mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/07/02 00:28:35

Browse source
This commit is contained in:
motikan2010-bot 2024-07-02 09:28:35 +09:00
parent 5c878d8b22
commit 51285899dd
34 changed files with 380 additions and 165 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2005/CVE-2005-3299.json
View file

@ -43,8 +43,8 @@
"description": " phpMyAdmin 2.6.4-pl1 - Directory Traversal",
"fork": false,
"created_at": "2024-06-29T14:17:16Z",
"updated_at": "2024-06-29T14:17:16Z",
"pushed_at": "2024-06-29T14:17:16Z",
"updated_at": "2024-07-01T19:01:01Z",
"pushed_at": "2024-07-01T19:00:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

32
2006/CVE-2006-5051.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 822792125,
"name": "CVE-2024-6387",
"full_name": "bigb0x\/CVE-2024-6387",
"owner": {
"login": "bigb0x",
"id": 13532434,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4",
"html_url": "https:\/\/github.com\/bigb0x"
},
"html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-6387",
"description": "Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 and CVE-2008-4109.",
"fork": false,
"created_at": "2024-07-01T20:45:53Z",
"updated_at": "2024-07-02T00:04:03Z",
"pushed_at": "2024-07-01T21:29:05Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

32
2008/CVE-2008-4109.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 822792125,
"name": "CVE-2024-6387",
"full_name": "bigb0x\/CVE-2024-6387",
"owner": {
"login": "bigb0x",
"id": 13532434,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4",
"html_url": "https:\/\/github.com\/bigb0x"
},
"html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-6387",
"description": "Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 and CVE-2008-4109.",
"fork": false,
"created_at": "2024-07-01T20:45:53Z",
"updated_at": "2024-07-02T00:04:03Z",
"pushed_at": "2024-07-01T21:29:05Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2017/CVE-2017-7269.json
View file

@ -378,10 +378,10 @@
"description": null,
"fork": false,
"created_at": "2018-04-28T04:11:45Z",
"updated_at": "2023-09-28T10:50:14Z",
"updated_at": "2024-07-01T20:46:57Z",
"pushed_at": "2018-04-28T04:47:05Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -390,7 +390,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 2
},

8
2019/CVE-2019-11358.json
View file

File diff suppressed because one or more lines are too long

30
2019/CVE-2019-1663.json
View file

@ -29,36 +29,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 710374224,
"name": "CVE-2019-1663-vuln",
"full_name": "e180175\/CVE-2019-1663-vuln",
"owner": {
"login": "e180175",
"id": 57728787,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57728787?v=4",
"html_url": "https:\/\/github.com\/e180175"
},
"html_url": "https:\/\/github.com\/e180175\/CVE-2019-1663-vuln",
"description": null,
"fork": false,
"created_at": "2023-10-26T15:08:52Z",
"updated_at": "2023-10-26T15:52:02Z",
"pushed_at": "2023-10-28T08:33:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 766075527,
"name": "CVE-2019-1663",

2
2019/CVE-2019-18818.json
View file

@ -117,6 +117,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2019/CVE-2019-7192.json
View file

@ -60,6 +60,6 @@
"forks": 34,
"watchers": 84,
"score": 0,
"subscribers_count": 2
"subscribers_count": 3
}
]

8
2020/CVE-2020-11896.json
View file

@ -43,10 +43,10 @@
"description": "RCE exploit for CVE-2020-11896 (Ripple20 IP-in-IP Heap Overflow Vulnerability) targeting Digi Connect ME 9210",
"fork": false,
"created_at": "2022-11-30T18:44:25Z",
"updated_at": "2023-11-08T06:36:44Z",
"updated_at": "2024-07-01T23:06:14Z",
"pushed_at": "2022-11-30T18:46:27Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 2
}

8
2020/CVE-2020-4463.json
View file

@ -13,10 +13,10 @@
"description": "IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)",
"fork": false,
"created_at": "2020-08-13T09:03:40Z",
"updated_at": "2024-06-13T21:25:29Z",
"updated_at": "2024-07-02T00:01:38Z",
"pushed_at": "2023-09-19T10:38:28Z",
"stargazers_count": 55,
"watchers_count": 55,
"stargazers_count": 54,
"watchers_count": 54,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 17,
"watchers": 55,
"watchers": 54,
"score": 0,
"subscribers_count": 2
}

