From 51cbee493490825faa69207ff82b521e89d3b709 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Tue, 28 Jul 2020 00:10:13 +0900 Subject: [PATCH] Auto Update 2020/07/28 00:10:13 --- 2014/CVE-2014-4210.json | 12 ++++++------ 2016/CVE-2016-0638.json | 12 ++++++------ 2016/CVE-2016-2098.json | 23 +++++++++++++++++++++++ 2017/CVE-2017-0785.json | 8 ++++---- 2017/CVE-2017-1000353.json | 4 ++-- 2017/CVE-2017-3248.json | 12 ++++++------ 2017/CVE-2017-6558.json | 4 ++-- 2017/CVE-2017-9506.json | 8 ++++---- 2017/CVE-2017-9841.json | 14 +++++++------- 2018/CVE-2018-0296.json | 4 ++-- 2018/CVE-2018-11714.json | 25 +++++++++++++++++++++++++ 2018/CVE-2018-2628.json | 12 ++++++------ 2019/CVE-2019-0708.json | 14 +++++++------- 2019/CVE-2019-10392.json | 8 ++++---- 2019/CVE-2019-11510.json | 23 +++++++++++++++++++++++ 2019/CVE-2019-16113.json | 4 ++-- 2019/CVE-2019-17558.json | 8 ++++---- 2019/CVE-2019-19781.json | 23 +++++++++++++++++++++++ 2019/CVE-2019-2618.json | 20 ++++++++++---------- 2019/CVE-2019-8781.json | 8 ++++---- 2020/CVE-2020-0609.json | 8 ++++---- 2020/CVE-2020-0796.json | 8 ++++---- 2020/CVE-2020-10204.json | 2 +- 2020/CVE-2020-1066.json | 8 ++++---- 2020/CVE-2020-11651.json | 8 ++++---- 2020/CVE-2020-11996.json | 25 +++++++++++++++++++++++++ 2020/CVE-2020-1350.json | 8 ++++---- 2020/CVE-2020-1362.json | 8 ++++---- 2020/CVE-2020-15778.json | 8 ++++---- 2020/CVE-2020-2551.json | 12 ++++++------ 2020/CVE-2020-5902.json | 8 ++++---- 2020/CVE-2020-8559.json | 12 ++++++------ README.md | 19 +++++++++++++++++++ 33 files changed, 259 insertions(+), 121 deletions(-) create mode 100644 2018/CVE-2018-11714.json create mode 100644 2020/CVE-2020-11996.json diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index b93c61e9e8..3323de9d40 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -36,13 +36,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-27T08:54:28Z", + "updated_at": "2020-07-27T14:38:50Z", "pushed_at": "2020-07-26T16:48:19Z", - "stargazers_count": 529, - "watchers_count": 529, - "forks_count": 128, - "forks": 128, - "watchers": 529, + "stargazers_count": 536, + "watchers_count": 536, + "forks_count": 129, + "forks": 129, + "watchers": 536, "score": 0 }, { diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index eabeadbbca..f0e779a472 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,13 +13,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-27T08:54:28Z", + "updated_at": "2020-07-27T14:38:50Z", "pushed_at": "2020-07-26T16:48:19Z", - "stargazers_count": 529, - "watchers_count": 529, - "forks_count": 128, - "forks": 128, - "watchers": 529, + "stargazers_count": 536, + "watchers_count": 536, + "forks_count": 129, + "forks": 129, + "watchers": 536, "score": 0 } ] \ No newline at end of file diff --git a/2016/CVE-2016-2098.json b/2016/CVE-2016-2098.json index 0cf7b0008d..ffbf690945 100644 --- a/2016/CVE-2016-2098.json +++ b/2016/CVE-2016-2098.json @@ -136,5 +136,28 @@ "forks": 0, "watchers": 0, "score": 0 + }, + { + "id": 282880213, + "name": "CVE-2016-2098-my-first-exploit", + "full_name": "danielhemmati\/CVE-2016-2098-my-first-exploit", + "owner": { + "login": "danielhemmati", + "id": 25554446, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25554446?v=4", + "html_url": "https:\/\/github.com\/danielhemmati" + }, + "html_url": "https:\/\/github.com\/danielhemmati\/CVE-2016-2098-my-first-exploit", + "description": "This