From 5290f6fb256921ab58c7a92928fe0399d47441be Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sun, 14 Feb 2021 12:09:04 +0900 Subject: [PATCH] Auto Update 2021/02/14 12:09:04 --- 2017/CVE-2017-7269.json | 4 +- 2018/CVE-2018-0101.json | 48 + 2018/CVE-2018-0296.json | 46 + 2018/CVE-2018-0802.json | 92 ++ 2018/CVE-2018-0824.json | 25 + 2018/CVE-2018-0952.json | 25 + 2018/CVE-2018-1000001.json | 25 + 2018/CVE-2018-1000006.json | 25 + 2018/CVE-2018-1000117.json | 25 + 2018/CVE-2018-1000134.json | 25 + 2018/CVE-2018-1000199.json | 25 + 2018/CVE-2018-1000529.json | 25 + 2018/CVE-2018-1000802.json | 25 + 2018/CVE-2018-1010.json | 25 + 2018/CVE-2018-1026.json | 25 + 2018/CVE-2018-10299.json | 25 + 2018/CVE-2018-10467.json | 25 + 2018/CVE-2018-10517.json | 25 + 2018/CVE-2018-10546.json | 25 + 2018/CVE-2018-1056.json | 25 + 2018/CVE-2018-10562.json | 117 +++ 2018/CVE-2018-10583.json | 25 + 2018/CVE-2018-10715.json | 25 + 2018/CVE-2018-10732.json | 25 + 2018/CVE-2018-10821.json | 25 + 2018/CVE-2018-10933.json | 506 +++++++++++ 2018/CVE-2018-10936.json | 25 + 2018/CVE-2018-10949.json | 25 + 2018/CVE-2018-1111.json | 46 + 2018/CVE-2018-11235.json | 138 +++ 2018/CVE-2018-11236.json | 23 + 2018/CVE-2018-11311.json | 25 + 2018/CVE-2018-11450.json | 25 + 2018/CVE-2018-11510.json | 25 + 2018/CVE-2018-11517.json | 25 + 2018/CVE-2018-11631.json | 25 + 2018/CVE-2018-11759.json | 23 + 2018/CVE-2018-11776.json | 253 ++++++ 2018/CVE-2018-12018.json | 25 + 2018/CVE-2018-12031.json | 25 + 2018/CVE-2018-12038.json | 25 + 2018/CVE-2018-12418.json | 25 + 2018/CVE-2018-12463.json | 25 + 2018/CVE-2018-12537.json | 25 + 2018/CVE-2018-12540.json | 25 + 2018/CVE-2018-1259.json | 25 + 2018/CVE-2018-12596.json | 25 + 2018/CVE-2018-12597.json | 25 + 2018/CVE-2018-12598.json | 25 + 2018/CVE-2018-12613.json | 23 + 2018/CVE-2018-1270.json | 69 ++ 2018/CVE-2018-1273.json | 69 ++ 2018/CVE-2018-12895.json | 25 + 2018/CVE-2018-1304.json | 48 + 2018/CVE-2018-1305.json | 25 + 2018/CVE-2018-1313.json | 25 + 2018/CVE-2018-1324.json | 25 + 2018/CVE-2018-13784.json | 25 + 2018/CVE-2018-13864.json | 25 + 2018/CVE-2018-14.json | 25 + 2018/CVE-2018-14083.json | 25 + 2018/CVE-2018-14634.json | 25 + 2018/CVE-2018-14665.json | 23 + 2018/CVE-2018-14667.json | 92 ++ 2018/CVE-2018-14772.json | 25 + 2018/CVE-2018-14847.json | 46 + 2018/CVE-2018-15131.json | 25 + 2018/CVE-2018-15133.json | 23 + 2018/CVE-2018-15365.json | 25 + 2018/CVE-2018-15473.json | 69 ++ 2018/CVE-2018-15499.json | 25 + 2018/CVE-2018-15727.json | 25 + 2018/CVE-2018-15832.json | 25 + 2018/CVE-2018-15912.json | 25 + 2018/CVE-2018-15961.json | 23 + 2018/CVE-2018-15982.json | 46 + 2018/CVE-2018-16156.json | 25 + 2018/CVE-2018-16370.json | 25 + 2018/CVE-2018-16373.json | 25 + 2018/CVE-2018-16509.json | 23 + 2018/CVE-2018-16711.json | 25 + 2018/CVE-2018-16712.json | 25 + 2018/CVE-2018-16713.json | 25 + 2018/CVE-2018-16987.json | 25 + 2018/CVE-2018-17144.json | 48 + 2018/CVE-2018-17182.json | 71 ++ 2018/CVE-2018-17418.json | 25 + 2018/CVE-2018-17456.json | 46 + 2018/CVE-2018-17961.json | 25 + 2018/CVE-2018-18026.json | 25 + 2018/CVE-2018-18387.json | 25 + 2018/CVE-2018-18714.json | 25 + 2018/CVE-2018-19126.json | 25 + 2018/CVE-2018-19127.json | 25 + 2018/CVE-2018-19131.json | 25 + 2018/CVE-2018-19207.json | 23 + 2018/CVE-2018-19537.json | 25 + 2018/CVE-2018-19788.json | 46 + 2018/CVE-2018-19911.json | 25 + 2018/CVE-2018-2380.json | 25 + 2018/CVE-2018-2628.json | 391 +++++++++ 2018/CVE-2018-2636.json | 48 + 2018/CVE-2018-2844.json | 25 + 2018/CVE-2018-2879.json | 23 + 2018/CVE-2018-2893.json | 138 +++ 2018/CVE-2018-2894.json | 46 + 2018/CVE-2018-3191.json | 117 +++ 2018/CVE-2018-3245.json | 46 + 2018/CVE-2018-3252.json | 71 ++ 2018/CVE-2018-3608.json | 25 + 2018/CVE-2018-3639.json | 46 + 2018/CVE-2018-3810.json | 23 + 2018/CVE-2018-4013.json | 48 + 2018/CVE-2018-4087.json | 46 + 2018/CVE-2018-4110.json | 25 + 2018/CVE-2018-4121.json | 71 ++ 2018/CVE-2018-4150.json | 71 ++ 2018/CVE-2018-4185.json | 25 + 2018/CVE-2018-4233.json | 25 + 2018/CVE-2018-4241.json | 25 + 2018/CVE-2018-4242.json | 25 + 2018/CVE-2018-4243.json | 25 + 2018/CVE-2018-4248.json | 25 + 2018/CVE-2018-4280.json | 48 + 2018/CVE-2018-4327.json | 48 + 2018/CVE-2018-4330.json | 25 + 2018/CVE-2018-4331.json | 25 + 2018/CVE-2018-4343.json | 25 + 2018/CVE-2018-4407.json | 207 +++++ 2018/CVE-2018-4415.json | 25 + 2018/CVE-2018-4878.json | 184 ++++ 2018/CVE-2018-4879.json | 25 + 2018/CVE-2018-4901.json | 25 + 2018/CVE-2018-5234.json | 25 + 2018/CVE-2018-5711.json | 48 + 2018/CVE-2018-5740.json | 25 + 2018/CVE-2018-5951.json | 25 + 2018/CVE-2018-5955.json | 23 + 2018/CVE-2018-6242.json | 46 + 2018/CVE-2018-6376.json | 25 + 2018/CVE-2018-6389.json | 345 ++++++++ 2018/CVE-2018-6396.json | 25 + 2018/CVE-2018-6407.json | 25 + 2018/CVE-2018-6479.json | 25 + 2018/CVE-2018-6518.json | 25 + 2018/CVE-2018-6546.json | 48 + 2018/CVE-2018-6574.json | 161 ++++ 2018/CVE-2018-6643.json | 25 + 2018/CVE-2018-6789.json | 23 + 2018/CVE-2018-6791.json | 25 + 2018/CVE-2018-6890.json | 25 + 2018/CVE-2018-6892.json | 46 + 2018/CVE-2018-6905.json | 25 + 2018/CVE-2018-7171.json | 25 + 2018/CVE-2018-7197.json | 25 + 2018/CVE-2018-7211.json | 25 + 2018/CVE-2018-7249.json | 25 + 2018/CVE-2018-7250.json | 25 + 2018/CVE-2018-7422.json | 25 + 2018/CVE-2018-7489.json | 25 + 2018/CVE-2018-7600.json | 368 ++++++++ 2018/CVE-2018-7602.json | 46 + 2018/CVE-2018-7747.json | 25 + 2018/CVE-2018-7750.json | 25 + 2018/CVE-2018-8021.json | 25 + 2018/CVE-2018-8038.json | 25 + 2018/CVE-2018-8039.json | 25 + 2018/CVE-2018-8060.json | 25 + 2018/CVE-2018-8065.json | 25 + 2018/CVE-2018-8078.json | 25 + 2018/CVE-2018-8090.json | 25 + 2018/CVE-2018-8108.json | 25 + 2018/CVE-2018-8120.json | 161 ++++ 2018/CVE-2018-8172.json | 25 + 2018/CVE-2018-8174.json | 138 +++ 2018/CVE-2018-8208.json | 25 + 2018/CVE-2018-8214.json | 25 + 2018/CVE-2018-8353.json | 25 + 2018/CVE-2018-8420.json | 25 + 2018/CVE-2018-8440.json | 25 + 2018/CVE-2018-8495.json | 25 + 2018/CVE-2018-8733.json | 25 + 2018/CVE-2018-8820.json | 25 + 2018/CVE-2018-8897.json | 94 ++ 2018/CVE-2018-8941.json | 25 + 2018/CVE-2018-8970.json | 25 + 2018/CVE-2018-9059.json | 25 + 2018/CVE-2018-9075.json | 25 + 2018/CVE-2018-9160.json | 25 + 2018/CVE-2018-9206.json | 46 + 2018/CVE-2018-9411.json | 25 + 2018/CVE-2018-9539.json | 25 + 2018/CVE-2018-9948.json | 48 + 2018/CVE-2018-9958.json | 25 + 2018/CVE-2018-9995.json | 115 +++ 2019/CVE-2019-11043.json | 8 +- 2019/CVE-2019-2618.json | 8 +- 2020/CVE-2020-0069.json | 69 -- 2020/CVE-2020-0551.json | 25 - 2020/CVE-2020-0601.json | 138 --- 2020/CVE-2020-0618.json | 25 - 2020/CVE-2020-0668.json | 46 - 2020/CVE-2020-0688.json | 184 ---- 2020/CVE-2020-0753.json | 23 - 2020/CVE-2020-0796.json | 736 ---------------- 2020/CVE-2020-0797.json | 25 - 2020/CVE-2020-0799.json | 25 - 2020/CVE-2020-0801.json | 25 - 2020/CVE-2020-10560.json | 48 - 2020/CVE-2020-10673.json | 23 - 2020/CVE-2020-1938.json | 414 --------- 2020/CVE-2020-1947.json | 92 -- 2020/CVE-2020-2555.json | 69 -- 2020/CVE-2020-36109.json | 4 +- 2020/CVE-2020-3952.json | 8 +- 2020/CVE-2020-5250.json | 25 - 2020/CVE-2020-5254.json | 25 - 2020/CVE-2020-5267.json | 25 - 2020/CVE-2020-6418.json | 23 - 2020/CVE-2020-6650.json | 25 - 2020/CVE-2020-7246.json | 25 - 2020/CVE-2020-7247.json | 23 - 2020/CVE-2020-7471.json | 23 - 2020/CVE-2020-7799.json | 25 - 2020/CVE-2020-7931.json | 25 - 2020/CVE-2020-8012.json | 25 - 2020/CVE-2020-8165.json | 8 +- 2020/CVE-2020-8515.json | 25 - 2020/CVE-2020-8597.json | 46 - 2020/CVE-2020-8809.json | 25 - 2020/CVE-2020-8813.json | 25 - 2020/CVE-2020-8825.json | 25 - 2020/CVE-2020-8840.json | 69 -- 2020/CVE-2020-9038.json | 25 - 2020/CVE-2020-9375.json | 25 - 2020/CVE-2020-9380.json | 25 - 2020/CVE-2020-9442.json | 25 - 2020/CVE-2020-9547.json | 25 - 2020/CVE-2020-9548.json | 25 - 2020/CVE-2020-9758.json | 25 - 2020/CVE-2020-9768.json | 25 - 2020/CVE-2020-9781.json | 25 - 2021/CVE-2021-26121.json | 8 +- 2021/CVE-2021-3156.json | 16 +- README.md | 1694 +++++++++++++++++++++++++++++------- 245 files changed, 10256 insertions(+), 3011 deletions(-) create mode 100644 2018/CVE-2018-0101.json create mode 100644 2018/CVE-2018-0824.json create mode 100644 2018/CVE-2018-0952.json create mode 100644 2018/CVE-2018-1000001.json create mode 100644 2018/CVE-2018-1000006.json create mode 100644 2018/CVE-2018-1000117.json create mode 100644 2018/CVE-2018-1000134.json create mode 100644 2018/CVE-2018-1000199.json create mode 100644 2018/CVE-2018-1000529.json create mode 100644 2018/CVE-2018-1000802.json create mode 100644 2018/CVE-2018-1010.json create mode 100644 2018/CVE-2018-1026.json create mode 100644 2018/CVE-2018-10299.json create mode 100644 2018/CVE-2018-10467.json create mode 100644 2018/CVE-2018-10517.json create mode 100644 2018/CVE-2018-10546.json create mode 100644 2018/CVE-2018-1056.json create mode 100644 2018/CVE-2018-10562.json create mode 100644 2018/CVE-2018-10583.json create mode 100644 2018/CVE-2018-10715.json create mode 100644 2018/CVE-2018-10732.json create mode 100644 2018/CVE-2018-10821.json create mode 100644 2018/CVE-2018-10936.json create mode 100644 2018/CVE-2018-10949.json create mode 100644 2018/CVE-2018-11311.json create mode 100644 2018/CVE-2018-11450.json create mode 100644 2018/CVE-2018-11510.json create mode 100644 2018/CVE-2018-11517.json create mode 100644 2018/CVE-2018-11631.json create mode 100644 2018/CVE-2018-12018.json create mode 100644 2018/CVE-2018-12031.json create mode 100644 2018/CVE-2018-12038.json create mode 100644 2018/CVE-2018-12418.json create mode 100644 2018/CVE-2018-12463.json create mode 100644 2018/CVE-2018-12537.json create mode 100644 2018/CVE-2018-12540.json create mode 100644 2018/CVE-2018-1259.json create mode 100644 2018/CVE-2018-12596.json create mode 100644 2018/CVE-2018-12597.json create mode 100644 2018/CVE-2018-12598.json create mode 100644 2018/CVE-2018-12895.json create mode 100644 2018/CVE-2018-1304.json create mode 100644 2018/CVE-2018-1305.json create mode 100644 2018/CVE-2018-1313.json create mode 100644 2018/CVE-2018-1324.json create mode 100644 2018/CVE-2018-13784.json create mode 100644 2018/CVE-2018-13864.json create mode 100644 2018/CVE-2018-14.json create mode 100644 2018/CVE-2018-14083.json create mode 100644 2018/CVE-2018-14634.json create mode 100644 2018/CVE-2018-14772.json create mode 100644 2018/CVE-2018-15131.json create mode 100644 2018/CVE-2018-15365.json create mode 100644 2018/CVE-2018-15499.json create mode 100644 2018/CVE-2018-15727.json create mode 100644 2018/CVE-2018-15832.json create mode 100644 2018/CVE-2018-15912.json create mode 100644 2018/CVE-2018-16156.json create mode 100644 2018/CVE-2018-16370.json create mode 100644 2018/CVE-2018-16373.json create mode 100644 2018/CVE-2018-16711.json create mode 100644 2018/CVE-2018-16712.json create mode 100644 2018/CVE-2018-16713.json create mode 100644 2018/CVE-2018-16987.json create mode 100644 2018/CVE-2018-17144.json create mode 100644 2018/CVE-2018-17182.json create mode 100644 2018/CVE-2018-17418.json create mode 100644 2018/CVE-2018-17961.json create mode 100644 2018/CVE-2018-18026.json create mode 100644 2018/CVE-2018-18387.json create mode 100644 2018/CVE-2018-18714.json create mode 100644 2018/CVE-2018-19126.json create mode 100644 2018/CVE-2018-19127.json create mode 100644 2018/CVE-2018-19131.json create mode 100644 2018/CVE-2018-19537.json create mode 100644 2018/CVE-2018-19911.json create mode 100644 2018/CVE-2018-2380.json create mode 100644 2018/CVE-2018-2636.json create mode 100644 2018/CVE-2018-2844.json create mode 100644 2018/CVE-2018-3191.json create mode 100644 2018/CVE-2018-3252.json create mode 100644 2018/CVE-2018-3608.json create mode 100644 2018/CVE-2018-4013.json create mode 100644 2018/CVE-2018-4110.json create mode 100644 2018/CVE-2018-4121.json create mode 100644 2018/CVE-2018-4150.json create mode 100644 2018/CVE-2018-4185.json create mode 100644 2018/CVE-2018-4233.json create mode 100644 2018/CVE-2018-4241.json create mode 100644 2018/CVE-2018-4242.json create mode 100644 2018/CVE-2018-4243.json create mode 100644 2018/CVE-2018-4248.json create mode 100644 2018/CVE-2018-4280.json create mode 100644 2018/CVE-2018-4327.json create mode 100644 2018/CVE-2018-4330.json create mode 100644 2018/CVE-2018-4331.json create mode 100644 2018/CVE-2018-4343.json create mode 100644 2018/CVE-2018-4415.json create mode 100644 2018/CVE-2018-4879.json create mode 100644 2018/CVE-2018-4901.json create mode 100644 2018/CVE-2018-5234.json create mode 100644 2018/CVE-2018-5711.json create