4
2021/CVE-2021-1675.json
View file

@ -306,13 +306,13 @@
"stargazers_count": 979,
"watchers_count": 979,
"has_discussions": false,
"forks_count": 231,
"forks_count": 232,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 231,
"forks": 232,
"watchers": 979,
"score": 0,
"subscribers_count": 27

8
2021/CVE-2021-22205.json
View file

@ -443,10 +443,10 @@
"description": "GitLab CE\/EE Preauth RCE using ExifTool",
"fork": false,
"created_at": "2021-11-11T04:34:07Z",
"updated_at": "2024-07-01T02:24:44Z",
"updated_at": "2024-07-01T21:07:45Z",
"pushed_at": "2022-01-16T15:54:14Z",
"stargazers_count": 214,
"watchers_count": 214,
"stargazers_count": 215,
"watchers_count": 215,
"has_discussions": false,
"forks_count": 39,
"allow_forking": true,
@ -462,7 +462,7 @@
],
"visibility": "public",
"forks": 39,
"watchers": 214,
"watchers": 215,
"score": 0,
"subscribers_count": 2
},

8
2021/CVE-2021-3345.json
View file

@ -52,10 +52,10 @@
"description": "Actual working exploit for CVE-2021-3345",
"fork": false,
"created_at": "2024-02-29T22:05:44Z",
"updated_at": "2024-03-01T01:53:22Z",
"updated_at": "2024-07-01T20:32:20Z",
"pushed_at": "2024-02-29T22:22:22Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -64,7 +64,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

4
2021/CVE-2021-34527.json
View file

@ -84,13 +84,13 @@
"stargazers_count": 244,
"watchers_count": 244,
"has_discussions": false,
"forks_count": 62,
"forks_count": 63,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 62,
"forks": 63,
"watchers": 244,
"score": 0,
"subscribers_count": 9

2
2021/CVE-2021-4034.json
View file

@ -4959,6 +4959,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

4
2022/CVE-2022-0847.json
View file

@ -1909,8 +1909,8 @@
"description": null,
"fork": false,
"created_at": "2022-06-30T13:07:55Z",
"updated_at": "2024-05-25T21:48:34Z",
"pushed_at": "2022-07-02T13:26:21Z",
"updated_at": "2024-07-01T18:57:06Z",
"pushed_at": "2024-07-01T18:57:03Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2022/CVE-2022-24125.json
View file

@ -13,10 +13,10 @@
"description": "Documentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.",
"fork": false,
"created_at": "2022-01-28T20:37:14Z",
"updated_at": "2024-06-30T23:22:26Z",
"updated_at": "2024-07-01T23:52:08Z",
"pushed_at": "2022-08-30T02:11:05Z",
"stargazers_count": 146,
"watchers_count": 146,
"stargazers_count": 147,
"watchers_count": 147,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 8,
"watchers": 146,
"watchers": 147,
"score": 0,
"subscribers_count": 3
}

10
2022/CVE-2022-38694.json
View file

@ -46,10 +46,10 @@
"description": "Bootloader unlock using CVE-2022-38694 for Anbernic Unisoc T820 devices",
"fork": false,
"created_at": "2024-06-27T14:28:13Z",
"updated_at": "2024-07-01T00:36:26Z",
"pushed_at": "2024-06-29T16:35:25Z",
"stargazers_count": 8,
"watchers_count": 8,
"updated_at": "2024-07-01T23:51:48Z",
"pushed_at": "2024-07-01T22:13:19Z",
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -58,7 +58,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
}

8
2022/CVE-2022-45477.json
View file

@ -13,10 +13,10 @@
"description": "nmap detection scripts for CVE-2022-45477, CVE-2022-45479, CVE-2022-45482, CVE-2022-45481",
"fork": false,
"created_at": "2023-02-26T23:39:42Z",
"updated_at": "2024-04-19T19:57:42Z",
"updated_at": "2024-07-01T22:08:29Z",
"pushed_at": "2024-04-19T19:57:39Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-24871.json
View file