exploit is remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data", + "fork": false, + "created_at": "2020-07-27T11:38:48Z", + "updated_at": "2020-07-27T11:42:13Z", + "pushed_at": "2020-07-27T11:42:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-0785.json b/2017/CVE-2017-0785.json index 64bb163abb..42d919b439 100644 --- a/2017/CVE-2017-0785.json +++ b/2017/CVE-2017-0785.json @@ -17,8 +17,8 @@ "pushed_at": "2017-09-23T05:11:45Z", "stargazers_count": 426, "watchers_count": 426, - "forks_count": 194, - "forks": 194, + "forks_count": 193, + "forks": 193, "watchers": 426, "score": 0 }, @@ -63,8 +63,8 @@ "pushed_at": "2017-09-22T22:23:52Z", "stargazers_count": 27, "watchers_count": 27, - "forks_count": 15, - "forks": 15, + "forks_count": 14, + "forks": 14, "watchers": 27, "score": 0 }, diff --git a/2017/CVE-2017-1000353.json b/2017/CVE-2017-1000353.json index e99809a3ea..9a9fc479c9 100644 --- a/2017/CVE-2017-1000353.json +++ b/2017/CVE-2017-1000353.json @@ -17,8 +17,8 @@ "pushed_at": "2020-06-11T00:16:40Z", "stargazers_count": 26, "watchers_count": 26, - "forks_count": 24, - "forks": 24, + "forks_count": 25, + "forks": 25, "watchers": 26, "score": 0 } diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 6361fe229d..23d069684e 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -36,13 +36,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-27T08:54:28Z", + "updated_at": "2020-07-27T14:38:50Z", "pushed_at": "2020-07-26T16:48:19Z", - "stargazers_count": 529, - "watchers_count": 529, - "forks_count": 128, - "forks": 128, - "watchers": 529, + "stargazers_count": 536, + "watchers_count": 536, + "forks_count": 129, + "forks": 129, + "watchers": 536, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-6558.json b/2017/CVE-2017-6558.json index 2c44c18884..f310020860 100644 --- a/2017/CVE-2017-6558.json +++ b/2017/CVE-2017-6558.json @@ -10,10 +10,10 @@ "html_url": "https:\/\/github.com\/GemGeorge" }, "html_url": "https:\/\/github.com\/GemGeorge\/iBall-UTStar-CVEChecker", - "description": "Check POCs for CVE-2017-6558, CVE-2017-14243 & CVE-2017-14244", + "description": "POC checks for CVE-2017-6558, CVE-2017-14243 & CVE-2017-14244", "fork": false, "created_at": "2017-10-03T09:16:57Z", - "updated_at": "2020-07-05T10:31:00Z", + "updated_at": "2020-07-27T11:44:57Z", "pushed_at": "2020-07-05T10:30:58Z", "stargazers_count": 4, "watchers_count": 4, diff --git a/2017/CVE-2017-9506.json b/2017/CVE-2017-9506.json index 611629b723..5a38f4f0fb 100644 --- a/2017/CVE-2017-9506.json +++ b/2017/CVE-2017-9506.json @@ -13,13 +13,13 @@ "description": "CVE-2017-9506 - SSRF", "fork": false, "created_at": "2018-04-25T11:25:18Z", - "updated_at": "2020-07-23T06:58:10Z", + "updated_at": "2020-07-27T11:23:26Z", "pushed_at": "2018-04-26T12:47:54Z", - "stargazers_count": 149, - "watchers_count": 149, + "stargazers_count": 150, + "watchers_count": 150, "forks_count": 39, "forks": 39, - "watchers": 149, + "watchers": 150, "score": 0 }, { diff --git a/2017/CVE-2017-9841.json b/2017/CVE-2017-9841.json index c5929ea714..d88dc98385 100644 --- a/2017/CVE-2017-9841.json +++ b/2017/CVE-2017-9841.json @@ -36,13 +36,13 @@ "description": "Tool to try multiple paths for