022-06-26T15:48:27Z", - "updated_at": "2023-12-28T05:03:49Z", + "updated_at": "2024-04-30T19:30:26Z", "pushed_at": "2022-06-26T16:46:55Z", - "stargazers_count": 42, - "watchers_count": 42, + "stargazers_count": 43, + "watchers_count": 43, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 15, - "watchers": 42, + "watchers": 43, "score": 0, "subscribers_count": 4 }, diff --git a/2022/CVE-2022-40684.json b/2022/CVE-2022-40684.json index d68103cf8d..de6e9706a3 100644 --- a/2022/CVE-2022-40684.json +++ b/2022/CVE-2022-40684.json @@ -13,19 +13,19 @@ "description": "A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager", "fork": false, "created_at": "2022-10-13T14:24:12Z", - "updated_at": "2024-04-04T20:33:02Z", + "updated_at": "2024-04-30T19:28:02Z", "pushed_at": "2022-10-13T15:25:00Z", - "stargazers_count": 327, - "watchers_count": 327, + "stargazers_count": 328, + "watchers_count": 328, "has_discussions": false, - "forks_count": 100, + "forks_count": 95, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 100, - "watchers": 327, + "forks": 95, + "watchers": 328, "score": 0, "subscribers_count": 7 }, diff --git a/2022/CVE-2022-47966.json b/2022/CVE-2022-47966.json index 17a4e1e2bf..775691a941 100644 --- a/2022/CVE-2022-47966.json +++ b/2022/CVE-2022-47966.json @@ -13,10 +13,10 @@ "description": "POC for CVE-2022-47966 affecting multiple ManageEngine products", "fork": false, "created_at": "2023-01-17T21:26:28Z", - "updated_at": "2024-04-27T08:51:40Z", + "updated_at": "2024-04-30T19:30:13Z", "pushed_at": "2023-01-19T13:10:07Z", - "stargazers_count": 121, - "watchers_count": 121, + "stargazers_count": 122, + "watchers_count": 122, "has_discussions": false, "forks_count": 33, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 33, - "watchers": 121, + "watchers": 122, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-20198.json b/2023/CVE-2023-20198.json index a1f4a55910..fbcf63c401 100644 --- a/2023/CVE-2023-20198.json +++ b/2023/CVE-2023-20198.json @@ -682,10 +682,10 @@ "description": "CVE-2023-20198-RCE, support adding\/deleting users and executing cli commands\/system commands.", "fork": false, "created_at": "2024-04-25T06:59:53Z", - "updated_at": "2024-04-29T21:37:21Z", + "updated_at": "2024-04-30T19:59:16Z", "pushed_at": "2024-04-25T07:32:57Z", - "stargazers_count": 31, - "watchers_count": 31, + "stargazers_count": 32, + "watchers_count": 32, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -694,7 +694,7 @@ "topics": [], "visibility": "public", "forks": 8, - "watchers": 31, + "watchers": 32, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-27532.json b/2023/CVE-2023-27532.json index 8065ff377a..69c10f9dd5 100644 --- a/2023/CVE-2023-27532.json +++ b/2023/CVE-2023-27532.json @@ -13,19 +13,19 @@ "description": "POC for Veeam Backup and Replication CVE-2023-27532", "fork": false, "created_at": "2023-03-18T16:20:53Z", - "updated_at": "2024-04-28T09:36:01Z", + "updated_at": "2024-04-30T19:30:01Z", "pushed_at": "2023-03-28T18:21:55Z", - "stargazers_count": 55, - "watchers_count": 55, + "stargazers_count": 56, + "watchers_count": 56, "has_discussions": false, - "forks_count": 9, + "forks_count": 10, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 9, - "watchers": 55, + "forks": 10, + "watchers": 56, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-34051.json b/2023/CVE-2023-34051.json index 93ca3096a9..8784ce1b95 100644 --- a/2023/CVE-2023-34051.json +++ b/2023/CVE-2023-34051.json @@ -13,10 +13,10 @@ "description": "VMware Aria Operations for Logs CVE-2023-34051", "fork": false, "created_at": "2023-10-20T14:59:45Z", - "updated_at": "2024-04-28T09:36:20Z", + "updated_at": "2024-04-30T19:29:37Z", "pushed_at": "2023-10-20T15:00:10Z", - "stargazers_count": 60, - "watchers_count": 60, + "stargazers_count": 61, + "watchers_count": 61, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 