@ -13,10 +13,10 @@
"description": "pocs & exploit for CVE-2023-24871 (rce + lpe)",
"fork": false,
"created_at": "2024-06-21T15:01:15Z",
"updated_at": "2024-07-01T04:07:25Z",
"updated_at": "2024-07-01T20:45:57Z",
"pushed_at": "2024-06-25T15:33:32Z",
"stargazers_count": 23,
"watchers_count": 23,
"stargazers_count": 24,
"watchers_count": 24,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 23,
"watchers": 24,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-6246.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2024-03-02T15:45:52Z",
"updated_at": "2024-05-31T01:55:50Z",
"updated_at": "2024-07-01T23:19:17Z",
"pushed_at": "2024-03-06T20:12:50Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-1086.json
View file

@ -13,10 +13,10 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2024-07-01T09:21:10Z",
"updated_at": "2024-07-01T21:46:11Z",
"pushed_at": "2024-04-17T16:09:54Z",
"stargazers_count": 2160,
"watchers_count": 2160,
"stargazers_count": 2161,
"watchers_count": 2161,
"has_discussions": false,
"forks_count": 283,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 283,
"watchers": 2160,
"watchers": 2161,
"score": 0,
"subscribers_count": 23
},

8
2024/CVE-2024-20698.json
View file

@ -13,10 +13,10 @@
"description": "Analysis of the vulnerability",
"fork": false,
"created_at": "2024-01-17T04:35:42Z",
"updated_at": "2024-06-27T07:38:46Z",
"updated_at": "2024-07-01T21:42:07Z",
"pushed_at": "2024-01-23T16:30:55Z",
"stargazers_count": 45,
"watchers_count": 45,
"stargazers_count": 46,
"watchers_count": 46,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 45,
"watchers": 46,
"score": 0,
"subscribers_count": 2
}

8
2024/CVE-2024-21683.json
View file

@ -43,10 +43,10 @@
"description": "CVE-2024-21683 Confluence Post Auth RCE",
"fork": false,
"created_at": "2024-05-23T09:05:40Z",
"updated_at": "2024-06-27T16:51:46Z",
"updated_at": "2024-07-01T20:14:56Z",
"pushed_at": "2024-05-27T03:47:36Z",
"stargazers_count": 112,
"watchers_count": 112,
"stargazers_count": 113,
"watchers_count": 113,
"has_discussions": false,
"forks_count": 28,
"allow_forking": true,
@ -59,7 +59,7 @@
],
"visibility": "public",
"forks": 28,
"watchers": 112,
"watchers": 113,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-23897.json
View file

@ -73,10 +73,10 @@
"description": "CVE-2024-23897",
"fork": false,
"created_at": "2024-01-26T09:44:32Z",
"updated_at": "2024-06-29T08:09:32Z",
"updated_at": "2024-07-02T00:01:47Z",
"pushed_at": "2024-01-28T06:47:28Z",
"stargazers_count": 183,
"watchers_count": 183,
"stargazers_count": 182,
"watchers_count": 182,
"has_discussions": false,
"forks_count": 35,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 35,
"watchers": 183,
"watchers": 182,
"score": 0,
"subscribers_count": 2
},

8
2024/CVE-2024-24576.json
View file

@ -13,10 +13,10 @@
"description": "Example of CVE-2024-24576 use case.",
"fork": false,
"created_at": "2024-04-09T21:17:15Z",
"updated_at": "2024-07-01T17:09:33Z",
"updated_at": "2024-07-02T00:01:47Z",
"pushed_at": "2024-04-10T14:46:42Z",
"stargazers_count": 51,
"watchers_count": 51,
"stargazers_count": 50,
"watchers_count": 50,
"has_discussions": false,
"forks_count": 10,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 10,
"watchers": 51,
"watchers": 50,
"score": 0,
"subscribers_count": 2
},

20
2024/CVE-2024-28995.json
View file

@ -163,10 +163,10 @@
"description": "CVE-2024-28995 POC Vulnerability Scanner",
"fork": false,
"created_at": "2024-06-14T23:05:40Z",
"updated_at": "2024-06-27T08:16:49Z",
"updated_at": "2024-07-01T18:56:51Z",
"pushed_at": "2024-06-15T12:21:28Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -175,7 +175,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
@ -223,12 +223,12 @@
"description": "CVE-2024-28955 Exploitation PoC ",
"fork": false,
"created_at": "2024-07-01T11:49:51Z",
"updated_at": "2024-07-01T18:27:29Z",
"updated_at": "2024-07-02T00:25:34Z",
"pushed_at": "2024-07-01T12:53:21Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -243,8 +243,8 @@
"solarwinds"
],
"visibility": "public",
"forks": 0,
"watchers": 4,
"forks": 1,
"watchers": 7,
"score": 0,
"subscribers_count": 0
}