mode 100644 2018/CVE-2018-5740.json create mode 100644 2018/CVE-2018-5951.json create mode 100644 2018/CVE-2018-6376.json create mode 100644 2018/CVE-2018-6396.json create mode 100644 2018/CVE-2018-6407.json create mode 100644 2018/CVE-2018-6479.json create mode 100644 2018/CVE-2018-6518.json create mode 100644 2018/CVE-2018-6546.json create mode 100644 2018/CVE-2018-6643.json create mode 100644 2018/CVE-2018-6791.json create mode 100644 2018/CVE-2018-6890.json create mode 100644 2018/CVE-2018-6905.json create mode 100644 2018/CVE-2018-7171.json create mode 100644 2018/CVE-2018-7197.json create mode 100644 2018/CVE-2018-7211.json create mode 100644 2018/CVE-2018-7249.json create mode 100644 2018/CVE-2018-7250.json create mode 100644 2018/CVE-2018-7422.json create mode 100644 2018/CVE-2018-7489.json create mode 100644 2018/CVE-2018-7747.json create mode 100644 2018/CVE-2018-7750.json create mode 100644 2018/CVE-2018-8021.json create mode 100644 2018/CVE-2018-8038.json create mode 100644 2018/CVE-2018-8039.json create mode 100644 2018/CVE-2018-8060.json create mode 100644 2018/CVE-2018-8065.json create mode 100644 2018/CVE-2018-8078.json create mode 100644 2018/CVE-2018-8090.json create mode 100644 2018/CVE-2018-8108.json create mode 100644 2018/CVE-2018-8172.json create mode 100644 2018/CVE-2018-8208.json create mode 100644 2018/CVE-2018-8214.json create mode 100644 2018/CVE-2018-8353.json create mode 100644 2018/CVE-2018-8420.json create mode 100644 2018/CVE-2018-8440.json create mode 100644 2018/CVE-2018-8495.json create mode 100644 2018/CVE-2018-8733.json create mode 100644 2018/CVE-2018-8820.json create mode 100644 2018/CVE-2018-8897.json create mode 100644 2018/CVE-2018-8941.json create mode 100644 2018/CVE-2018-8970.json create mode 100644 2018/CVE-2018-9059.json create mode 100644 2018/CVE-2018-9075.json create mode 100644 2018/CVE-2018-9160.json create mode 100644 2018/CVE-2018-9411.json create mode 100644 2018/CVE-2018-9539.json create mode 100644 2018/CVE-2018-9948.json create mode 100644 2018/CVE-2018-9958.json delete mode 100644 2020/CVE-2020-0551.json delete mode 100644 2020/CVE-2020-0618.json delete mode 100644 2020/CVE-2020-0797.json delete mode 100644 2020/CVE-2020-0799.json delete mode 100644 2020/CVE-2020-0801.json delete mode 100644 2020/CVE-2020-10560.json delete mode 100644 2020/CVE-2020-5250.json delete mode 100644 2020/CVE-2020-5254.json delete mode 100644 2020/CVE-2020-5267.json delete mode 100644 2020/CVE-2020-6650.json delete mode 100644 2020/CVE-2020-7246.json delete mode 100644 2020/CVE-2020-7799.json delete mode 100644 2020/CVE-2020-7931.json delete mode 100644 2020/CVE-2020-8012.json delete mode 100644 2020/CVE-2020-8515.json delete mode 100644 2020/CVE-2020-8809.json delete mode 100644 2020/CVE-2020-8813.json delete mode 100644 2020/CVE-2020-8825.json delete mode 100644 2020/CVE-2020-9038.json delete mode 100644 2020/CVE-2020-9375.json delete mode 100644 2020/CVE-2020-9380.json delete mode 100644 2020/CVE-2020-9442.json delete mode 100644 2020/CVE-2020-9547.json delete mode 100644 2020/CVE-2020-9548.json delete mode 100644 2020/CVE-2020-9758.json delete mode 100644 2020/CVE-2020-9768.json delete mode 100644 2020/CVE-2020-9781.json diff --git a/2017/CVE-2017-7269.json b/2017/CVE-2017-7269.json index d009a650b4..cb7a9174d3 100644 --- a/2017/CVE-2017-7269.json +++ b/2017/CVE-2017-7269.json @@ -178,8 +178,8 @@ "pushed_at": "2017-04-05T23:29:03Z", "stargazers_count": 32, "watchers_count": 32, - "forks_count": 31, - "forks": 31, + "forks_count": 32, + "forks": 32, "watchers": 32, "score": 0 }, diff --git a/2018/CVE-2018-0101.json b/2018/CVE-2018-0101.json new file mode 100644 index 0000000000..ab3dc34da6 --- /dev/null +++ b/2018/CVE-2018-0101.json @@ -0,0 +1,48 @@ +[ + { + "id": 120640426, + "name": "CVE-2018-0101-DOS-POC", + "full_name": "1337g\/CVE-2018-0101-DOS-POC", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2018-0101-DOS-POC", + "description": null, + "fork": false, + "created_at": "2018-02-07T16:25:59Z", + "updated_at": "2020-04-06T12:17:46Z", + "pushed_at": "2018-02-07T16:43:08Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 6, + "forks": 6, + "watchers": 14, + "score": 0 + }, + { + "id": 120782386, + "name": "ciscoasa_honeypot", + "full_name": "Cymmetria\/ciscoasa_honeypot", + "owner": { + "login": "Cymmetria", + "id": 19413345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19413345?v=4", + "html_url": "https:\/\/github.com\/Cymmetria" + }, + "html_url": "https:\/\/github.com\/Cymmetria\/ciscoasa_honeypot", + "description": "A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.", + "fork": false, + "created_at": "2018-02-08T15:52:50Z", + "updated_at": "2021-02-03T21:07:47Z", + "pushed_at": "2018-11-23T11:47:10Z", + "stargazers_count": 36, + "watchers_count": 36, + "forks_count": 16, + "forks": 16, + "watchers": 36, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-0296.json b/2018/CVE-2018-0296.json index 84968bf67e..565a475722 100644 --- a/2018/CVE-2018-0296.json +++ b/2018/CVE-2018-0296.json @@ -1,4 +1,27 @@ [ + { + "id": 138142987, + "name": "CVE-2018-0296", + "full_name": "milo2012\/CVE-2018-0296", + "owner": { + "login": "milo2012", + "id": 905335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/905335?v=4", + "html_url": "https:\/\/github.com\/milo2012" + }, + "html_url": "https:\/\/github.com\/milo2012\/CVE-2018-0296", + "description": "Test CVE-2018-0296 and extract usernames", + "fork": false, + "created_at": "2018-06-21T08:36:34Z", + "updated_at": "2020-11-13T03:19:23Z", + "pushed_at": "2018-12-09T11:57:20Z", + "stargazers_count": 105, + "watchers_count": 105, + "forks_count": 39, + "forks": 39, + "watchers": 105, + "score": 0 + }, { "id": 138190891, "name": "CVE-2018-0296", @@ -22,6 +45,29 @@ "watchers": 180, "score": 0 }, + { + "id": 138348696, + "name": "CVE-2018-0296", + "full_name": "bhenner1\/CVE-2018-0296", + "owner": { + "login": "bhenner1", + "id": 24857952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24857952?v=4", + "html_url": "https:\/\/github.com\/bhenner1" + }, + "html_url": "https:\/\/github.com\/bhenner1\/CVE-2018-0296", + "description": "Cisco ASA - CVE-2018-0296 | Exploit", + "fork": false, + "created_at": "2018-06-22T21:12:58Z", + "updated_at": "2019-01-03T02:33:10Z", + "pushed_at": "2018-06-26T13:44:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, { "id": 162431036, "name": "CVE-2018-0296", diff --git a/2018/CVE-2018-0802.json b/2018/CVE-2018-0802.json index 18a0d4ac2f..417c3f4726 100644 --- a/2018/CVE-2018-0802.json +++ b/2018/CVE-2018-0802.json @@ -1,4 +1,96 @@ [ + { + "id": 117077311, + "name": "CVE-2018-0802_POC", + "full_name": "zldww2011\/CVE-2018-0802_POC", + "owner": { + "login": "zldww2011", + "id": 17902585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17902585?v=4", + "html_url": "https:\/\/github.com\/zldww2011" + }, + "html_url": "https:\/\/github.com\/zldww2011\/CVE-2018-0802_POC", + "description": "Exploit the vulnerability to execute the calculator", + "fork": false, + "created_at": "2018-01-11T09:16:32Z", + "updated_at": "2020-12-16T10:25:11Z", + "pushed_at": "2018-01-11T09:23:05Z", + "stargazers_count": 70, + "watchers_count": 70, + "forks_count": 35, + "forks": 35, + "watchers": 70, + "score": 0 + }, + { + "id": 117080574, + "name": "CVE-2018-0802", + "full_name": "rxwx\/CVE-2018-0802", + "owner": { + "login": "rxwx", + "id": 2202542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2202542?v=4", + "html_url": "https:\/\/github.com\/rxwx" + }, + "html_url": "https:\/\/github.com\/rxwx\/CVE-2018-0802", + "description": "PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)", + "fork": false, + "created_at": "2018-01-11T09:43:46Z", + "updated_at": "2021-01-13T19:55:04Z", + "pushed_at": "2018-02-28T12:32:54Z", + "stargazers_count": 267, + "watchers_count": 267, + "forks_count": 134, + "forks": 134, + "watchers": 267, + "score": 0 + }, + { + "id": 117234193, + "name": "RTF_11882_0802", + "full_name": "Ridter\/RTF_11882_0802", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter" + }, + "html_url": "https:\/\/github.com\/Ridter\/RTF_11882_0802", + "description": "PoC for CVE-2018-0802 And CVE-2017-11882", + "fork": false, + "created_at": "2018-01-12T11:38:33Z", + "updated_at": "2021-02-04T07:49:36Z", + "pushed_at": "2018-01-12T11:42:29Z", + "stargazers_count": 158, + "watchers_count": 158, + "forks_count": 64, + "forks": 64, + "watchers": 158, + "score": 0 + }, + { + "id": 117637270, + "name": "CVE-2018-0802_CVE-2017-11882", + "full_name": "likescam\/CVE-2018-0802_CVE-2017-11882", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-0802_CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2018-01-16T05:49:01Z", + "updated_at": "2021-01-15T03:33:11Z", + "pushed_at": "2018-01-16T05:49:10Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 4, + "forks": 4, + "watchers": 10, + "score": 0 + }, { "id": 313441734, "name": "rtfkit", diff --git a/2018/CVE-2018-0824.json b/2018/CVE-2018-0824.json new file mode 100644 index 0000000000..b511b16dbf --- /dev/null +++ b/2018/CVE-2018-0824.json @@ -0,0 +1,25 @@ +[ + { + "id": 137465316, + "name": "UnmarshalPwn", + "full_name": "codewhitesec\/UnmarshalPwn", + "owner": { + "login": "codewhitesec", + "id": 8680262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8680262?v=4", + "html_url": "https:\/\/github.com\/codewhitesec" + }, + "html_url": "https:\/\/github.com\/codewhitesec\/UnmarshalPwn", + "description": "POC for CVE-2018-0824", + "fork": false, + "created_at": "2018-06-15T08:59:37Z", + "updated_at": "2020-12-11T07:20:35Z", + "pushed_at": "2018-06-25T07:13:36Z", + "stargazers_count": 73, + "watchers_count": 73, + "forks_count": 34, + "forks": 34, + "watchers": 73, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-0952.json b/2018/CVE-2018-0952.json new file mode 100644 index 0000000000..2386b5980f --- /dev/null +++ b/2018/CVE-2018-0952.json @@ -0,0 +1,25 @@ +[ + { + "id": 145615979, + "name": "CVE-2018-0952-SystemCollector", + "full_name": "atredispartners\/CVE-2018-0952-SystemCollector", + "owner": { + "login": "atredispartners", + "id": 7254370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7254370?v=4", + "html_url": "https:\/\/github.com\/atredispartners" + }, + "html_url": "https:\/\/github.com\/atredispartners\/CVE-2018-0952-SystemCollector", + "description": "PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service", + "fork": false, + "created_at": "2018-08-21T20:29:10Z", + "updated_at": "2021-02-02T05:09:56Z", + "pushed_at": "2018-08-21T20:30:24Z", + "stargazers_count": 107, + "watchers_count": 107, + "forks_count": 36, + "forks": 36, + "watchers": 107, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000001.json b/2018/CVE-2018-1000001.json new file mode 100644 index 0000000000..8a4c408177 --- /dev/null +++ b/2018/CVE-2018-1000001.json @@ -0,0 +1,25 @@ +[ + { + "id": 120648393, + "name": "CVE-2018-1000001", + "full_name": "0x00-0x00\/CVE-2018-1000001", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-1000001", + "description": "glibc getcwd() local privilege escalation compiled binaries", + "fork": false, + "created_at": "2018-02-07T17:34:24Z", + "updated_at": "2020-12-02T07:21:01Z", + "pushed_at": "2018-02-09T22:35:06Z", + "stargazers_count": 31, + "watchers_count": 31, + "forks_count": 6, + "forks": 6, + "watchers": 31, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000006.json b/2018/CVE-2018-1000006.json new file mode 100644 index 0000000000..396eadfc74 --- /dev/null +++ b/2018/CVE-2018-1000006.json @@ -0,0 +1,25 @@ +[ + { + "id": 118851943, + "name": "CVE-2018-1000006-DEMO", + "full_name": "CHYbeta\/CVE-2018-1000006-DEMO", + "owner": { + "login": "CHYbeta", + "id": 18642224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18642224?v=4", + "html_url": "https:\/\/github.com\/CHYbeta" + }, + "html_url": "https:\/\/github.com\/CHYbeta\/CVE-2018-1000006-DEMO", + "description": "The Demo for CVE-2018-1000006", + "fork": false, + "created_at": "2018-01-25T02:38:44Z", + "updated_at": "2020-07-13T15:22:09Z", + "pushed_at": "2018-01-25T03:29:30Z", + "stargazers_count": 40, + "watchers_count": 40, + "forks_count": 8, + "forks": 8, + "watchers": 40, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000117.json b/2018/CVE-2018-1000117.json new file mode 100644 index 0000000000..0a63ed3f96 --- /dev/null +++ b/2018/CVE-2018-1000117.json @@ -0,0 +1,25 @@ +[ + { + "id": 136231159, + "name": "CVE-2018-1000117-Exploit", + "full_name": "u0pattern\/CVE-2018-1000117-Exploit", + "owner": { + "login": "u0pattern", + "id": 