60, + "watchers": 61, "score": 0, "subscribers_count": 4 } diff --git a/2023/CVE-2023-34362.json b/2023/CVE-2023-34362.json index f69fc1dc89..b2f42c3646 100644 --- a/2023/CVE-2023-34362.json +++ b/2023/CVE-2023-34362.json @@ -43,19 +43,19 @@ "description": "MOVEit CVE-2023-34362", "fork": false, "created_at": "2023-06-09T19:07:32Z", - "updated_at": "2024-04-28T09:36:11Z", + "updated_at": "2024-04-30T19:29:55Z", "pushed_at": "2023-06-26T20:24:32Z", - "stargazers_count": 131, - "watchers_count": 131, + "stargazers_count": 132, + "watchers_count": 132, "has_discussions": false, - "forks_count": 33, + "forks_count": 34, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 33, - "watchers": 131, + "forks": 34, + "watchers": 132, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-36844.json b/2023/CVE-2023-36844.json index 6b016a2cbd..965ed7a63f 100644 --- a/2023/CVE-2023-36844.json +++ b/2023/CVE-2023-36844.json @@ -13,19 +13,19 @@ "description": null, "fork": false, "created_at": "2023-08-25T07:28:06Z", - "updated_at": "2024-04-17T04:01:16Z", + "updated_at": "2024-04-30T19:27:10Z", "pushed_at": "2023-08-25T09:38:05Z", - "stargazers_count": 107, - "watchers_count": 107, + "stargazers_count": 108, + "watchers_count": 108, "has_discussions": false, - "forks_count": 24, + "forks_count": 25, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 24, - "watchers": 107, + "forks": 25, + "watchers": 108, "score": 0, "subscribers_count": 3 }, diff --git a/2023/CVE-2023-38035.json b/2023/CVE-2023-38035.json index 0bd152d22a..2b25146429 100644 --- a/2023/CVE-2023-38035.json +++ b/2023/CVE-2023-38035.json @@ -13,19 +13,19 @@ "description": "Ivanti Sentry CVE-2023-38035", "fork": false, "created_at": "2023-08-23T17:34:36Z", - "updated_at": "2024-03-13T23:03:17Z", + "updated_at": "2024-04-30T19:29:49Z", "pushed_at": "2023-08-23T18:42:37Z", - "stargazers_count": 36, - "watchers_count": 36, + "stargazers_count": 37, + "watchers_count": 37, "has_discussions": false, - "forks_count": 12, + "forks_count": 13, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 12, - "watchers": 36, + "forks": 13, + "watchers": 37, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-48788.json b/2023/CVE-2023-48788.json index 92b61307e8..e9d029f04f 100644 --- a/2023/CVE-2023-48788.json +++ b/2023/CVE-2023-48788.json @@ -13,19 +13,19 @@ "description": "Fortinet FortiClient EMS SQL Injection", "fork": false, "created_at": "2024-03-18T20:50:48Z", - "updated_at": "2024-04-29T11:28:00Z", + "updated_at": "2024-04-30T19:29:11Z", "pushed_at": "2024-03-20T20:42:41Z", - "stargazers_count": 37, - "watchers_count": 37, + "stargazers_count": 38, + "watchers_count": 38, "has_discussions": false, - "forks_count": 9, + "forks_count": 10, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 9, - "watchers": 37, + "forks": 10, + "watchers": 38, "score": 0, "subscribers_count": 5 } diff --git a/2024/CVE-2024-0204.json b/2024/CVE-2024-0204.json index 2297c6fb48..66a14b688f 100644 --- a/2024/CVE-2024-0204.json +++ b/2024/CVE-2024-0204.json @@ -13,19 +13,19 @@ "description": "Authentication Bypass in GoAnywhere MFT", "fork": false, "created_at": "2024-01-23T20:16:14Z", - "updated_at": "2024-03-29T14:34:35Z", + "updated_at": "2024-04-30T19:29:30Z", "pushed_at": "2024-01-23T20:33:30Z", - "stargazers_count": 59, - "watchers_count": 59, + "stargazers_count": 60, + "watchers_count": 60, "has_discussions": false, - "forks_count": 7, + "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 7, - "watchers": 59, + "forks": 8, + "watchers": 60, "score": 0, "subscribers_count": 5 }, diff --git a/2024/CVE-2024-1086.json b/2024/CVE-2024-1086.json index 6cec2cbdaa..c2c7d8b292 100644 --- a/2024/CVE-2024-1086.json +++ b/2024/CVE-2024-1086.json @@ -13,10 +13,10 @@ "description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.", "fork": false, "created_at": "2024-03-20T21:16:41Z", - "updated_at": "2024-04-30T18:14:24Z", + "updated_at": "2024-04-30T21:10:59Z", "pushed_at": "2024-04-17T16:09:54Z", - "stargazers_count": 1896, - "watchers_count": 1896, + "stargazers_count": 1895, + "watchers_count": 1895, "has_discussions": false, "forks_count": 237, "allow_forking": true, @@ -31,7 +31,7 @@ ], "visibility": "public", "forks": 237, - "watchers": 1896, + "watchers": 1895, "score": 0, "subscribers_count": 19 }, diff --git a/2024/CVE-2024-1403.json b/2024/CVE-2024-1403.json index a915abc57b..88005d4ac1 100644 --- a/2024/CVE-2024-1403.json +++ b/2024/CVE-2024-1403.json @@ -13,19 +13,19 @@ "description": "Progress OpenEdge Authentication Bypass", "fork": false, "created_at": "2024-03-06T15:27:18Z", - "updated_at": "2024-04-23T14:51:02Z", + "updated_at": "2024-04-30T19:29:16Z", "pushed_at": "2024-03-06T15:31:56Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 16, + "watchers_count": 16, "has_discussions": false, - "forks_count": 7, + "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 7, - "watchers": 15, + "forks": 8, + "watchers": 16, "score": 0, "subscribers_count": 5 } diff --git a/2024/CVE-2024-21762.json b/2024/CVE-2024-21762.json index fab9e781f3..eb062925d6 100644 --- a/2024/CVE-2024-21762.json +++ b/2024/CVE-2024-21762.json @@ -13,10 +13,10 @@ "description": "Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762", "fork": false, "created_at": "2024-02-28T21:16:10Z", - "updated_at": "2024-04-24T03:59:19Z", + "updated_at": "2024-04-30T19:38:16Z", "pushed_at": "2024-03-01T20:02:52Z", - "stargazers_count": 85, - "watchers_count": 85, + "stargazers_count": 86, + "watchers_count": 86, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 85, + "watchers": 86, "score": 0, "subscribers_count": 6 }, diff --git a/2024/CVE-2024-25600.json b/2024/CVE-2024-25600.json index 2dbccc0a8c..75a59ba38e 100644 --- a/2024/CVE-2024-25600.json +++ b/2024/CVE-2024-25600.json @@ -181,10 +181,10 @@ "description": "This tool is designed to exploit the CVE-2024-25600 vulnerability found in the Bricks Builder plugin for WordPress. The vulnerability allows for unauthenticated remote code execution on affected websites. The tool automates the exploitation process by retrieving nonces and sending specially crafted requests to execute arbitrary commands.", "fork": false, "created_at": "2024-04-17T15:21:01Z", - "updated_at": "2024-04-17T15:27:36Z", + "updated_at": "2024-04-30T23:00:55Z", "pushed_at": "2024-04-17T15:36:26Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -193,7 +193,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-26218.json b/2024/CVE-2024-26218.json index b36be12630..97eec1455b 100644 --- a/2024/CVE-2024-26218.json +++ b/2024/CVE-2024-26218.json @@ -13,10 +13,10 @@ "description": "Proof-of-Concept for CVE-2024-26218", "fork": false, "created_at": "2024-04-26T16:41:04Z", - "updated_at": "2024-04-30T14:53:44Z", + "updated_at": "2024-04-30T22:53:30Z", "pushed_at": "2024-04-26T16:46:15Z", - "stargazers_count": 32, - "watchers_count": 32, + "stargazers_count": 33, + "watchers_count": 33, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 32, + "watchers": 33, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-3094.json b/2024/CVE-2024-3094.json index 1fb3ca71e3..547df1d81f 100644 --- a/2024/CVE-2024-3094.json +++ b/2024/CVE-2024-3094.json @@ -493,10 +493,10 @@ "description": "An ssh honeypot with the XZ backdoor. CVE-2024-3094", "fork": false, "created_at": "2024-03-30T22:07:24Z", - "updated_at": "2024-04-29T11:36:44Z", + "updated_at": "2024-04-30T21:55:36Z", "pushed_at": "2024-04-02T03:38:32Z", - "stargazers_count": 135, - "watchers_count": 135, + "stargazers_count": 136, + "watchers_count": 136, "has_discussions": false, "forks_count": 23, "allow_forking": true, @@ -510,7 +510,7 @@ ], "visibility": "public", "forks": 23, - "watchers": 135, + "watchers": 136, "score": 0, "subscribers_count": 8 }, diff --git a/2024/CVE-2024-32766.json b/2024/CVE-2024-32766.json new file mode 100644 index 0000000000..d67380940e --- /dev/null +++ b/2024/CVE-2024-32766.json @@ -0,0 +1,32 @@ +[ + { + "id": 794305884, + "name": "CVE-2024-32766-POC", + "full_name": "p3c34r7\/CVE-2024-32766-POC", + "owner": { + "login": "p3c34r7", + "id": 168595995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168595995?v=4", + "html_url": "https:\/\/github.com\/p3c34r7" + }, + "html_url": "https:\/\/github.com\/p3c34r7\/CVE-2024-32766-POC", + "description": "writeup and PoC for CVE-2024-32766 (QNAP) OS command injection, chained attack for auth bypass.", + "fork": false, + "created_at": "2024-04-30T21:30:19Z", + "updated_at": "2024-04-30T21:30:43Z", + "pushed_at": "2024-04-30T21:30:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3400.json b/2024/CVE-2024-3400.json index d8b9ad4f5a..2c62569843 100644 --- a/2024/CVE-2024-3400.json +++ b/2024/CVE-2024-3400.json @@ -313,10 +313,10 @@ "description": "CVE-2024-3400-RCE", "fork": false, "created_at": "2024-04-16T16:18:56Z", - "updated_at": "2024-04-30T02:49:21Z", + "updated_at": "2024-04-30T22:02:33Z", "pushed_at": "2024-04-22T08:50:27Z", - "stargazers_count": 52, - "watchers_count": 52, + "stargazers_count": 53, + "watchers_count": 53, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -325,7 +325,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 52, + "watchers": 53, "score": 0, "subscribers_count": 3 }, diff --git a/README.md b/README.md index 120ab41941..d38b6035d9 100644 --- a/README.md +++ b/README.md @@ -1612,6 +1612,13 @@ - [NN0b0dy/CVE-2024-32399](https://github.com/NN0b0dy/CVE-2024-32399) +### CVE-2024-32766 (2024-04-26) + +An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.3.2578 build 20231110 and later\nQTS 4.5.4.2627 build 20231225 and later\nQuTS hero h5.1.3.2578 build 20231110 and later\nQuTS hero h4.5.4.2626 build 20231225 and later\nQuTScloud c5.1.5.2651 and later\n + + +- [p3c34r7/CVE-2024-32766-POC](https://github.com/p3c34r7/CVE-2024-32766-POC) + ### CVE-2024-33339 - [balckgu1/Poc](https://github.com/balckgu1/Poc) @@ -32512,7 +32519,6 @@ - [beraphin/CVE-2018-6789](https://github.com/beraphin/CVE-2018-6789) - [synacktiv/Exim-CVE-2018-6789](https://github.com/synacktiv/Exim-CVE-2018-6789) - [martinclauss/exim-rce-cve-2018-6789](https://github.com/martinclauss/exim-rce-cve-2018-6789) -- [thistehneisen/CVE-2018-6789-Python3](https://github.com/thistehneisen/CVE-2018-6789-Python3) ### CVE-2018-6791 (2018-02-07) @@ -34746,7 +34752,6 @@ - [hev0x/CVE-2018-25031-PoC](https://github.com/hev0x/CVE-2018-25031-PoC) - [ThiiagoEscobar/CVE-2018-25031](https://github.com/ThiiagoEscobar/CVE-2018-25031) - [johnlaurance/CVE-2018-25031-test2](https://github.com/johnlaurance/CVE-2018-25031-test2) -- [nullbyter19/CVE-2018-25031](https://github.com/nullbyter19/CVE-2018-25031) ### CVE-2018-25032 (2022-03-25) @@ -36527,6 +36532,7 @@ - [Xcatolin/jboss-deserialization](https://github.com/Xcatolin/jboss-deserialization) - [VVeakee/CVE-2017-12149](https://github.com/VVeakee/CVE-2017-12149) - [MrE-Fog/jboss-_CVE-2017-12149](https://github.com/MrE-Fog/jboss-_CVE-2017-12149) +- [JesseClarkND/CVE-2017-12149](https://github.com/JesseClarkND/CVE-2017-12149) ### CVE-2017-12426 (2017-08-14) @@ -40534,13 +40540,6 @@ - [defrancescojp/CVE-2013-3664_MAC](https://github.com/defrancescojp/CVE-2013-3664_MAC) - [defrancescojp/CVE-2013-3664_BMP](https://github.com/defrancescojp/CVE-2013-3664_BMP) -### CVE-2013-3827 (2013-10-16) - -Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container. - - -- [thistehneisen/CVE-2013-3827](https://github.com/thistehneisen/CVE-2013-3827) - ### CVE-2013-3900 (2013-12-11) The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."