50
2024/CVE-2024-29269.json
View file

@ -118,5 +118,55 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 822837368,
"name": "CVE-2024-29269-EXPLOIT",
"full_name": "K3ysTr0K3R\/CVE-2024-29269-EXPLOIT",
"owner": {
"login": "K3ysTr0K3R",
"id": 70909693,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4",
"html_url": "https:\/\/github.com\/K3ysTr0K3R"
},
"html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-29269-EXPLOIT",
"description": "A PoC exploit for CVE-2024-29269 - Telesquare TLR-2005KSH Remote Code Execution (RCE)",
"fork": false,
"created_at": "2024-07-01T23:49:59Z",
"updated_at": "2024-07-02T00:10:06Z",
"pushed_at": "2024-07-02T00:00:59Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"bugs",
"critical",
"cve-2024-29269",
"devices",
"exploit",
"exploitation",
"exploits",
"iot",
"poc",
"proof-of-concept",
"rce",
"rce-exploit",
"rce-scanner",
"remote-code-execution",
"router",
"telesquare",
"tlr-2005ksh",
"vulnerabilities",
"vulnerability"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-30088.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2024-06-24T10:37:26Z",
"updated_at": "2024-07-01T16:20:19Z",
"updated_at": "2024-07-02T00:01:01Z",
"pushed_at": "2024-06-24T11:16:26Z",
"stargazers_count": 139,
"watchers_count": 139,
"stargazers_count": 141,
"watchers_count": 141,
"has_discussions": false,
"forks_count": 33,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 33,
"watchers": 139,
"watchers": 141,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-34102.json
View file

@ -73,10 +73,10 @@
"description": "POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento \/ Adobe Commerce. ",
"fork": false,
"created_at": "2024-06-27T21:57:24Z",
"updated_at": "2024-07-01T09:12:54Z",
"updated_at": "2024-07-01T19:07:35Z",
"pushed_at": "2024-06-29T08:13:05Z",
"stargazers_count": 17,
"watchers_count": 17,
"stargazers_count": 18,
"watchers_count": 18,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 17,
"watchers": 18,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-5806.json
View file

@ -13,10 +13,10 @@
"description": "Exploit for the CVE-2024-5806",
"fork": false,
"created_at": "2024-06-24T16:28:35Z",
"updated_at": "2024-07-01T05:39:17Z",
"updated_at": "2024-07-01T19:15:09Z",
"pushed_at": "2024-06-24T16:52:12Z",
"stargazers_count": 37,
"watchers_count": 37,
"stargazers_count": 38,
"watchers_count": 38,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 37,
"watchers": 38,
"score": 0,
"subscribers_count": 0
}

8
2024/CVE-2024-6050.json
View file

@ -13,10 +13,10 @@
"description": "Reflected XSS in SOWA OPAC",
"fork": false,
"created_at": "2024-07-01T14:31:37Z",
"updated_at": "2024-07-01T14:33:45Z",
"updated_at": "2024-07-01T22:01:03Z",
"pushed_at": "2024-07-01T14:33:42Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