PHPunit RCE CVE-2017-9841", "fork": false, "created_at": "2020-05-18T20:55:05Z", - "updated_at": "2020-06-18T06:52:57Z", - "pushed_at": "2020-05-19T09:24:38Z", - "stargazers_count": 10, - "watchers_count": 10, - "forks_count": 2, - "forks": 2, - "watchers": 10, + "updated_at": "2020-07-27T13:52:29Z", + "pushed_at": "2020-07-27T12:40:39Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 4, + "forks": 4, + "watchers": 12, "score": 0 }, { diff --git a/2018/CVE-2018-0296.json b/2018/CVE-2018-0296.json index 9a5ef02448..0d0eef4de7 100644 --- a/2018/CVE-2018-0296.json +++ b/2018/CVE-2018-0296.json @@ -40,8 +40,8 @@ "pushed_at": "2020-01-30T12:52:42Z", "stargazers_count": 175, "watchers_count": 175, - "forks_count": 62, - "forks": 62, + "forks_count": 63, + "forks": 63, "watchers": 175, "score": 0 }, diff --git a/2018/CVE-2018-11714.json b/2018/CVE-2018-11714.json new file mode 100644 index 0000000000..e47cf8c763 --- /dev/null +++ b/2018/CVE-2018-11714.json @@ -0,0 +1,25 @@ +[ + { + "id": 282909134, + "name": "cve-2018-11714", + "full_name": "pol4bear\/cve-2018-11714", + "owner": { + "login": "pol4bear", + "id": 17893401, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17893401?v=4", + "html_url": "https:\/\/github.com\/pol4bear" + }, + "html_url": "https:\/\/github.com\/pol4bear\/cve-2018-11714", + "description": null, + "fork": false, + "created_at": "2020-07-27T13:39:18Z", + "updated_at": "2020-07-27T15:05:03Z", + "pushed_at": "2020-07-27T15:05:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index 81ac180d53..e0e2a54b23 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -450,13 +450,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-27T08:54:28Z", + "updated_at": "2020-07-27T14:38:50Z", "pushed_at": "2020-07-26T16:48:19Z", - "stargazers_count": 529, - "watchers_count": 529, - "forks_count": 128, - "forks": 128, - "watchers": 529, + "stargazers_count": 536, + "watchers_count": 536, + "forks_count": 129, + "forks": 129, + "watchers": 536, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index cd84205b22..bddfe79e20 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -82,7 +82,7 @@ "description": "CVE-2019-0708-exploit", "fork": false, "created_at": "2019-05-15T02:24:21Z", - "updated_at": "2020-07-23T00:39:40Z", + "updated_at": "2020-07-27T12:38:01Z", "pushed_at": "2019-05-15T02:26:46Z", "stargazers_count": 113, "watchers_count": 113, @@ -2520,13 +2520,13 @@ "description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell", "fork": false, "created_at": "2020-01-21T02:22:29Z", - "updated_at": "2020-07-26T03:56:16Z", + "updated_at": "2020-07-27T14:15:44Z", "pushed_at": "2020-01-21T03:15:41Z", - "stargazers_count": 52, - "watchers_count": 52, - "forks_count": 18, - "forks": 18, - "watchers": 52, + "stargazers_count": 53, + "watchers_count": 53, + "forks_count": 19, + "forks": 19, + "watchers": 53, "score": 0 }, { diff --git a/2019/CVE-2019-10392.json b/2019/CVE-2019-10392.json index 6e4bf3d940..be5f4b01fb 100644 --- a/2019/CVE-2019-10392.json +++ b/2019/CVE-2019-10392.json @@ -13,13 +13,13 @@ "description": "CVE-2019-10392 RCE Jackson with Git Client Plugin 2.8.2 (Authenticated)", "fork": false, "created_at": "2019-09-26T05:45:00Z", - "updated_at": "2019-10-16T07:34:14Z", + "updated_at": "2020-07-27T09:15:18Z", "pushed_at": "2019-09-26T05:49:21Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 