21009276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21009276?v=4", + "html_url": "https:\/\/github.com\/u0pattern" + }, + "html_url": "https:\/\/github.com\/u0pattern\/CVE-2018-1000117-Exploit", + "description": "Buffer Overflow Vulnerability that can result ACE", + "fork": false, + "created_at": "2018-06-05T20:28:29Z", + "updated_at": "2020-06-30T04:18:59Z", + "pushed_at": "2018-06-05T20:45:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000134.json b/2018/CVE-2018-1000134.json new file mode 100644 index 0000000000..0d223efbd5 --- /dev/null +++ b/2018/CVE-2018-1000134.json @@ -0,0 +1,25 @@ +[ + { + "id": 156499957, + "name": "cve-2018-1000134", + "full_name": "dragotime\/cve-2018-1000134", + "owner": { + "login": "dragotime", + "id": 43851975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43851975?v=4", + "html_url": "https:\/\/github.com\/dragotime" + }, + "html_url": "https:\/\/github.com\/dragotime\/cve-2018-1000134", + "description": null, + "fork": false, + "created_at": "2018-11-07T06:22:47Z", + "updated_at": "2018-11-07T06:22:47Z", + "pushed_at": "2018-11-07T06:22:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000199.json b/2018/CVE-2018-1000199.json new file mode 100644 index 0000000000..0fb1ce6788 --- /dev/null +++ b/2018/CVE-2018-1000199.json @@ -0,0 +1,25 @@ +[ + { + "id": 131973710, + "name": "CVE-2018-1000199", + "full_name": "dsfau\/CVE-2018-1000199", + "owner": { + "login": "dsfau", + "id": 26786936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26786936?v=4", + "html_url": "https:\/\/github.com\/dsfau" + }, + "html_url": "https:\/\/github.com\/dsfau\/CVE-2018-1000199", + "description": null, + "fork": false, + "created_at": "2018-05-03T09:37:56Z", + "updated_at": "2018-05-03T09:41:20Z", + "pushed_at": "2018-05-03T09:41:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000529.json b/2018/CVE-2018-1000529.json new file mode 100644 index 0000000000..574c5cd050 --- /dev/null +++ b/2018/CVE-2018-1000529.json @@ -0,0 +1,25 @@ +[ + { + "id": 134336529, + "name": "CVE-2018-1000529", + "full_name": "martinfrancois\/CVE-2018-1000529", + "owner": { + "login": "martinfrancois", + "id": 14319020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14319020?v=4", + "html_url": "https:\/\/github.com\/martinfrancois" + }, + "html_url": "https:\/\/github.com\/martinfrancois\/CVE-2018-1000529", + "description": null, + "fork": false, + "created_at": "2018-05-21T23:43:18Z", + "updated_at": "2018-06-28T20:43:19Z", + "pushed_at": "2018-06-28T20:43:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000802.json b/2018/CVE-2018-1000802.json new file mode 100644 index 0000000000..4f7b78445b --- /dev/null +++ b/2018/CVE-2018-1000802.json @@ -0,0 +1,25 @@ +[ + { + "id": 148814288, + "name": "CVE-2018-1000802-PoC", + "full_name": "tna0y\/CVE-2018-1000802-PoC", + "owner": { + "login": "tna0y", + "id": 22504374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22504374?v=4", + "html_url": "https:\/\/github.com\/tna0y" + }, + "html_url": "https:\/\/github.com\/tna0y\/CVE-2018-1000802-PoC", + "description": "Python CVE-2018-1000802 Proof-of-Concept", + "fork": false, + "created_at": "2018-09-14T16:22:12Z", + "updated_at": "2020-05-29T07:36:51Z", + "pushed_at": "2018-09-14T16:38:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1010.json b/2018/CVE-2018-1010.json new file mode 100644 index 0000000000..d1caa96d20 --- /dev/null +++ b/2018/CVE-2018-1010.json @@ -0,0 +1,25 @@ +[ + { + "id": 130343381, + "name": "Detecting-the-patch-of-CVE-2018-1010", + "full_name": "ymgh96\/Detecting-the-patch-of-CVE-2018-1010", + "owner": { + "login": "ymgh96", + "id": 29282323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29282323?v=4", + "html_url": "https:\/\/github.com\/ymgh96" + }, + "html_url": "https:\/\/github.com\/ymgh96\/Detecting-the-patch-of-CVE-2018-1010", + "description": null, + "fork": false, + "created_at": "2018-04-20T09:50:40Z", + "updated_at": "2018-04-20T11:01:36Z", + "pushed_at": "2018-04-20T11:01:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1026.json b/2018/CVE-2018-1026.json new file mode 100644 index 0000000000..a939b59db7 --- /dev/null +++ b/2018/CVE-2018-1026.json @@ -0,0 +1,25 @@ +[ + { + "id": 131403764, + "name": "Detecting-the-CVE-2018-1026-and-its-patch", + "full_name": "ymgh96\/Detecting-the-CVE-2018-1026-and-its-patch", + "owner": { + "login": "ymgh96", + "id": 29282323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29282323?v=4", + "html_url": "https:\/\/github.com\/ymgh96" + }, + "html_url": "https:\/\/github.com\/ymgh96\/Detecting-the-CVE-2018-1026-and-its-patch", + "description": null, + "fork": false, + "created_at": "2018-04-28T11:28:11Z", + "updated_at": "2018-04-28T11:32:03Z", + "pushed_at": "2018-04-28T11:32:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10299.json b/2018/CVE-2018-10299.json new file mode 100644 index 0000000000..dfb093df94 --- /dev/null +++ b/2018/CVE-2018-10299.json @@ -0,0 +1,25 @@ +[ + { + "id": 133036448, + "name": "batchOverflow", + "full_name": "phzietsman\/batchOverflow", + "owner": { + "login": "phzietsman", + "id": 11902058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11902058?v=4", + "html_url": "https:\/\/github.com\/phzietsman" + }, + "html_url": "https:\/\/github.com\/phzietsman\/batchOverflow", + "description": "A fix for the batchOverflow bug https:\/\/medium.com\/@peckshield\/alert-new-batchoverflow-bug-in-multiple-erc20-smart-contracts-cve-2018-10299-511067db6536", + "fork": false, + "created_at": "2018-05-11T12:23:08Z", + "updated_at": "2018-07-03T19:26:14Z", + "pushed_at": "2018-07-03T19:26:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10467.json b/2018/CVE-2018-10467.json new file mode 100644 index 0000000000..d04a58a75c --- /dev/null +++ b/2018/CVE-2018-10467.json @@ -0,0 +1,25 @@ +[ + { + "id": 131241395, + "name": "CVE-2018-10467", + "full_name": "alt3kx\/CVE-2018-10467", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-10467", + "description": "CVE-2018-10467", + "fork": false, + "created_at": "2018-04-27T03:35:47Z", + "updated_at": "2018-05-04T02:07:18Z", + "pushed_at": "2018-05-04T02:01:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10517.json b/2018/CVE-2018-10517.json new file mode 100644 index 0000000000..b0fa8639f7 --- /dev/null +++ b/2018/CVE-2018-10517.json @@ -0,0 +1,25 @@ +[ + { + "id": 156886365, + "name": "CVE-2018-10517", + "full_name": "0x00-0x00\/CVE-2018-10517", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-10517", + "description": "CMS Made Simple 2.2.7 RCE exploit", + "fork": false, + "created_at": "2018-11-09T16:09:39Z", + "updated_at": "2020-06-07T11:21:05Z", + "pushed_at": "2018-11-09T16:09:46Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 4, + "forks": 4, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10546.json b/2018/CVE-2018-10546.json new file mode 100644 index 0000000000..9e6ab49621 --- /dev/null +++ b/2018/CVE-2018-10546.json @@ -0,0 +1,25 @@ +[ + { + "id": 131973382, + "name": "CVE-2018-10546", + "full_name": "dsfau\/CVE-2018-10546", + "owner": { + "login": "dsfau", + "id": 26786936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26786936?v=4", + "html_url": "https:\/\/github.com\/dsfau" + }, + "html_url": "https:\/\/github.com\/dsfau\/CVE-2018-10546", + "description": null, + "fork": false, + "created_at": "2018-05-03T09:35:27Z", + "updated_at": "2018-05-03T09:36:53Z", + "pushed_at": "2018-05-03T09:36:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1056.json b/2018/CVE-2018-1056.json new file mode 100644 index 0000000000..ba30e2fbaa --- /dev/null +++ b/2018/CVE-2018-1056.json @@ -0,0 +1,25 @@ +[ + { + "id": 132433462, + "name": "Gpon-Routers", + "full_name": "rotemkama\/Gpon-Routers", + "owner": { + "login": "rotemkama", + "id": 7814256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7814256?v=4", + "html_url": "https:\/\/github.com\/rotemkama" + }, + "html_url": "https:\/\/github.com\/rotemkama\/Gpon-Routers", + "description": "Authentication Bypass \/ Command Injection Exploit CVE-2018-1056", + "fork": false, + "created_at": "2018-05-07T08:52:45Z", + "updated_at": "2020-05-28T11:06:32Z", + "pushed_at": "2018-05-04T06:52:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10562.json b/2018/CVE-2018-10562.json new file mode 100644 index 0000000000..43fef75e55 --- /dev/null +++ b/2018/CVE-2018-10562.json @@ -0,0 +1,117 @@ +[ + { + "id": 132445475, + "name": "GPON", + "full_name": "f3d0x0\/GPON", + "owner": { + "login": "f3d0x0", + "id": 6794063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6794063?v=4", + "html_url": "https:\/\/github.com\/f3d0x0" + }, + "html_url": "https:\/\/github.com\/f3d0x0\/GPON", + "description": "Exploit for Remote Code Execution on GPON home routers (CVE-2018-10562) written in Python. Initially disclosed by VPNMentor (https:\/\/www.vpnmentor.com\/blog\/critical-vulnerability-gpon-router\/), kudos for their work.", + "fork": false, + "created_at": "2018-05-07T10:34:10Z", + "updated_at": "2020-12-30T22:27:48Z", + "pushed_at": "2018-05-10T15:08:43Z", + "stargazers_count": 207, + "watchers_count": 207, + "forks_count": 68, + "forks": 68, + "watchers": 207, + "score": 0 + }, + { + "id": 133550928, + "name": "Pingpon-Exploit", + "full_name": "649\/Pingpon-Exploit", + "owner": { + "login": "649", + "id": 23534047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23534047?v=4", + "html_url": "https:\/\/github.com\/649" + }, + "html_url": "https:\/\/github.com\/649\/Pingpon-Exploit", + "description": "Exploit for Mass Remote Code Execution on GPON home routers (CVE-2018-10562) obtained from Shodan.", + "fork": false, + "created_at": "2018-05-15T17:31:21Z", + "updated_at": "2020-01-05T18:02:50Z", + "pushed_at": "2018-05-26T06:44:44Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 9, + "forks": 9, + "watchers": 17, + "score": 0 + }, + { + "id": 133872939, + "name": "GPON-LOADER", + "full_name": "Choudai\/GPON-LOADER", + "owner": { + "login": "Choudai", + "id": 28324694, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28324694?v=4", + "html_url": "https:\/\/github.com\/Choudai" + }, + "html_url": "https:\/\/github.com\/Choudai\/GPON-LOADER", + "description": "Exploit loader for Remote Code Execution w\/ Payload on GPON Home Gateway devices (CVE-2018-10562) written in Python.", + "fork": false, + "created_at": "2018-05-17T22:03:47Z", + "updated_at": "2020-06-27T20:05:00Z", + "pushed_at": "2018-05-17T22:15:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 134941877, + "name": "GPON_RCE", + "full_name": "c0ld1\/GPON_RCE", + "owner": { + "login": "c0ld1", + "id": 39249476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39249476?v=4", + "html_url": "https:\/\/github.com\/c0ld1" + }, + "html_url": "https:\/\/github.com\/c0ld1\/GPON_RCE", + "description": "Exploit for Remote Code Execution on GPON home routers (CVE-2018-10562) written in Python.", + "fork": false, + "created_at": "2018-05-26T08:05:22Z", + "updated_at": "2019-07-30T02:41:47Z", + "pushed_at": "2018-05-26T08:07:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + }, + { + "id": 136307543, + "name": "CVE-2018-10562", + "full_name": "ATpiu\/CVE-2018-10562", + "owner": { + "login": "ATpiu", + "id": 26686336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26686336?v=4", + "html_url": "https:\/\/github.com\/ATpiu" + }, + "html_url": "https:\/\/github.com\/ATpiu\/CVE-2018-10562", + "description": "Exploit for CVE-2018-10562", + "fork": false, + "created_at": "2018-06-06T09:43:40Z", + "updated_at": "2018-11-16T22:46:24Z", + "pushed_at": "2018-06-07T02:55:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 5, + "forks": 5, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10583.json b/2018/CVE-2018-10583.json new file mode 100644 index 0000000000..bd41b4f576 --- /dev/null +++ b/2018/CVE-2018-10583.json @@ -0,0 +1,25 @@ +[ + { + "id": 131920571, + "name": "CVE-2018-10583", + "full_name": "TaharAmine\/CVE-2018-10583", + "owner": { + "login": "TaharAmine", + "id": 35707349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35707349?v=4", + "html_url": "https:\/\/github.com\/TaharAmine" + }, + "html_url": "https:\/\/github.com\/TaharAmine\/CVE-2018-10583", + "description": "An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by \"xlink:href=file:\/\/192.168.0.2\/test.jpg\" within an \"office:document-content\" element in a \".odt XML document\".", + "fork": false, + "created_at": "2018-05-03T00:34:08Z", + "updated_at": "2021-01-05T12:18:31Z", + "pushed_at": "2018-05-03T00:38:56Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 