142
2024/CVE-2024-6387.json
View file

@ -13,19 +13,19 @@
"description": "a signal handler race condition in OpenSSH's server (sshd)",
"fork": false,
"created_at": "2024-07-01T10:55:29Z",
"updated_at": "2024-07-01T18:23:13Z",
"updated_at": "2024-07-02T00:30:45Z",
"pushed_at": "2024-07-01T10:54:02Z",
"stargazers_count": 81,
"watchers_count": 81,
"stargazers_count": 118,
"watchers_count": 118,
"has_discussions": false,
"forks_count": 92,
"forks_count": 101,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 92,
"watchers": 81,
"forks": 101,
"watchers": 118,
"score": 0,
"subscribers_count": 0
},
@ -43,19 +43,19 @@
"description": "32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo\/cve-2024-6387-poc",
"fork": false,
"created_at": "2024-07-01T12:16:21Z",
"updated_at": "2024-07-01T18:19:38Z",
"updated_at": "2024-07-02T00:27:03Z",
"pushed_at": "2024-07-01T12:25:01Z",
"stargazers_count": 26,
"watchers_count": 26,
"stargazers_count": 44,
"watchers_count": 44,
"has_discussions": false,
"forks_count": 18,
"forks_count": 23,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 26,
"forks": 23,
"watchers": 44,
"score": 0,
"subscribers_count": 0
},
@ -73,12 +73,12 @@
"description": "32-bit PoC for CVE-2024-6387 \"regreSSHion\" -- mirror of the original 7etsuo\/cve-2024-6387-poc",
"fork": false,
"created_at": "2024-07-01T12:26:40Z",
"updated_at": "2024-07-01T16:41:13Z",
"updated_at": "2024-07-02T00:21:39Z",
"pushed_at": "2024-07-01T14:16:36Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 13,
"watchers_count": 13,
"has_discussions": false,
"forks_count": 6,
"forks_count": 10,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -91,8 +91,8 @@
"ssh"
],
"visibility": "public",
"forks": 6,
"watchers": 8,
"forks": 10,
"watchers": 13,
"score": 0,
"subscribers_count": 0
},
@ -140,10 +140,10 @@
"description": null,
"fork": false,
"created_at": "2024-07-01T12:51:18Z",
"updated_at": "2024-07-01T17:23:11Z",
"updated_at": "2024-07-01T22:04:25Z",
"pushed_at": "2024-07-01T13:34:47Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -152,7 +152,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 6,
"score": 0,
"subscribers_count": 0
},
@ -230,10 +230,10 @@
"description": "CVE-2024-6387 for SSH RCE in Python [Update]",
"fork": false,
"created_at": "2024-07-01T15:30:56Z",
"updated_at": "2024-07-01T16:20:46Z",
"updated_at": "2024-07-01T23:34:55Z",
"pushed_at": "2024-07-01T15:43:10Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -242,7 +242,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 5,
"score": 0,
"subscribers_count": 0
},
@ -275,5 +275,95 @@
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 822788426,
"name": "CVE-2024-6387_Check",
"full_name": "xaitax\/CVE-2024-6387_Check",
"owner": {
"login": "xaitax",
"id": 5014849,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5014849?v=4",
"html_url": "https:\/\/github.com\/xaitax"
},
"html_url": "https:\/\/github.com\/xaitax\/CVE-2024-6387_Check",
"description": "CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH",
"fork": false,
"created_at": "2024-07-01T20:33:20Z",
"updated_at": "2024-07-02T00:08:03Z",
"pushed_at": "2024-07-01T22:02:43Z",
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 15,
"score": 0,
"subscribers_count": 0
},
{
"id": 822792125,
"name": "CVE-2024-6387",
"full_name": "bigb0x\/CVE-2024-6387",
"owner": {
"login": "bigb0x",
"id": 13532434,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4",
"html_url": "https:\/\/github.com\/bigb0x"
},
"html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-6387",
"description": "Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 and CVE-2008-4109.",
"fork": false,
"created_at": "2024-07-01T20:45:53Z",
"updated_at": "2024-07-02T00:04:03Z",
"pushed_at": "2024-07-01T21:29:05Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 822824673,
"name": "regresshion-check",
"full_name": "wiggels\/regresshion-check",
"owner": {
"login": "wiggels",
"id": 16748278,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16748278?v=4",
"html_url": "https:\/\/github.com\/wiggels"
},
"html_url": "https:\/\/github.com\/wiggels\/regresshion-check",
"description": "CLI Tool to Check SSH Servers for Vulnerability to CVE-2024-6387",
"fork": false,
"created_at": "2024-07-01T22:53:32Z",
"updated_at": "2024-07-01T23:05:28Z",
"pushed_at": "2024-07-01T23:05:26Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