20, + "watchers_count": 20, "forks_count": 4, "forks": 4, - "watchers": 19, + "watchers": 20, "score": 0 }, { diff --git a/2019/CVE-2019-11510.json b/2019/CVE-2019-11510.json index e593b55e5e..c8c9092bce 100644 --- a/2019/CVE-2019-11510.json +++ b/2019/CVE-2019-11510.json @@ -228,5 +228,28 @@ "forks": 5, "watchers": 16, "score": 0 + }, + { + "id": 282932489, + "name": "pulse-exploit", + "full_name": "andripwn\/pulse-exploit", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn" + }, + "html_url": "https:\/\/github.com\/andripwn\/pulse-exploit", + "description": "Pulse Secure SSL VPN exploit (CVE-2019-11510) using hosts retrieved from Shodan API.", + "fork": false, + "created_at": "2020-07-27T15:06:08Z", + "updated_at": "2020-07-27T15:07:27Z", + "pushed_at": "2020-07-27T15:07:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-16113.json b/2019/CVE-2019-16113.json index 4b13afb8d7..0341950f77 100644 --- a/2019/CVE-2019-16113.json +++ b/2019/CVE-2019-16113.json @@ -128,8 +128,8 @@ "description": "PoC for CVE-2019-16113 which affects Bludit, a flat-file CMS.", "fork": false, "created_at": "2020-07-26T04:47:41Z", - "updated_at": "2020-07-27T06:19:48Z", - "pushed_at": "2020-07-27T02:59:50Z", + "updated_at": "2020-07-27T09:40:10Z", + "pushed_at": "2020-07-27T09:40:08Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index d297855cd7..f72645a4dd 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -36,13 +36,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-07-27T07:27:48Z", + "updated_at": "2020-07-27T09:42:05Z", "pushed_at": "2020-07-14T10:20:14Z", - "stargazers_count": 1356, - "watchers_count": 1356, + "stargazers_count": 1358, + "watchers_count": 1358, "forks_count": 344, "forks": 344, - "watchers": 1356, + "watchers": 1358, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-19781.json b/2019/CVE-2019-19781.json index b2b3dfa2e2..751103bef4 100644 --- a/2019/CVE-2019-19781.json +++ b/2019/CVE-2019-19781.json @@ -1056,5 +1056,28 @@ "forks": 2, "watchers": 3, "score": 0 + }, + { + "id": 282933539, + "name": "CVE-2019-19781", + "full_name": "andripwn\/CVE-2019-19781", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn" + }, + "html_url": "https:\/\/github.com\/andripwn\/CVE-2019-19781", + "description": "Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API.", + "fork": false, + "created_at": "2020-07-27T15:09:51Z", + "updated_at": "2020-07-27T15:09:56Z", + "pushed_at": "2020-07-27T15:09:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index b18a5c6087..cdce3197f5 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -82,13 +82,13 @@ "description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持", "fork": false, "created_at": "2019-06-21T09:22:43Z", - "updated_at": "2020-07-27T07:38:41Z", + "updated_at": "2020-07-27T12:11:58Z", "pushed_at": "2020-04-26T10:49:25Z", - "stargazers_count": 616, - "watchers_count": 616, + "stargazers_count": 617, + "watchers_count": 617, "forks_count": 132, "forks": 132, - "watchers": 616, + "watchers": 617, "score": 0 }, { @@ -151,13 +151,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-27T08:54:28Z", + "updated_at": "2020-07-27T14:38:50Z", "pushed_at": "2020-07-26T16:48:19Z", - "stargazers_count": 