3, + "forks": 3, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10715.json b/2018/CVE-2018-10715.json new file mode 100644 index 0000000000..86caae863b --- /dev/null +++ b/2018/CVE-2018-10715.json @@ -0,0 +1,25 @@ +[ + { + "id": 132069525, + "name": "CVE-2018-10715", + "full_name": "alt3kx\/CVE-2018-10715", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-10715", + "description": "CVE-2018-10715", + "fork": false, + "created_at": "2018-05-04T01:33:22Z", + "updated_at": "2018-05-04T02:17:30Z", + "pushed_at": "2018-05-04T02:17:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10732.json b/2018/CVE-2018-10732.json new file mode 100644 index 0000000000..ecd2cd0af9 --- /dev/null +++ b/2018/CVE-2018-10732.json @@ -0,0 +1,25 @@ +[ + { + "id": 132435515, + "name": "CVE-2018-10732", + "full_name": "alt3kx\/CVE-2018-10732", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-10732", + "description": "Dataiku REST-API by default the software, allows anonymous access to functionality that allows an attacker to know valid users.", + "fork": false, + "created_at": "2018-05-07T09:07:58Z", + "updated_at": "2018-06-05T11:51:00Z", + "pushed_at": "2018-06-02T09:15:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10821.json b/2018/CVE-2018-10821.json new file mode 100644 index 0000000000..511b87b03b --- /dev/null +++ b/2018/CVE-2018-10821.json @@ -0,0 +1,25 @@ +[ + { + "id": 137230310, + "name": "Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3", + "full_name": "BalvinderSingh23\/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3", + "owner": { + "login": "BalvinderSingh23", + "id": 38315927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38315927?v=4", + "html_url": "https:\/\/github.com\/BalvinderSingh23" + }, + "html_url": "https:\/\/github.com\/BalvinderSingh23\/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3", + "description": "BlackCat-CMS-Bundle-v1.3 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-10821", + "fork": false, + "created_at": "2018-06-13T14:52:34Z", + "updated_at": "2018-06-13T15:06:31Z", + "pushed_at": "2018-06-13T15:06:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10933.json b/2018/CVE-2018-10933.json index 5b17fff532..d7abc5eda9 100644 --- a/2018/CVE-2018-10933.json +++ b/2018/CVE-2018-10933.json @@ -1,4 +1,27 @@ [ + { + "id": 153427159, + "name": "CVE-2018-10933", + "full_name": "SoledaD208\/CVE-2018-10933", + "owner": { + "login": "SoledaD208", + "id": 8731578, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8731578?v=4", + "html_url": "https:\/\/github.com\/SoledaD208" + }, + "html_url": "https:\/\/github.com\/SoledaD208\/CVE-2018-10933", + "description": "CVE-2018-10933 very simple POC", + "fork": false, + "created_at": "2018-10-17T09:01:44Z", + "updated_at": "2020-12-18T03:51:25Z", + "pushed_at": "2018-10-23T13:51:06Z", + "stargazers_count": 131, + "watchers_count": 131, + "forks_count": 40, + "forks": 40, + "watchers": 131, + "score": 0 + }, { "id": 153468806, "name": "CVE-2018-10933", @@ -22,6 +45,328 @@ "watchers": 467, "score": 0 }, + { + "id": 153477523, + "name": "CVE-2018-10933", + "full_name": "hook-s3c\/CVE-2018-10933", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2018-10933", + "description": "CVE-2018-10933 sshlib user authentication attack - docker lab, test and exploit", + "fork": false, + "created_at": "2018-10-17T15:09:41Z", + "updated_at": "2018-10-17T15:09:44Z", + "pushed_at": "2018-10-17T15:09:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 153506738, + "name": "CVE-2018-10933", + "full_name": "kn6869610\/CVE-2018-10933", + "owner": { + "login": "kn6869610", + "id": 6917744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6917744?v=4", + "html_url": "https:\/\/github.com\/kn6869610" + }, + "html_url": "https:\/\/github.com\/kn6869610\/CVE-2018-10933", + "description": "Leveraging it is a simple matter of presenting the server with the SSH2_MSG_USERAUTH_SUCCESS message, which shows that the login already occurred without a problem. The server expects the message SSH2_MSG_USERAUTH_REQUEST to start the authentication procedure, but by skipping it an attacker can log in without showing any credentials.", + "fork": false, + "created_at": "2018-10-17T18:44:05Z", + "updated_at": "2018-10-22T03:02:27Z", + "pushed_at": "2018-10-17T18:45:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 3, + "forks": 3, + "watchers": 13, + "score": 0 + }, + { + "id": 153534574, + "name": "libssh-scanner", + "full_name": "leapsecurity\/libssh-scanner", + "owner": { + "login": "leapsecurity", + "id": 40601062, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40601062?v=4", + "html_url": "https:\/\/github.com\/leapsecurity" + }, + "html_url": "https:\/\/github.com\/leapsecurity\/libssh-scanner", + "description": "Script to identify hosts vulnerable to CVE-2018-10933", + "fork": false, + "created_at": "2018-10-17T23:05:10Z", + "updated_at": "2020-10-30T13:49:34Z", + "pushed_at": "2018-11-04T17:29:33Z", + "stargazers_count": 231, + "watchers_count": 231, + "forks_count": 55, + "forks": 55, + "watchers": 231, + "score": 0 + }, + { + "id": 153562229, + "name": "CVE-2018-10933_ssh", + "full_name": "likescam\/CVE-2018-10933_ssh", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-10933_ssh", + "description": null, + "fork": false, + "created_at": "2018-10-18T04:10:25Z", + "updated_at": "2018-10-18T04:10:39Z", + "pushed_at": "2018-10-18T04:10:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153562319, + "name": "bpnd-libssh", + "full_name": "trbpnd\/bpnd-libssh", + "owner": { + "login": "trbpnd", + "id": 39193403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39193403?v=4", + "html_url": "https:\/\/github.com\/trbpnd" + }, + "html_url": "https:\/\/github.com\/trbpnd\/bpnd-libssh", + "description": "Multi-threaded, reliable scanner for CVE-2018-10933.", + "fork": false, + "created_at": "2018-10-18T04:11:33Z", + "updated_at": "2018-10-23T03:13:35Z", + "pushed_at": "2018-10-22T16:44:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + }, + { + "id": 153598283, + "name": "CVE-2018-10933-libSSH-Authentication-Bypass", + "full_name": "likescam\/CVE-2018-10933-libSSH-Authentication-Bypass", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-10933-libSSH-Authentication-Bypass", + "description": null, + "fork": false, + "created_at": "2018-10-18T09:27:08Z", + "updated_at": "2018-10-18T16:47:53Z", + "pushed_at": "2018-10-18T09:27:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 153643745, + "name": "hunt-for-cve-2018-10933", + "full_name": "marco-lancini\/hunt-for-cve-2018-10933", + "owner": { + "login": "marco-lancini", + "id": 1472968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1472968?v=4", + "html_url": "https:\/\/github.com\/marco-lancini" + }, + "html_url": "https:\/\/github.com\/marco-lancini\/hunt-for-cve-2018-10933", + "description": "Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)", + "fork": false, + "created_at": "2018-10-18T15:08:25Z", + "updated_at": "2020-10-25T16:36:25Z", + "pushed_at": "2018-10-18T15:11:35Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 4, + "forks": 4, + "watchers": 10, + "score": 0 + }, + { + "id": 153675108, + "name": "cve-2018-10933", + "full_name": "hackerhouse-opensource\/cve-2018-10933", + "owner": { + "login": "hackerhouse-opensource", + "id": 43967630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43967630?v=4", + "html_url": "https:\/\/github.com\/hackerhouse-opensource" + }, + "html_url": "https:\/\/github.com\/hackerhouse-opensource\/cve-2018-10933", + "description": "cve-2018-10933 libssh authentication bypass", + "fork": false, + "created_at": "2018-10-18T19:13:45Z", + "updated_at": "2021-01-30T23:27:20Z", + "pushed_at": "2018-10-21T21:24:29Z", + "stargazers_count": 96, + "watchers_count": 96, + "forks_count": 31, + "forks": 31, + "watchers": 96, + "score": 0 + }, + { + "id": 153681539, + "name": "cve-2018-10933", + "full_name": "cve-2018\/cve-2018-10933", + "owner": { + "login": "cve-2018", + "id": 44275695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44275695?v=4", + "html_url": "https:\/\/github.com\/cve-2018" + }, + "html_url": "https:\/\/github.com\/cve-2018\/cve-2018-10933", + "description": null, + "fork": false, + "created_at": "2018-10-18T20:11:22Z", + "updated_at": "2018-10-23T03:22:26Z", + "pushed_at": "2018-10-23T03:22:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153855090, + "name": "CVE-2018-10933", + "full_name": "jas502n\/CVE-2018-10933", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-10933", + "description": "libssh CVE-2018-10933", + "fork": false, + "created_at": "2018-10-20T00:24:04Z", + "updated_at": "2019-07-31T09:33:04Z", + "pushed_at": "2018-10-20T00:29:04Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 5, + "forks": 5, + "watchers": 19, + "score": 0 + }, + { + "id": 153856713, + "name": "cve-2018-10933_poc", + "full_name": "ninp0\/cve-2018-10933_poc", + "owner": { + "login": "ninp0", + "id": 1008583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1008583?v=4", + "html_url": "https:\/\/github.com\/ninp0" + }, + "html_url": "https:\/\/github.com\/ninp0\/cve-2018-10933_poc", + "description": "Variant of hackerhouse-opensource\/cve-2018-10933", + "fork": false, + "created_at": "2018-10-20T00:53:24Z", + "updated_at": "2018-10-22T15:05:53Z", + "pushed_at": "2018-10-20T01:53:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153878160, + "name": "CVE-2018-10933_Scanner", + "full_name": "pghook\/CVE-2018-10933_Scanner", + "owner": { + "login": "pghook", + "id": 14160529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14160529?v=4", + "html_url": "https:\/\/github.com\/pghook" + }, + "html_url": "https:\/\/github.com\/pghook\/CVE-2018-10933_Scanner", + "description": null, + "fork": false, + "created_at": "2018-10-20T06:53:59Z", + "updated_at": "2020-05-15T17:20:56Z", + "pushed_at": "2018-10-20T04:54:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 3, + "forks": 3, + "watchers": 0, + "score": 0 + }, + { + "id": 153920395, + "name": "POC-CVE-2018-10933", + "full_name": "Virgula0\/POC-CVE-2018-10933", + "owner": { + "login": "Virgula0", + "id": 16546435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16546435?v=4", + "html_url": "https:\/\/github.com\/Virgula0" + }, + "html_url": "https:\/\/github.com\/Virgula0\/POC-CVE-2018-10933", + "description": "LibSSH Authentication Bypass Exploit using RCE", + "fork": false, + "created_at": "2018-10-20T15:34:26Z", + "updated_at": "2021-01-19T19:49:11Z", + "pushed_at": "2018-10-25T18:23:52Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 8, + "forks": 8, + "watchers": 13, + "score": 0 + }, + { + "id": 153975086, + "name": "pythonprojects-CVE-2018-10933", + "full_name": "shifa123\/pythonprojects-CVE-2018-10933", + "owner": { + "login": "shifa123", + "id": 18241082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18241082?v=4", + "html_url": "https:\/\/github.com\/shifa123" + }, + "html_url": "https:\/\/github.com\/shifa123\/pythonprojects-CVE-2018-10933", + "description": "CVE-2018-10933", + "fork": false, + "created_at": "2018-10-21T05:01:12Z", + "updated_at": "2021-01-15T03:06:17Z", + "pushed_at": "2018-10-21T05:13:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 4, + "forks": 4, + "watchers": 2, + "score": 0 + }, { "id": 154050332, "name": "CVE-2018-10933", @@ -45,6 +390,167 @@ "watchers": 4, "score": 0 }, + { + "id": 154390432, + "name": "CVE-2018-10933", + "full_name": "Bifrozt\/CVE-2018-10933", + "owner": { + "login": "Bifrozt", + "id": 8437560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8437560?v=4", + "html_url": "https:\/\/github.com\/Bifrozt" + }, + "html_url": "https:\/\/github.com\/Bifrozt\/CVE-2018-10933", + "description": "CVE-2018-10933", + "fork": false, + "created_at": "2018-10-23T20:11:35Z", + "updated_at": "2018-10-23T20:14:53Z", + "pushed_at": "2018-10-23T20:14:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 154398082, + "name": "CVE-2018-10933", + "full_name": "r3dxpl0it\/CVE-2018-10933", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/CVE-2018-10933", + "description": "CVE-2018-10933 POC (LIBSSH)", + "fork": false, + "created_at": "2018-10-23T21:17:52Z", + "updated_at": "2020-04-06T19:25:11Z", + "pushed_at": "2018-10-24T07:58:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 154500673, + "name": "libssh-scanner", + "full_name": "ivanacostarubio\/libssh-scanner", + "owner": { + "login": "ivanacostarubio", + "id": 