55
README.md
View file

@ -874,6 +874,9 @@
- [passwa11/cve-2024-6387-poc](https://github.com/passwa11/cve-2024-6387-poc)
- [TrustResearcher/CVE-2024-6387-Updated-SSH-RCE](https://github.com/TrustResearcher/CVE-2024-6387-Updated-SSH-RCE)
- [jack0we/CVE-2024-6387](https://github.com/jack0we/CVE-2024-6387)
- [xaitax/CVE-2024-6387_Check](https://github.com/xaitax/CVE-2024-6387_Check)
- [bigb0x/CVE-2024-6387](https://github.com/bigb0x/CVE-2024-6387)
- [wiggels/regresshion-check](https://github.com/wiggels/regresshion-check)
### CVE-2024-12883
- [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883)
@ -2252,6 +2255,7 @@
- [YongYe-Security/CVE-2024-29269](https://github.com/YongYe-Security/CVE-2024-29269)
- [Chocapikk/CVE-2024-29269](https://github.com/Chocapikk/CVE-2024-29269)
- [Jhonsonwannaa/CVE-2024-29269](https://github.com/Jhonsonwannaa/CVE-2024-29269)
- [K3ysTr0K3R/CVE-2024-29269-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-29269-EXPLOIT)
### CVE-2024-29272 (2024-03-22)
@ -3053,16 +3057,32 @@
- [crumbledwall/CVE-2024-37759_PoC](https://github.com/crumbledwall/CVE-2024-37759_PoC)
### CVE-2024-37762
### CVE-2024-37762 (2024-07-01)
<code>MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution.
</code>
- [Atreb92/cve-2024-37762](https://github.com/Atreb92/cve-2024-37762)
### CVE-2024-37763
### CVE-2024-37763 (2024-07-01)
<code>MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results.
</code>
- [Atreb92/cve-2024-37763](https://github.com/Atreb92/cve-2024-37763)
### CVE-2024-37764
### CVE-2024-37764 (2024-07-01)
<code>MachForm up to version 19 is affected by an authenticated stored cross-site scripting.
</code>
- [Atreb92/cve-2024-37764](https://github.com/Atreb92/cve-2024-37764)
### CVE-2024-37765
### CVE-2024-37765 (2024-07-01)
<code>Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page.
</code>
- [Atreb92/cve-2024-37765](https://github.com/Atreb92/cve-2024-37765)
### CVE-2024-37791 (2024-06-18)
@ -3093,7 +3113,11 @@
- [uname-s/CVE-2024-37889](https://github.com/uname-s/CVE-2024-37889)
### CVE-2024-38366
### CVE-2024-38366 (2024-07-01)
<code>trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX. This lookup could be manipulated to also execute a command on the trunk server, effectively giving root access to the server and the infrastructure. This issue was patched server-side with commit 001cc3a430e75a16307f5fd6cdff1363ad2f40f3 in September 2023. This RCE triggered a full user-session reset, as an attacker could have used this method to write to any Podspec in trunk.
</code>
- [ReeFSpeK/CocoaPods-RCE](https://github.com/ReeFSpeK/CocoaPods-RCE)
### CVE-2024-38396 (2024-06-16)
@ -3106,7 +3130,11 @@
### CVE-2024-39248
- [jasonthename/CVE-2024-39248](https://github.com/jasonthename/CVE-2024-39248)
### CVE-2024-39249
### CVE-2024-39249 (2024-07-01)
<code>Async &lt;= 2.6.4 and &lt;= 3.2.5 are vulnerable to ReDoS (Regular Expression Denial of Service) while parsing function in autoinject function.
</code>
- [zunak/CVE-2024-39249](https://github.com/zunak/CVE-2024-39249)
### CVE-2024-65230
@ -30198,7 +30226,6 @@
</code>
- [StealYourCode/CVE-2019-1663](https://github.com/StealYourCode/CVE-2019-1663)
- [e180175/CVE-2019-1663-vuln](https://github.com/e180175/CVE-2019-1663-vuln)
- [abrumsen/CVE-2019-1663](https://github.com/abrumsen/CVE-2019-1663)
### CVE-2019-1759 (2019-03-27)
@ -43875,6 +43902,13 @@
- [Naramsim/Offensive](https://github.com/Naramsim/Offensive)
### CVE-2008-4109 (2008-09-17)
<code>A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service (connection slot exhaustion) via multiple login attempts. NOTE: this issue exists because of an incorrect fix for CVE-2006-5051.
</code>
- [bigb0x/CVE-2024-6387](https://github.com/bigb0x/CVE-2024-6387)
### CVE-2008-4250 (2008-10-23)
<code>The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka &quot;Server Service Vulnerability.&quot;
@ -44150,6 +44184,13 @@
- [tagatac/linux-CVE-2006-4814](https://github.com/tagatac/linux-CVE-2006-4814)
### CVE-2006-5051 (2006-09-27)
<code>Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
</code>
- [bigb0x/CVE-2024-6387](https://github.com/bigb0x/CVE-2024-6387)
### CVE-2006-6184 (2006-12-01)
<code>Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.