529, - "watchers_count": 529, - "forks_count": 128, - "forks": 128, - "watchers": 529, + "stargazers_count": 536, + "watchers_count": 536, + "forks_count": 129, + "forks": 129, + "watchers": 536, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-8781.json b/2019/CVE-2019-8781.json index 6c76094a56..d4c95c3ba8 100644 --- a/2019/CVE-2019-8781.json +++ b/2019/CVE-2019-8781.json @@ -13,13 +13,13 @@ "description": "macOS Kernel Exploit for CVE-2019-8781. Credit for the bug goes to @LinusHenze :).", "fork": false, "created_at": "2019-09-17T17:59:26Z", - "updated_at": "2020-07-18T18:14:46Z", + "updated_at": "2020-07-27T12:55:46Z", "pushed_at": "2019-10-15T17:05:38Z", - "stargazers_count": 272, - "watchers_count": 272, + "stargazers_count": 273, + "watchers_count": 273, "forks_count": 46, "forks": 46, - "watchers": 272, + "watchers": 273, "score": 0 }, { diff --git a/2020/CVE-2020-0609.json b/2020/CVE-2020-0609.json index 0c1ab67465..9285c1a8b3 100644 --- a/2020/CVE-2020-0609.json +++ b/2020/CVE-2020-0609.json @@ -59,13 +59,13 @@ "description": "A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.", "fork": false, "created_at": "2020-01-24T03:52:49Z", - "updated_at": "2020-06-01T20:12:51Z", + "updated_at": "2020-07-27T13:22:16Z", "pushed_at": "2020-01-26T21:04:27Z", - "stargazers_count": 66, - "watchers_count": 66, + "stargazers_count": 65, + "watchers_count": 65, "forks_count": 29, "forks": 29, - "watchers": 66, + "watchers": 65, "score": 0 }, { diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index dd002c13a7..06431ce318 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -1393,13 +1393,13 @@ "description": "SMBGhost (CVE-2020-0796) Automate Exploitation and Detection", "fork": false, "created_at": "2020-06-10T16:44:39Z", - "updated_at": "2020-07-25T18:11:28Z", + "updated_at": "2020-07-27T11:28:15Z", "pushed_at": "2020-07-08T08:26:24Z", - "stargazers_count": 50, - "watchers_count": 50, + "stargazers_count": 51, + "watchers_count": 51, "forks_count": 23, "forks": 23, - "watchers": 50, + "watchers": 51, "score": 0 }, { diff --git a/2020/CVE-2020-10204.json b/2020/CVE-2020-10204.json index 105cadb69a..43d42605f2 100644 --- a/2020/CVE-2020-10204.json +++ b/2020/CVE-2020-10204.json @@ -36,7 +36,7 @@ "description": "CVE-2020-10204 远程命令执行脚本", "fork": false, "created_at": "2020-05-27T06:55:54Z", - "updated_at": "2020-06-29T01:34:04Z", + "updated_at": "2020-07-27T13:41:52Z", "pushed_at": "2020-05-27T07:10:19Z", "stargazers_count": 6, "watchers_count": 6, diff --git a/2020/CVE-2020-1066.json b/2020/CVE-2020-1066.json index 2201a72678..57e81ad63f 100644 --- a/2020/CVE-2020-1066.json +++ b/2020/CVE-2020-1066.json @@ -13,13 +13,13 @@ "description": "CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统", "fork": false, "created_at": "2020-06-01T04:44:05Z", - "updated_at": "2020-07-26T04:04:54Z", + "updated_at": "2020-07-27T14:15:38Z", "pushed_at": "2020-06-17T00:56:08Z", - "stargazers_count": 129, - "watchers_count": 129, + "stargazers_count": 130, + "watchers_count": 130, "forks_count": 34, "forks": 34, - "watchers": 129, + "watchers": 130, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-11651.json b/2020/CVE-2020-11651.json index 4594bfe0e0..3bc60c4715 100644 --- a/2020/CVE-2020-11651.json +++ b/2020/CVE-2020-11651.json @@ -174,13 +174,13 @@ "description": "PoC for CVE-2020-11651", "fork": false, "created_at": "2020-05-04T20:34:04Z", - "updated_at": "2020-06-10T00:41:14Z", + "updated_at": "2020-07-27T13:42:19Z", "pushed_at": "2020-05-04T20:39:49Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "forks_count": 3, "forks": 3, - "watchers": 4, + "watchers": 5, "score": 0 }, { diff --git a/2020/CVE-2020-11996.json b/2020/CVE-2020-11996.json new file mode 100644 index 0000000000..f842060fe6 --- /dev/null +++ b/2020/CVE-2020-11996.json @@ -0,0 +1,25 @@ +[ + { + "id": 282904807, + "name": "tomcat-embed-core-9.0.31-CVE-2020-11996", + "full_name": "rusakovichma\/tomcat-embed-core-9.0.31-CVE-2020-11996", + "owner": { + "login": "rusakovichma", + "id": 4024331, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4024331?v=4", + "html_url": "https:\/\/github.com\/rusakovichma" + }, + "html_url": "https:\/\/github.com\/rusakovichma\/tomcat-embed-core-9.0.31-CVE-2020-11996", + "description": "tomcat-embed-core-9.0.31 CVE-2020-11996 Test PoC", + "fork": false, + "created_at": "2020-07-27T13:22:21Z", + "updated_at": "2020-07-27T14:05:25Z", + "pushed_at": "2020-07-27T14:05:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json index f6675c00fd..ab625c37a0 100644 --- a/2020/CVE-2020-1350.json +++ b/2020/CVE-2020-1350.json @@ -220,13 +220,13 @@ "description": "Denial of Service PoC for CVE-2020-1350 (SIGRed)", "fork": false, "created_at": "2020-07-16T16:46:48Z", - "updated_at": "2020-07-21T17:41:33Z", + "updated_at": "2020-07-27T11:15:50Z", "pushed_at": "2020-07-16T18:32:04Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "forks_count": 1, "forks": 1, - "watchers": 7, + "watchers": 8, "score": 0 }, { diff --git a/2020/CVE-2020-1362.json b/2020/CVE-2020-1362.json index 89333ea6fe..ea6652a754 100644 --- a/2020/CVE-2020-1362.json +++ b/2020/CVE-2020-1362.json @@ -13,13 +13,13 @@ "description": "writeup of CVE-2020-1362", "fork": false, "created_at": "2020-07-17T07:35:05Z", - "updated_at": "2020-07-27T05:20:44Z", + "updated_at": "2020-07-27T15:03:25Z", "pushed_at": "2020-07-17T07:54:26Z", - "stargazers_count": 175, - "watchers_count": 175, + "stargazers_count": 179, + "watchers_count": 179, "forks_count": 33, "forks": 33, - "watchers": 175, + "watchers": 179, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-15778.json b/2020/CVE-2020-15778.json index 76390da8c0..d406999832 100644 --- a/2020/CVE-2020-15778.json +++ b/2020/CVE-2020-15778.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-07-18T05:15:05Z", - "updated_at": "2020-07-27T07:13:31Z", + "updated_at": "2020-07-27T14:45:48Z", "pushed_at": "2020-07-18T11:52:31Z", - "stargazers_count": 20, - "watchers_count": 20, + "stargazers_count": 22, + "watchers_count": 22, "forks_count": 1, "forks": 1, - "watchers": 20, + "watchers": 22, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 8bcc160ec7..b83ed78560 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,13 +13,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-27T08:54:28Z", + "updated_at": "2020-07-27T14:38:50Z", "pushed_at": "2020-07-26T16:48:19Z", - "stargazers_count": 529, - "watchers_count": 529, - "forks_count": 128, - "forks": 128, - "watchers": 529, + "stargazers_count": 536, + "watchers_count": 536, + "forks_count": 129, + "forks": 129, + "watchers": 536, "score": 0 }, { diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index d8c909da2d..ad5c8cd11d 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -13,13 +13,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-07-27T07:27:48Z", + "updated_at": "2020-07-27T09:42:05Z", "pushed_at": "2020-07-14T10:20:14Z", - "stargazers_count": 1356, - "watchers_count": 1356, + "stargazers_count": 1358, + "watchers_count": 1358, "forks_count": 344, "forks": 344, - "watchers": 1356, + "watchers": 1358, "score": 0 }, { diff --git a/2020/CVE-2020-8559.json b/2020/CVE-2020-8559.json index ef9bb0ede1..c019b59a2e 100644 --- a/2020/CVE-2020-8559.json +++ b/2020/CVE-2020-8559.json @@ -36,13 +36,13 @@ "description": "This is a PoC exploit for CVE-2020-8559 Kubernetes Vulnerability ", "fork": false, "created_at": "2020-07-22T08:36:41Z", - "updated_at": "2020-07-27T07:57:45Z", + "updated_at": "2020-07-27T13:23:38Z", "pushed_at": "2020-07-23T12:55:28Z", - "stargazers_count": 29, - "watchers_count": 29, - "forks_count": 5, - "forks": 5, - "watchers": 29, + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 6, + "forks": 6, + "watchers": 30, "score": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index 035cef3a7b..b06f744f35 100644 --- a/README.md +++ b/README.md @@ -1460,6 +1460,14 @@ It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS - [ProjectorBUg/CVE-2020-11932](https://github.com/ProjectorBUg/CVE-2020-11932) - [Staubgeborener/CVE-2020-11932](https://github.com/Staubgeborener/CVE-2020-11932) +### CVE-2020-11996 + + +A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. + + +- [rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996](https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996) + ### CVE-2020-12078 @@ -3492,6 +3500,7 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7 - [BishopFox/pwn-pulse](https://github.com/BishopFox/pwn-pulse) - [aqhmal/pulsexploit](https://github.com/aqhmal/pulsexploit) - [cisagov/check-your-pulse](https://github.com/cisagov/check-your-pulse) +- [andripwn/pulse-exploit](https://github.com/andripwn/pulse-exploit) ### CVE-2019-11523 @@ -4999,6 +5008,7 @@ An issue was discovered in Citrix Application Delivery Controller (ADC) and Gate - [SharpHack/CVE-2019-19781](https://github.com/SharpHack/CVE-2019-19781) - [qiong-qi/CVE-2019-19781-poc](https://github.com/qiong-qi/CVE-2019-19781-poc) - [w4fz5uck5/CVE-2019-19781-CitrixRCE](https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE) +- [andripwn/CVE-2019-19781](https://github.com/andripwn/CVE-2019-19781) ### CVE-2019-19844 @@ -6895,6 +6905,14 @@ The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote c - [mpgn/CVE-2018-11686](https://github.com/mpgn/CVE-2018-11686) +### CVE-2018-11714 + + +An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action. + + +- [pol4bear/cve-2018-11714](https://github.com/pol4bear/cve-2018-11714) + ### CVE-2018-11759 @@ -10724,6 +10742,7 @@ Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x bef - [0x00-0x00/CVE-2016-2098](https://github.com/0x00-0x00/CVE-2016-2098) - [its-arun/CVE-2016-2098](https://github.com/its-arun/CVE-2016-2098) - [3rg1s/CVE-2016-2098](https://github.com/3rg1s/CVE-2016-2098) +- [danielhemmati/CVE-2016-2098-my-first-exploit](https://github.com/danielhemmati/CVE-2016-2098-my-first-exploit) ### CVE-2016-2107