16559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16559?v=4", + "html_url": "https:\/\/github.com\/ivanacostarubio" + }, + "html_url": "https:\/\/github.com\/ivanacostarubio\/libssh-scanner", + "description": "A libssh CVE-2018-10933 scanner written in rust", + "fork": false, + "created_at": "2018-10-24T12:52:09Z", + "updated_at": "2019-02-24T23:51:07Z", + "pushed_at": "2018-10-24T12:52:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 154520949, + "name": "precompiled-CVE-2018-10933", + "full_name": "throwawayaccount12312312\/precompiled-CVE-2018-10933", + "owner": { + "login": "throwawayaccount12312312", + "id": 44440605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44440605?v=4", + "html_url": "https:\/\/github.com\/throwawayaccount12312312" + }, + "html_url": "https:\/\/github.com\/throwawayaccount12312312\/precompiled-CVE-2018-10933", + "description": null, + "fork": false, + "created_at": "2018-10-24T15:02:51Z", + "updated_at": "2018-10-24T15:04:19Z", + "pushed_at": "2018-10-24T15:04:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 154621353, + "name": "CVE-2018-10933", + "full_name": "ensimag-security\/CVE-2018-10933", + "owner": { + "login": "ensimag-security", + "id": 44459067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44459067?v=4", + "html_url": "https:\/\/github.com\/ensimag-security" + }, + "html_url": "https:\/\/github.com\/ensimag-security\/CVE-2018-10933", + "description": null, + "fork": false, + "created_at": "2018-10-25T06:32:06Z", + "updated_at": "2018-11-28T14:11:24Z", + "pushed_at": "2018-11-28T14:14:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 157908147, + "name": "libSSH-bypass", + "full_name": "Ad1bDaw\/libSSH-bypass", + "owner": { + "login": "Ad1bDaw", + "id": 35436703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35436703?v=4", + "html_url": "https:\/\/github.com\/Ad1bDaw" + }, + "html_url": "https:\/\/github.com\/Ad1bDaw\/libSSH-bypass", + "description": "Implementation of CVE-2018-10933 with CIDR block scanner ", + "fork": false, + "created_at": "2018-11-16T18:46:28Z", + "updated_at": "2018-11-16T19:00:29Z", + "pushed_at": "2018-11-16T19:00:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 158524069, + "name": "CVE-2018-10933-POC", + "full_name": "sambiyal\/CVE-2018-10933-POC", + "owner": { + "login": "sambiyal", + "id": 25122043, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25122043?v=4", + "html_url": "https:\/\/github.com\/sambiyal" + }, + "html_url": "https:\/\/github.com\/sambiyal\/CVE-2018-10933-POC", + "description": "libSSH bypass", + "fork": false, + "created_at": "2018-11-21T09:34:12Z", + "updated_at": "2018-11-21T09:57:11Z", + "pushed_at": "2018-11-21T09:43:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 162456991, "name": "LibSSH-Authentication-Bypass", diff --git a/2018/CVE-2018-10936.json b/2018/CVE-2018-10936.json new file mode 100644 index 0000000000..6c6a463ae4 --- /dev/null +++ b/2018/CVE-2018-10936.json @@ -0,0 +1,25 @@ +[ + { + "id": 158224861, + "name": "CVE-2018-10936", + "full_name": "tafamace\/CVE-2018-10936", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-10936", + "description": null, + "fork": false, + "created_at": "2018-11-19T13:09:47Z", + "updated_at": "2018-11-19T13:13:10Z", + "pushed_at": "2018-11-19T13:13:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10949.json b/2018/CVE-2018-10949.json new file mode 100644 index 0000000000..8947766396 --- /dev/null +++ b/2018/CVE-2018-10949.json @@ -0,0 +1,25 @@ +[ + { + "id": 147528239, + "name": "CVE-2018-10949", + "full_name": "0x00-0x00\/CVE-2018-10949", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-10949", + "description": "Zimbra Collaboration Suite Username Enumeration ", + "fork": false, + "created_at": "2018-09-05T14:09:13Z", + "updated_at": "2020-10-20T18:45:33Z", + "pushed_at": "2018-09-05T14:10:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1111.json b/2018/CVE-2018-1111.json index d6bf316106..55cbef050b 100644 --- a/2018/CVE-2018-1111.json +++ b/2018/CVE-2018-1111.json @@ -1,4 +1,50 @@ [ + { + "id": 133791805, + "name": "CVE-2018-1111", + "full_name": "knqyf263\/CVE-2018-1111", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-1111", + "description": "Environment for DynoRoot (CVE-2018-1111)", + "fork": false, + "created_at": "2018-05-17T09:37:19Z", + "updated_at": "2020-11-27T01:55:02Z", + "pushed_at": "2018-05-17T10:03:18Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 10, + "forks": 10, + "watchers": 13, + "score": 0 + }, + { + "id": 133957885, + "name": "CVE-2018-1111", + "full_name": "kkirsche\/CVE-2018-1111", + "owner": { + "login": "kkirsche", + "id": 947110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/947110?v=4", + "html_url": "https:\/\/github.com\/kkirsche" + }, + "html_url": "https:\/\/github.com\/kkirsche\/CVE-2018-1111", + "description": "CVE-2018-1111 DynoRoot", + "fork": false, + "created_at": "2018-05-18T13:27:43Z", + "updated_at": "2021-01-16T21:54:13Z", + "pushed_at": "2018-05-21T13:10:48Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 7, + "forks": 7, + "watchers": 14, + "score": 0 + }, { "id": 313717464, "name": "FEP3370-advanced-ethical-hacking", diff --git a/2018/CVE-2018-11235.json b/2018/CVE-2018-11235.json index fb3bef7131..5d308fe820 100644 --- a/2018/CVE-2018-11235.json +++ b/2018/CVE-2018-11235.json @@ -22,6 +22,144 @@ "watchers": 44, "score": 0 }, + { + "id": 135556339, + "name": "CVE-2018-11235", + "full_name": "vmotos\/CVE-2018-11235", + "owner": { + "login": "vmotos", + "id": 22636953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22636953?v=4", + "html_url": "https:\/\/github.com\/vmotos" + }, + "html_url": "https:\/\/github.com\/vmotos\/CVE-2018-11235", + "description": "RCE vulnerability to exec \"git clone --recurse-submodule\" (CVE-2018-11235)", + "fork": false, + "created_at": "2018-05-31T08:38:17Z", + "updated_at": "2018-05-31T09:11:10Z", + "pushed_at": "2018-05-31T09:11:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 135587582, + "name": "cve-2018-11235", + "full_name": "Choihosu\/cve-2018-11235", + "owner": { + "login": "Choihosu", + "id": 18625744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18625744?v=4", + "html_url": "https:\/\/github.com\/Choihosu" + }, + "html_url": "https:\/\/github.com\/Choihosu\/cve-2018-11235", + "description": null, + "fork": false, + "created_at": "2018-05-31T13:29:06Z", + "updated_at": "2018-05-31T13:29:06Z", + "pushed_at": "2018-05-31T13:29:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 135652327, + "name": "CVE-2018-11235-DEMO", + "full_name": "CHYbeta\/CVE-2018-11235-DEMO", + "owner": { + "login": "CHYbeta", + "id": 18642224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18642224?v=4", + "html_url": "https:\/\/github.com\/CHYbeta" + }, + "html_url": "https:\/\/github.com\/CHYbeta\/CVE-2018-11235-DEMO", + "description": null, + "fork": false, + "created_at": "2018-06-01T01:26:19Z", + "updated_at": "2020-07-05T15:28:14Z", + "pushed_at": "2018-06-07T03:34:35Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 3, + "forks": 3, + "watchers": 13, + "score": 0 + }, + { + "id": 136300278, + "name": "CVE-2018-11235-poc", + "full_name": "Kiss-sh0t\/CVE-2018-11235-poc", + "owner": { + "login": "Kiss-sh0t", + "id": 16567682, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16567682?v=4", + "html_url": "https:\/\/github.com\/Kiss-sh0t" + }, + "html_url": "https:\/\/github.com\/Kiss-sh0t\/CVE-2018-11235-poc", + "description": "for git v2.7.4", + "fork": false, + "created_at": "2018-06-06T08:48:57Z", + "updated_at": "2018-06-06T08:56:02Z", + "pushed_at": "2018-06-06T08:54:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 136924699, + "name": "clone_and_pwn", + "full_name": "H0K5\/clone_and_pwn", + "owner": { + "login": "H0K5", + "id": 8493152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8493152?v=4", + "html_url": "https:\/\/github.com\/H0K5" + }, + "html_url": "https:\/\/github.com\/H0K5\/clone_and_pwn", + "description": "Exploits CVE-2018-11235", + "fork": false, + "created_at": "2018-06-11T12:41:34Z", + "updated_at": "2020-05-25T14:25:16Z", + "pushed_at": "2018-06-06T17:24:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 143149359, + "name": "CVE-2018-11235", + "full_name": "knqyf263\/CVE-2018-11235", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-11235", + "description": "CVE-2018-11235 (Git)", + "fork": false, + "created_at": "2018-08-01T11:52:54Z", + "updated_at": "2019-04-24T05:32:20Z", + "pushed_at": "2018-11-23T14:34:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 160238249, "name": "CVE-2018-11235", diff --git a/2018/CVE-2018-11236.json b/2018/CVE-2018-11236.json index 8c28ce6020..999733d20c 100644 --- a/2018/CVE-2018-11236.json +++ b/2018/CVE-2018-11236.json @@ -1,4 +1,27 @@ [ + { + "id": 135661128, + "name": "CVE-2018-11236", + "full_name": "evilmiracle\/CVE-2018-11236", + "owner": { + "login": "evilmiracle", + "id": 17810331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17810331?v=4", + "html_url": "https:\/\/github.com\/evilmiracle" + }, + "html_url": "https:\/\/github.com\/evilmiracle\/CVE-2018-11236", + "description": "Proof of Concept", + "fork": false, + "created_at": "2018-06-01T03:05:42Z", + "updated_at": "2018-06-04T19:47:31Z", + "pushed_at": "2018-05-31T07:32:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 308481035, "name": "CVE-2018-11236", diff --git a/2018/CVE-2018-11311.json b/2018/CVE-2018-11311.json new file mode 100644 index 0000000000..06b6e272db --- /dev/null +++ b/2018/CVE-2018-11311.json @@ -0,0 +1,25 @@ +[ + { + "id": 134082464, + "name": "mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password", + "full_name": "EmreOvunc\/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password", + "description": "CVE-2018-11311 | mySCADA myPRO 7 Hardcoded FTP Username and Password Vulnerability", + "fork": false, + "created_at": "2018-05-19T17:14:49Z", + "updated_at": "2020-05-16T12:46:32Z", + "pushed_at": "2018-07-02T14:26:13Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 3, + "forks": 3, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11450.json b/2018/CVE-2018-11450.json new file mode 100644 index 0000000000..9f6980ee7a --- /dev/null +++ b/2018/CVE-2018-11450.json @@ -0,0 +1,25 @@ +[ + { + "id": 138933947, + "name": "Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability", + "full_name": "LucvanDonk\/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability", + "owner": { + "login": "LucvanDonk", + "id": 33685332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33685332?v=4", + "html_url": "https:\/\/github.com\/LucvanDonk" + }, + "html_url": "https:\/\/github.com\/LucvanDonk\/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability", + "description": "CVE-ID: CVE-2018-11450", + "fork": false, + "created_at": "2018-06-27T21:16:57Z", + "updated_at": "2019-02-10T04:58:12Z", + "pushed_at": "2018-06-27T21:16:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11510.json b/2018/CVE-2018-11510.json new file mode 100644 index 0000000000..1f0989efea --- /dev/null +++ b/2018/CVE-2018-11510.json @@ -0,0 +1,25 @@ +[ + { + "id": 137818504, + "name": "CVE-2018-11510", + "full_name": "mefulton\/CVE-2018-11510", + "owner": { + "login": "mefulton", + "id": 27797094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27797094?v=4", + "html_url": "https:\/\/github.com\/mefulton" + }, + "html_url": "https:\/\/github.com\/mefulton\/CVE-2018-11510", + "description": "Just a couple exploits for CVE-2018-11510", + "fork": false, + "created_at": "2018-06-18T23:49:41Z", + "updated_at": "2018-06-19T10:57:30Z", + "pushed_at": "2018-06-19T10:57:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11517.json b/2018/CVE-2018-11517.json new file mode 100644 index 0000000000..c1aece5235 --- /dev/null +++ b/2018/CVE-2018-11517.json @@ -0,0 +1,25 @@ +[ + { + "id": 134974554, + "name": "mySCADA-myPRO-7-projectID-Disclosure", + "full_name": "EmreOvunc\/mySCADA-myPRO-7-projectID-Disclosure", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/mySCADA-myPRO-7-projectID-Disclosure", + "description": "CVE-2018-11517 | mySCADA myPRO v7.0.46 has another vulnerability to discover all projects in the system.", + "fork": false, + "created_at": "2018-05-26T15:49:07Z", + "updated_at": "2020-05-16T12:46:21Z", + "pushed_at": "2018-05-28T21:51:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11631.json b/2018/CVE-2018-11631.json new file mode 100644 index 0000000000..03f86f529e --- /dev/null +++ b/2018/CVE-2018-11631.json @@ -0,0 +1,25 @@ +[ + { + "id": 135617105, + "name": "bandexploit", + "full_name": "xMagass\/bandexploit", + "owner": { + "login": "xMagass", + "id": 17924254, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17924254?v=4", + "html_url": "https:\/\/github.com\/xMagass" + }, + "html_url": "https:\/\/github.com\/xMagass\/bandexploit", + "description": "M1 Band Smart Watch Bluetooth Low Energy Exploit python script (CVE-2018-11631)", + "fork": false, + "created_at": "2018-05-31T17:46:59Z", + "updated_at": "2020-08-13T15:01:07Z", + "pushed_at": "2018-07-27T10:28:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11759.json b/2018/CVE-2018-11759.json index 0ea5d197aa..45a1c0eeac 100644 --- a/2018/CVE-2018-11759.json +++ b/2018/CVE-2018-11759.json @@ -1,4 +1,27 @@ [ + { + "id": 155689679, + "name": "CVE-2018-11759", + "full_name": "immunIT\/CVE-2018-11759", + "owner": { + "login": "immunIT", + "id": 17569882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17569882?v=4", + "html_url": "https:\/\/github.com\/immunIT" + }, + "html_url": "https:\/\/github.com\/immunIT\/CVE-2018-11759", + "description": "Proof of concept showing how to exploit the CVE-2018-11759", + "fork": false, + "created_at": "2018-11-01T09:11:07Z", + "updated_at": "2020-07-13T15:43:59Z", + "pushed_at": "2018-12-11T12:59:26Z", + "stargazers_count": 35, + "watchers_count": 35, + "forks_count": 14, + "forks": 14, + "watchers": 35, + "score": 0 + }, { "id": 160896534, "name": "Identificador-CVE-2018-11759", diff --git a/2018/CVE-2018-11776.json b/2018/CVE-2018-11776.json index e39c32416e..7d58c6dee0 100644 --- a/2018/CVE-2018-11776.json +++ b/2018/CVE-2018-11776.json @@ -1,4 +1,27 @@ [ + { + "id": 145897861, + "name": "CVE-2018-11776", + "full_name": "trbpnd\/CVE-2018-11776", + "owner": { + "login": "trbpnd", + "id": 39193403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39193403?v=4", + "html_url": "https:\/\/github.com\/trbpnd" + }, + "html_url": "https:\/\/github.com\/trbpnd\/CVE-2018-11776", + "description": "Docker image for a vulnerable struts app", + "fork": false, + "created_at": "2018-08-23T19:25:26Z", + "updated_at": "2018-08-23T19:28:53Z", + "pushed_at": "2018-08-23T19:28:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 145901668, "name": "CVE-2018-11776", @@ -22,6 +45,236 @@ "watchers": 14, "score": 0 }, + { + "id": 145935231, + "name": "CVE-2018-11776", + "full_name": "jiguangin\/CVE-2018-11776", + "owner": { + "login": "jiguangin", + "id": 22545712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22545712?v=4", + "html_url": "https:\/\/github.com\/jiguangin" + }, + "html_url": "https:\/\/github.com\/jiguangin\/CVE-2018-11776", + "description": "CVE-2018-11776(S2-057) EXPLOIT CODE", + "fork": false, + "created_at": "2018-08-24T03:01:29Z", + "updated_at": "2020-12-29T15:23:34Z", + "pushed_at": "2018-08-24T03:27:02Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 5, + "forks": 5, + "watchers": 10, + "score": 0 + }, + { + "id": 145985371, + "name": "CVE-2018-11776-Python-PoC", + "full_name": "hook-s3c\/CVE-2018-11776-Python-PoC", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2018-11776-Python-PoC", + "description": "Working Python test and PoC for CVE-2018-11776, includes Docker lab", + "fork": false, + "created_at": "2018-08-24T11:53:02Z", + "updated_at": "2020-05-14T19:08:54Z", + "pushed_at": "2018-08-25T02:14:49Z", + "stargazers_count": 117, + "watchers_count": 117, + "forks_count": 48, + "forks": 48, + "watchers": 117, + "score": 0 + }, + { + "id": 146056002, + "name": "struts-pwn_CVE-2018-11776", + "full_name": "mazen160\/struts-pwn_CVE-2018-11776", + "owner": { + "login": "mazen160", + "id": 8996052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8996052?v=4", + "html_url": "https:\/\/github.com\/mazen160" + }, + "html_url": "https:\/\/github.com\/mazen160\/struts-pwn_CVE-2018-11776", + "description": " An exploit for Apache Struts CVE-2018-11776", + "fork": false, + "created_at": "2018-08-25T01:53:30Z", + "updated_at": "2021-02-04T06:38:49Z", + "pushed_at": "2018-08-26T02:31:39Z", + "stargazers_count": 299, + "watchers_count": 299, + "forks_count": 102, + "forks": 102, + "watchers": 299, + "score": 0 + }, + { + "id": 146060181, + "name": "CVE-2018-11776", + "full_name": "bhdresh\/CVE-2018-11776", + "owner": { + "login": "bhdresh", + "id": 8931885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8931885?v=4", + "html_url": "https:\/\/github.com\/bhdresh" + }, + "html_url": "https:\/\/github.com\/bhdresh\/CVE-2018-11776", + "description": "Vulnerable docker container for CVE-2018-11776", + "fork": false, + "created_at": "2018-08-25T03:06:30Z", + "updated_at": "2020-01-06T22:41:00Z", + "pushed_at": "2018-08-25T04:53:35Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 5, + "forks": 5, + "watchers": 8, + "score": 0 + }, + { + "id": 146094544, + "name": "CVE-2018-11776", + "full_name": "knqyf263\/CVE-2018-11776", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-11776", + "description": "Environment for CVE-2018-11776 \/ S2-057 (Apache Struts 2)", + "fork": false, + "created_at": "2018-08-25T12:45:15Z", + "updated_at": "2021-01-19T03:50:38Z", + "pushed_at": "2018-08-25T14:20:46Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + }, + { + "id": 146330536, + "name": "Strutter", + "full_name": "Ekultek\/Strutter", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek" + }, + "html_url": "https:\/\/github.com\/Ekultek\/Strutter", + "description": "Proof of Concept for CVE-2018-11776", + "fork": false, + "created_at": "2018-08-27T17:22:16Z", + "updated_at": "2020-12-12T20:05:33Z", + "pushed_at": "2018-09-12T14:28:35Z", + "stargazers_count": 20, + "watchers_count": 20, + "forks_count": 3, + "forks": 3, + "watchers": 20, + "score": 0 + }, + { + "id": 146373342, + "name": "cve-2018-11776-docker", + "full_name": "tuxotron\/cve-2018-11776-docker", + "owner": { + "login": "tuxotron", + "id": 937637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/937637?v=4", + "html_url": "https:\/\/github.com\/tuxotron" + }, + "html_url": "https:\/\/github.com\/tuxotron\/cve-2018-11776-docker", + "description": null, + "fork": false, + "created_at": "2018-08-28T01:14:52Z", + "updated_at": "2019-09-24T14:38:18Z", + "pushed_at": "2018-08-29T17:58:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 146519519, + "name": "S2-057-CVE-2018-11776", + "full_name": "brianwrf\/S2-057-CVE-2018-11776", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/S2-057-CVE-2018-11776", + "description": "A simple exploit for Apache Struts RCE S2-057 (CVE-2018-11776)", + "fork": false, + "created_at": "2018-08-28T23:48:14Z", + "updated_at": "2018-12-23T03:47:07Z", + "pushed_at": "2018-08-29T00:03:56Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 4, + "forks": 4, + "watchers": 15, + "score": 0 + }, + { + "id": 146650579, + "name": "Apache-Struts-Shodan-Exploit", + "full_name": "649\/Apache-Struts-Shodan-Exploit", + "owner": { + "login": "649", + "id": 23534047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23534047?v=4", + "html_url": "https:\/\/github.com\/649" + }, + "html_url": "https:\/\/github.com\/649\/Apache-Struts-Shodan-Exploit", + "description": "This tool takes advantage of CVE-2018-11776 and Shodan to perform mass exploitation of verified and vulnerable Apache Struts servers.", + "fork": false, + "created_at": "2018-08-29T19:50:26Z", + "updated_at": "2020-10-30T15:35:06Z", + "pushed_at": "2018-08-30T00:16:01Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 17, + "forks": 17, + "watchers": 49, + "score": 0 + }, + { + "id": 147746262, + "name": "CVE-2018-11776-Python-PoC", + "full_name": "jezzus\/CVE-2018-11776-Python-PoC", + "owner": { + "login": "jezzus", + "id": 9899999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9899999?v=4", + "html_url": "https:\/\/github.com\/jezzus" + }, + "html_url": "https:\/\/github.com\/jezzus\/CVE-2018-11776-Python-PoC", + "description": null, + "fork": false, + "created_at": "2018-09-06T23:49:20Z", + "updated_at": "2018-09-06T23:49:20Z", + "pushed_at": "2018-09-06T23:49:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 164352202, "name": "cve-2018-11776", diff --git a/2018/CVE-2018-12018.json b/2018/CVE-2018-12018.json new file mode 100644 index 0000000000..46fac5724c --- /dev/null +++ b/2018/CVE-2018-12018.json @@ -0,0 +1,25 @@ +[ + { + "id": 153770795, + "name": "CVE-2018-12018", + "full_name": "k3v142\/CVE-2018-12018", + "owner": { + "login": "k3v142", + "id": 12337759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12337759?v=4", + "html_url": "https:\/\/github.com\/k3v142" + }, + "html_url": "https:\/\/github.com\/k3v142\/CVE-2018-12018", + "description": "EPoD (Ethereum Packet of Death)", + "fork": false, + "created_at": "2018-10-19T11:11:01Z", + "updated_at": "2019-12-14T15:32:33Z", + "pushed_at": "2018-10-20T21:07:42Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12031.json b/2018/CVE-2018-12031.json new file mode 100644 index 0000000000..8ff0e8bc40 --- /dev/null +++ b/2018/CVE-2018-12031.json @@ -0,0 +1,25 @@ +[ + { + "id": 136349330, + "name": "Eaton-Intelligent-Power-Manager-Local-File-Inclusion", + "full_name": "EmreOvunc\/Eaton-Intelligent-Power-Manager-Local-File-Inclusion", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/Eaton-Intelligent-Power-Manager-Local-File-Inclusion", + "description": "CVE-2018-12031 | LFI in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file, it can lead to sensitive information disclosure, denial of service and code execution.", + "fork": false, + "created_at": "2018-06-06T15:31:29Z", + "updated_at": "2020-05-16T12:46:43Z", + "pushed_at": "2018-08-29T10:50:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12038.json b/2018/CVE-2018-12038.json new file mode 100644 index 0000000000..7f4e8c6f0e --- /dev/null +++ b/2018/CVE-2018-12038.json @@ -0,0 +1,25 @@ +[ + { + "id": 162155985, + "name": "remote-bitlocker-encryption-report", + "full_name": "gdraperi\/remote-bitlocker-encryption-report", + "owner": { + "login": "gdraperi", + "id": 33750242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33750242?v=4", + "html_url": "https:\/\/github.com\/gdraperi" + }, + "html_url": "https:\/\/github.com\/gdraperi\/remote-bitlocker-encryption-report", + "description": "PowerShell script to mitigate CVE-2018-12038. The script takes a list of PC as input, gets their BitLocker encryption type remotely, and outputs a report as a CSV file", + "fork": false, + "created_at": "2018-12-17T16:02:26Z", + "updated_at": "2019-02-11T14:30:38Z", + "pushed_at": "2018-12-07T20:11:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12418.json b/2018/CVE-2018-12418.json new file mode 100644 index 0000000000..d9d1b2ef1d --- /dev/null +++ b/2018/CVE-2018-12418.json @@ -0,0 +1,25 @@ +[ + { + "id": 158208279, + "name": "CVE-2018-12418", + "full_name": "tafamace\/CVE-2018-12418", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-12418", + "description": null, + "fork": false, + "created_at": "2018-11-19T11:12:00Z", + "updated_at": "2018-11-19T11:15:44Z", + "pushed_at": "2018-11-19T11:15:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12463.json b/2018/CVE-2018-12463.json new file mode 100644 index 0000000000..236944a548 --- /dev/null +++ b/2018/CVE-2018-12463.json @@ -0,0 +1,25 @@ +[ + { + "id": 140411928, + "name": "CVE-2018-12463", + "full_name": "alt3kx\/CVE-2018-12463", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12463", + "description": "XML external entity (XXE) vulnerability in \/ssc\/fm-ws\/services in Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (0day CVE-2018-12463)", + "fork": false, + "created_at": "2018-07-10T09:51:40Z", + "updated_at": "2021-01-12T12:20:23Z", + "pushed_at": "2018-07-17T08:13:34Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12537.json b/2018/CVE-2018-12537.json new file mode 100644 index 0000000000..c82a70d31d --- /dev/null +++ b/2018/CVE-2018-12537.json @@ -0,0 +1,25 @@ +[ + { + "id": 158209208, + "name": "CVE-2018-12537", + "full_name": "tafamace\/CVE-2018-12537", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-12537", + "description": null, + "fork": false, + "created_at": "2018-11-19T11:18:35Z", + "updated_at": "2018-11-19T11:32:44Z", + "pushed_at": "2018-11-19T11:32:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12540.json b/2018/CVE-2018-12540.json new file mode 100644 index 0000000000..5853ec7161 --- /dev/null +++ b/2018/CVE-2018-12540.json @@ -0,0 +1,25 @@ +[ + { + "id": 158212154, + "name": "CVE-2018-12540", + "full_name": "tafamace\/CVE-2018-12540", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-12540", + "description": null, + "fork": false, + "created_at": "2018-11-19T11:41:16Z", + "updated_at": "2018-11-19T11:46:57Z", + "pushed_at": "2018-11-19T11:46:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1259.json b/2018/CVE-2018-1259.json new file mode 100644 index 0000000000..b82daca8e7 --- /dev/null +++ b/2018/CVE-2018-1259.json @@ -0,0 +1,25 @@ +[ + { + "id": 158194793, + "name": "CVE-2018-1259", + "full_name": "tafamace\/CVE-2018-1259", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-1259", + "description": null, + "fork": false, + "created_at": "2018-11-19T09:25:32Z", + "updated_at": "2018-11-19T09:32:46Z", + "pushed_at": "2018-11-19T09:32:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12596.json b/2018/CVE-2018-12596.json new file mode 100644 index 0000000000..1cb5698cec --- /dev/null +++ b/2018/CVE-2018-12596.json @@ -0,0 +1,25 @@ +[ + { + "id": 138130645, + "name": "CVE-2018-12596", + "full_name": "alt3kx\/CVE-2018-12596", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12596", + "description": "Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596)", + "fork": false, + "created_at": "2018-06-21T06:47:05Z", + "updated_at": "2018-10-11T00:25:47Z", + "pushed_at": "2018-10-11T00:19:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12597.json b/2018/CVE-2018-12597.json new file mode 100644 index 0000000000..49fd22451c --- /dev/null +++ b/2018/CVE-2018-12597.json @@ -0,0 +1,25 @@ +[ + { + "id": 138131591, + "name": "CVE-2018-12597", + "full_name": "alt3kx\/CVE-2018-12597", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12597", + "description": "CVE-2018-12597", + "fork": false, + "created_at": "2018-06-21T06:55:39Z", + "updated_at": "2018-06-21T07:03:41Z", + "pushed_at": "2018-06-21T07:03:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12598.json b/2018/CVE-2018-12598.json new file mode 100644 index 0000000000..c46ef608ed --- /dev/null +++ b/2018/CVE-2018-12598.json @@ -0,0 +1,25 @@ +[ + { + "id": 138132015, + "name": "CVE-2018-12598", + "full_name": "alt3kx\/CVE-2018-12598", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12598", + "description": "CVE-2018-12598", + "fork": false, + "created_at": "2018-06-21T06:59:46Z", + "updated_at": "2018-06-21T07:05:17Z", + "pushed_at": "2018-06-21T07:05:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12613.json b/2018/CVE-2018-12613.json index e0028c9090..3cc08760cb 100644 --- a/2018/CVE-2018-12613.json +++ b/2018/CVE-2018-12613.json @@ -1,4 +1,27 @@ [ + { + "id": 156870746, + "name": "CVE-2018-12613", + "full_name": "0x00-0x00\/CVE-2018-12613", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-12613", + "description": "PHPMyAdmin v4.8.0 and v.4.8.1 LFI exploit", + "fork": false, + "created_at": "2018-11-09T14:10:20Z", + "updated_at": "2020-03-11T07:23:14Z", + "pushed_at": "2018-11-09T14:42:23Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "forks": 3, + "watchers": 6, + "score": 0 + }, { "id": 208791479, "name": "CVE-2018-12613", diff --git a/2018/CVE-2018-1270.json b/2018/CVE-2018-1270.json index 65d4df4646..c9e03e0224 100644 --- a/2018/CVE-2018-1270.json +++ b/2018/CVE-2018-1270.json @@ -1,4 +1,73 @@ [ + { + "id": 128482458, + "name": "CVE-2018-1270", + "full_name": "CaledoniaProject\/CVE-2018-1270", + "owner": { + "login": "CaledoniaProject", + "id": 1357701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1357701?v=4", + "html_url": "https:\/\/github.com\/CaledoniaProject" + }, + "html_url": "https:\/\/github.com\/CaledoniaProject\/CVE-2018-1270", + "description": "Spring messaging STOMP protocol RCE", + "fork": false, + "created_at": "2018-04-07T00:14:33Z", + "updated_at": "2020-10-12T06:35:37Z", + "pushed_at": "2018-04-12T05:48:24Z", + "stargazers_count": 110, + "watchers_count": 110, + "forks_count": 25, + "forks": 25, + "watchers": 110, + "score": 0 + }, + { + "id": 129230393, + "name": "CVE-2018-1270_EXP", + "full_name": "genxor\/CVE-2018-1270_EXP", + "owner": { + "login": "genxor", + "id": 3094713, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3094713?v=4", + "html_url": "https:\/\/github.com\/genxor" + }, + "html_url": "https:\/\/github.com\/genxor\/CVE-2018-1270_EXP", + "description": null, + "fork": false, + "created_at": "2018-04-12T09:54:34Z", + "updated_at": "2019-10-11T19:04:29Z", + "pushed_at": "2018-04-12T10:00:45Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 5, + "forks": 5, + "watchers": 19, + "score": 0 + }, + { + "id": 158213121, + "name": "CVE-2018-1270", + "full_name": "tafamace\/CVE-2018-1270", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-1270", + "description": null, + "fork": false, + "created_at": "2018-11-19T11:47:40Z", + "updated_at": "2018-11-19T12:00:19Z", + "pushed_at": "2018-11-19T12:00:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 162062968, "name": "CVE-2018-1270", diff --git a/2018/CVE-2018-1273.json b/2018/CVE-2018-1273.json index 7c116cc471..8b36916c34 100644 --- a/2018/CVE-2018-1273.json +++ b/2018/CVE-2018-1273.json @@ -1,4 +1,73 @@ [ + { + "id": 129407531, + "name": "CVE-2018-1273", + "full_name": "knqyf263\/CVE-2018-1273", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-1273", + "description": "Environment for CVE-2018-1273 (Spring Data Commons)", + "fork": false, + "created_at": "2018-04-13T13:41:02Z", + "updated_at": "2021-01-22T02:49:50Z", + "pushed_at": "2018-08-15T05:26:45Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 2, + "forks": 2, + "watchers": 9, + "score": 0 + }, + { + "id": 129910523, + "name": "poc-cve-2018-1273", + "full_name": "wearearima\/poc-cve-2018-1273", + "owner": { + "login": "wearearima", + "id": 24791991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24791991?v=4", + "html_url": "https:\/\/github.com\/wearearima" + }, + "html_url": "https:\/\/github.com\/wearearima\/poc-cve-2018-1273", + "description": "POC for CVE-2018-1273", + "fork": false, + "created_at": "2018-04-17T13:41:00Z", + "updated_at": "2020-09-29T16:06:24Z", + "pushed_at": "2018-06-05T15:07:18Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 9, + "forks": 9, + "watchers": 21, + "score": 0 + }, + { + "id": 151734933, + "name": "poc-cve-2018-1273", + "full_name": "webr0ck\/poc-cve-2018-1273", + "owner": { + "login": "webr0ck", + "id": 30629042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30629042?v=4", + "html_url": "https:\/\/github.com\/webr0ck" + }, + "html_url": "https:\/\/github.com\/webr0ck\/poc-cve-2018-1273", + "description": null, + "fork": false, + "created_at": "2018-10-05T14:42:07Z", + "updated_at": "2018-10-09T09:26:39Z", + "pushed_at": "2018-10-05T14:42:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, { "id": 166271014, "name": "cve-2018-1273", diff --git a/2018/CVE-2018-12895.json b/2018/CVE-2018-12895.json new file mode 100644 index 0000000000..4cbe26e3c5 --- /dev/null +++ b/2018/CVE-2018-12895.json @@ -0,0 +1,25 @@ +[ + { + "id": 139890292, + "name": "cve-2018-12895-hotfix", + "full_name": "bloom-ux\/cve-2018-12895-hotfix", + "owner": { + "login": "bloom-ux", + "id": 22582007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22582007?v=4", + "html_url": "https:\/\/github.com\/bloom-ux" + }, + "html_url": "https:\/\/github.com\/bloom-ux\/cve-2018-12895-hotfix", + "description": "Hotfix for file deletion to to code execution vulnerability in WordPress", + "fork": false, + "created_at": "2018-07-05T19:09:17Z", + "updated_at": "2018-07-05T19:48:44Z", + "pushed_at": "2018-07-05T19:48:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1304.json b/2018/CVE-2018-1304.json new file mode 100644 index 0000000000..cfe029fc54 --- /dev/null +++ b/2018/CVE-2018-1304.json @@ -0,0 +1,48 @@ +[ + { + "id": 122712148, + "name": "CVE-2018-1304", + "full_name": "knqyf263\/CVE-2018-1304", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-1304", + "description": null, + "fork": false, + "created_at": "2018-02-24T06:45:21Z", + "updated_at": "2018-05-07T09:36:43Z", + "pushed_at": "2018-02-25T12:29:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 124373835, + "name": "tomcat_CVE-2018-1304_testing", + "full_name": "thariyarox\/tomcat_CVE-2018-1304_testing", + "owner": { + "login": "thariyarox", + "id": 8102507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8102507?v=4", + "html_url": "https:\/\/github.com\/thariyarox" + }, + "html_url": "https:\/\/github.com\/thariyarox\/tomcat_CVE-2018-1304_testing", + "description": null, + "fork": false, + "created_at": "2018-03-08T10:12:22Z", + "updated_at": "2018-03-08T10:24:11Z", + "pushed_at": "2018-03-08T10:30:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1305.json b/2018/CVE-2018-1305.json new file mode 100644 index 0000000000..cadcbb51d5 --- /dev/null +++ b/2018/CVE-2018-1305.json @@ -0,0 +1,25 @@ +[ + { + "id": 129016985, + "name": "CVE-2018-1305", + "full_name": "Pa55w0rd\/CVE-2018-1305", + "owner": { + "login": "Pa55w0rd", + "id": 16274549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16274549?v=4", + "html_url": "https:\/\/github.com\/Pa55w0rd" + }, + "html_url": "https:\/\/github.com\/Pa55w0rd\/CVE-2018-1305", + "description": "Apache Tomcat 安全绕过漏洞 Poc", + "fork": false, + "created_at": "2018-04-11T01:37:58Z", + "updated_at": "2020-12-14T07:06:56Z", + "pushed_at": "2018-03-12T18:05:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 8, + "forks": 8, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1313.json b/2018/CVE-2018-1313.json new file mode 100644 index 0000000000..b9690923e6 --- /dev/null +++ b/2018/CVE-2018-1313.json @@ -0,0 +1,25 @@ +[ + { + "id": 158220324, + "name": "CVE-2018-1313", + "full_name": "tafamace\/CVE-2018-1313", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-1313", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:38:21Z", + "updated_at": "2018-11-19T12:48:53Z", + "pushed_at": "2018-11-19T12:48:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1324.json b/2018/CVE-2018-1324.json new file mode 100644 index 0000000000..109a44ac95 --- /dev/null +++ b/2018/CVE-2018-1324.json @@ -0,0 +1,25 @@ +[ + { + "id": 158221452, + "name": "CVE-2018-1324", + "full_name": "tafamace\/CVE-2018-1324", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-1324", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:46:37Z", + "updated_at": "2018-11-19T13:04:11Z", + "pushed_at": "2018-11-19T13:04:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-13784.json b/2018/CVE-2018-13784.json new file mode 100644 index 0000000000..4b75e8ea11 --- /dev/null +++ b/2018/CVE-2018-13784.json @@ -0,0 +1,25 @@ +[ + { + "id": 141165293, + "name": "prestashop-exploits", + "full_name": "ambionics\/prestashop-exploits", + "owner": { + "login": "ambionics", + "id": 29630660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29630660?v=4", + "html_url": "https:\/\/github.com\/ambionics" + }, + "html_url": "https:\/\/github.com\/ambionics\/prestashop-exploits", + "description": "Collection of exploits\/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)", + "fork": false, + "created_at": "2018-07-16T16:33:41Z", + "updated_at": "2020-11-23T07:28:24Z", + "pushed_at": "2018-07-17T09:02:34Z", + "stargazers_count": 45, + "watchers_count": 45, + "forks_count": 11, + "forks": 11, + "watchers": 45, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-13864.json b/2018/CVE-2018-13864.json new file mode 100644 index 0000000000..8ce59f8fe8 --- /dev/null +++ b/2018/CVE-2018-13864.json @@ -0,0 +1,25 @@ +[ + { + "id": 158196795, + "name": "CVE-2018-13864", + "full_name": "tafamace\/CVE-2018-13864", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-13864", + "description": null, + "fork": false, + "created_at": "2018-11-19T09:40:47Z", + "updated_at": "2018-11-19T09:45:34Z", + "pushed_at": "2018-11-19T09:45:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14.json b/2018/CVE-2018-14.json new file mode 100644 index 0000000000..5071090734 --- /dev/null +++ b/2018/CVE-2018-14.json @@ -0,0 +1,25 @@ +[ + { + "id": 144012223, + "name": "legacySymfony", + "full_name": "lckJack\/legacySymfony", + "owner": { + "login": "lckJack", + "id": 38405856, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38405856?v=4", + "html_url": "https:\/\/github.com\/lckJack" + }, + "html_url": "https:\/\/github.com\/lckJack\/legacySymfony", + "description": "Easy script to check if drupal 8.x-8.5.6 is vulnerable to CVE-2018-14.773", + "fork": false, + "created_at": "2018-08-08T12:42:56Z", + "updated_at": "2018-08-08T17:28:27Z", + "pushed_at": "2018-08-08T12:46:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14083.json b/2018/CVE-2018-14083.json new file mode 100644 index 0000000000..ee85f59c8e --- /dev/null +++ b/2018/CVE-2018-14083.json @@ -0,0 +1,25 @@ +[ + { + "id": 142094467, + "name": "CVE-2018-14083", + "full_name": "pudding2\/CVE-2018-14083", + "owner": { + "login": "pudding2", + "id": 28480779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28480779?v=4", + "html_url": "https:\/\/github.com\/pudding2" + }, + "html_url": "https:\/\/github.com\/pudding2\/CVE-2018-14083", + "description": null, + "fork": false, + "created_at": "2018-07-24T02:36:08Z", + "updated_at": "2019-01-14T11:31:59Z", + "pushed_at": "2018-07-24T02:56:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14634.json b/2018/CVE-2018-14634.json new file mode 100644 index 0000000000..09f04d3e3e --- /dev/null +++ b/2018/CVE-2018-14634.json @@ -0,0 +1,25 @@ +[ + { + "id": 152124947, + "name": "cve-2018-14634", + "full_name": "luan0ap\/cve-2018-14634", + "owner": { + "login": "luan0ap", + "id": 26953960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26953960?v=4", + "html_url": "https:\/\/github.com\/luan0ap" + }, + "html_url": "https:\/\/github.com\/luan0ap\/cve-2018-14634", + "description": "proof-of-concept (PoC) for linux dists based on Debian, CentOS and RedHat - exploit 1", + "fork": false, + "created_at": "2018-10-08T18:12:03Z", + "updated_at": "2020-03-29T03:02:36Z", + "pushed_at": "2018-10-09T16:44:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 8, + "forks": 8, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14665.json b/2018/CVE-2018-14665.json index d2f1c31e95..0340890173 100644 --- a/2018/CVE-2018-14665.json +++ b/2018/CVE-2018-14665.json @@ -1,4 +1,27 @@ [ + { + "id": 154950649, + "name": "CVE-2018-14665", + "full_name": "jas502n\/CVE-2018-14665", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-14665", + "description": "OpenBsd_CVE-2018-14665", + "fork": false, + "created_at": "2018-10-27T10:12:05Z", + "updated_at": "2020-10-26T10:10:05Z", + "pushed_at": "2018-10-27T10:44:35Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 8, + "forks": 8, + "watchers": 14, + "score": 0 + }, { "id": 155795794, "name": "CVE-2018-14665", diff --git a/2018/CVE-2018-14667.json b/2018/CVE-2018-14667.json index b775e23798..509a35eb84 100644 --- a/2018/CVE-2018-14667.json +++ b/2018/CVE-2018-14667.json @@ -1,4 +1,96 @@ [ + { + "id": 158057391, + "name": "cve-2018-14667", + "full_name": "nareshmail\/cve-2018-14667", + "owner": { + "login": "nareshmail", + "id": 6008091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6008091?v=4", + "html_url": "https:\/\/github.com\/nareshmail" + }, + "html_url": "https:\/\/github.com\/nareshmail\/cve-2018-14667", + "description": "cve-2018-14667 demo", + "fork": false, + "created_at": "2018-11-18T06:43:46Z", + "updated_at": "2020-04-01T03:46:35Z", + "pushed_at": "2018-11-17T04:13:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 158791727, + "name": "CVE-2018-14667", + "full_name": "zeroto01\/CVE-2018-14667", + "owner": { + "login": "zeroto01", + "id": 45281392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45281392?v=4", + "html_url": "https:\/\/github.com\/zeroto01" + }, + "html_url": "https:\/\/github.com\/zeroto01\/CVE-2018-14667", + "description": null, + "fork": false, + "created_at": "2018-11-23T06:44:49Z", + "updated_at": "2018-11-27T04:22:10Z", + "pushed_at": "2018-11-23T06:50:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 159462372, + "name": "CVE-2018-14667", + "full_name": "r00t4dm\/CVE-2018-14667", + "owner": { + "login": "r00t4dm", + "id": 36941976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36941976?v=4", + "html_url": "https:\/\/github.com\/r00t4dm" + }, + "html_url": "https:\/\/github.com\/r00t4dm\/CVE-2018-14667", + "description": "about CVE-2018-14667 from RichFaces Framework 3.3.4", + "fork": false, + "created_at": "2018-11-28T07:35:28Z", + "updated_at": "2018-11-29T02:48:19Z", + "pushed_at": "2018-11-29T02:48:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 159766854, + "name": "CVE-2018-14667", + "full_name": "syriusbughunt\/CVE-2018-14667", + "owner": { + "login": "syriusbughunt", + "id": 45476916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45476916?v=4", + "html_url": "https:\/\/github.com\/syriusbughunt" + }, + "html_url": "https:\/\/github.com\/syriusbughunt\/CVE-2018-14667", + "description": "All about CVE-2018-14667; From what it is to how to successfully exploit it.", + "fork": false, + "created_at": "2018-11-30T04:06:08Z", + "updated_at": "2021-02-06T12:40:39Z", + "pushed_at": "2018-11-30T07:10:44Z", + "stargazers_count": 42, + "watchers_count": 42, + "forks_count": 11, + "forks": 11, + "watchers": 42, + "score": 0 + }, { "id": 199370771, "name": "cve-2018-14667", diff --git a/2018/CVE-2018-14772.json b/2018/CVE-2018-14772.json new file mode 100644 index 0000000000..cecbe13dfc --- /dev/null +++ b/2018/CVE-2018-14772.json @@ -0,0 +1,25 @@ +[ + { + "id": 148241935, + "name": "CVE-2018-14772", + "full_name": "spencerdodd\/CVE-2018-14772", + "owner": { + "login": "spencerdodd", + "id": 9969454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9969454?v=4", + "html_url": "https:\/\/github.com\/spencerdodd" + }, + "html_url": "https:\/\/github.com\/spencerdodd\/CVE-2018-14772", + "description": "RCE exploit for CVE-2018-14772", + "fork": false, + "created_at": "2018-09-11T01:24:21Z", + "updated_at": "2020-10-21T22:16:16Z", + "pushed_at": "2018-11-01T01:47:17Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 2, + "forks": 2, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14847.json b/2018/CVE-2018-14847.json index 98a1418d1b..6b84982d02 100644 --- a/2018/CVE-2018-14847.json +++ b/2018/CVE-2018-14847.json @@ -22,6 +22,52 @@ "watchers": 407, "score": 0 }, + { + "id": 148370201, + "name": "WinboxExploit", + "full_name": "msterusky\/WinboxExploit", + "owner": { + "login": "msterusky", + "id": 29436829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29436829?v=4", + "html_url": "https:\/\/github.com\/msterusky" + }, + "html_url": "https:\/\/github.com\/msterusky\/WinboxExploit", + "description": "C# implementation of BasuCert\/WinboxPoC [Winbox Critical Vulnerability (CVE-2018-14847)]", + "fork": false, + "created_at": "2018-09-11T19:36:49Z", + "updated_at": "2020-01-10T14:58:08Z", + "pushed_at": "2018-09-11T20:12:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 4, + "forks": 4, + "watchers": 4, + "score": 0 + }, + { + "id": 152906288, + "name": "MikroRoot", + "full_name": "syrex1013\/MikroRoot", + "owner": { + "login": "syrex1013", + "id": 31669127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31669127?v=4", + "html_url": "https:\/\/github.com\/syrex1013" + }, + "html_url": "https:\/\/github.com\/syrex1013\/MikroRoot", + "description": "Automated version of CVE-2018-14847 (MikroTik Exploit)", + "fork": false, + "created_at": "2018-10-13T19:17:42Z", + "updated_at": "2020-11-02T06:16:27Z", + "pushed_at": "2018-10-14T08:39:24Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 2, + "forks": 2, + "watchers": 13, + "score": 0 + }, { "id": 161894724, "name": "CVE-2018-14847", diff --git a/2018/CVE-2018-15131.json b/2018/CVE-2018-15131.json new file mode 100644 index 0000000000..b7b59636fc --- /dev/null +++ b/2018/CVE-2018-15131.json @@ -0,0 +1,25 @@ +[ + { + "id": 147528539, + "name": "CVE-2018-15131", + "full_name": "0x00-0x00\/CVE-2018-15131", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-15131", + "description": "Zimbra Collaboration Suite Username Enumeration ", + "fork": false, + "created_at": "2018-09-05T14:11:16Z", + "updated_at": "2018-10-28T04:05:13Z", + "pushed_at": "2018-09-05T14:11:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15133.json b/2018/CVE-2018-15133.json index a7ae1e0655..cda89cea2d 100644 --- a/2018/CVE-2018-15133.json +++ b/2018/CVE-2018-15133.json @@ -1,4 +1,27 @@ [ + { + "id": 144760095, + "name": "laravel-poc-CVE-2018-15133", + "full_name": "kozmic\/laravel-poc-CVE-2018-15133", + "owner": { + "login": "kozmic", + "id": 6666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6666?v=4", + "html_url": "https:\/\/github.com\/kozmic" + }, + "html_url": "https:\/\/github.com\/kozmic\/laravel-poc-CVE-2018-15133", + "description": "PoC for CVE-2018-15133 (Laravel unserialize vulnerability)", + "fork": false, + "created_at": "2018-08-14T18:51:50Z", + "updated_at": "2021-02-06T06:08:29Z", + "pushed_at": "2018-09-27T07:32:19Z", + "stargazers_count": 213, + "watchers_count": 213, + "forks_count": 40, + "forks": 40, + "watchers": 213, + "score": 0 + }, { "id": 243072477, "name": "Laravel-CVE-2018-15133", diff --git a/2018/CVE-2018-15365.json b/2018/CVE-2018-15365.json new file mode 100644 index 0000000000..8d6f56f35c --- /dev/null +++ b/2018/CVE-2018-15365.json @@ -0,0 +1,25 @@ +[ + { + "id": 150475298, + "name": "CVE-2018-15365", + "full_name": "nixwizard\/CVE-2018-15365", + "owner": { + "login": "nixwizard", + "id": 3982790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3982790?v=4", + "html_url": "https:\/\/github.com\/nixwizard" + }, + "html_url": "https:\/\/github.com\/nixwizard\/CVE-2018-15365", + "description": null, + "fork": false, + "created_at": "2018-09-26T18:56:41Z", + "updated_at": "2018-09-27T07:31:12Z", + "pushed_at": "2018-09-27T07:31:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15473.json b/2018/CVE-2018-15473.json index cc7ecf2b56..1e0b6be077 100644 --- a/2018/CVE-2018-15473.json +++ b/2018/CVE-2018-15473.json @@ -22,6 +22,29 @@ "watchers": 119, "score": 0 }, + { + "id": 145296891, + "name": "opensshenum", + "full_name": "gbonacini\/opensshenum", + "owner": { + "login": "gbonacini", + "id": 5440458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5440458?v=4", + "html_url": "https:\/\/github.com\/gbonacini" + }, + "html_url": "https:\/\/github.com\/gbonacini\/opensshenum", + "description": "CVE-2018-15473 - Opensshenum is an user enumerator exploiting an OpenSsh bug", + "fork": false, + "created_at": "2018-08-19T11:23:54Z", + "updated_at": "2019-09-15T11:44:34Z", + "pushed_at": "2018-10-17T12:27:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, { "id": 145483388, "name": "CVE-2018-15473-Exploit", @@ -114,6 +137,52 @@ "watchers": 6, "score": 0 }, + { + "id": 155426753, + "name": "CrappyCode", + "full_name": "JoeBlackSecurity\/CrappyCode", + "owner": { + "login": "JoeBlackSecurity", + "id": 44617164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44617164?v=4", + "html_url": "https:\/\/github.com\/JoeBlackSecurity" + }, + "html_url": "https:\/\/github.com\/JoeBlackSecurity\/CrappyCode", + "description": "Functional script for brute forcing SSH and trying credentials - CVE-2018-15473", + "fork": false, + "created_at": "2018-10-30T17:17:09Z", + "updated_at": "2018-11-06T19:03:05Z", + "pushed_at": "2018-11-06T19:03:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 155492594, + "name": "SSHUsernameBruter-SSHUB", + "full_name": "JoeBlackSecurity\/SSHUsernameBruter-SSHUB", + "owner": { + "login": "JoeBlackSecurity", + "id": 44617164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44617164?v=4", + "html_url": "https:\/\/github.com\/JoeBlackSecurity" + }, + "html_url": "https:\/\/github.com\/JoeBlackSecurity\/SSHUsernameBruter-SSHUB", + "description": "Fully functional script for brute forcing SSH and trying credentials - CVE-2018-15473", + "fork": false, + "created_at": "2018-10-31T03:23:46Z", + "updated_at": "2020-04-23T05:36:20Z", + "pushed_at": "2018-12-05T12:04:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, { "id": 165318682, "name": "cve-2018-15473", diff --git a/2018/CVE-2018-15499.json b/2018/CVE-2018-15499.json new file mode 100644 index 0000000000..91dc341c22 --- /dev/null +++ b/2018/CVE-2018-15499.json @@ -0,0 +1,25 @@ +[ + { + "id": 145583266, + "name": "CVE-2018-15499", + "full_name": "DownWithUp\/CVE-2018-15499", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-15499", + "description": "PoC code for CVE-2018-15499 (exploit race condition for BSoD)", + "fork": false, + "created_at": "2018-08-21T15:26:35Z", + "updated_at": "2020-06-19T06:54:55Z", + "pushed_at": "2018-08-23T12:55:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 5, + "forks": 5, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15727.json b/2018/CVE-2018-15727.json new file mode 100644 index 0000000000..f1ef7e85e7 --- /dev/null +++ b/2018/CVE-2018-15727.json @@ -0,0 +1,25 @@ +[ + { + "id": 146628899, + "name": "grafana-CVE-2018-15727", + "full_name": "u238\/grafana-CVE-2018-15727", + "owner": { + "login": "u238", + "id": 2368573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2368573?v=4", + "html_url": "https:\/\/github.com\/u238" + }, + "html_url": "https:\/\/github.com\/u238\/grafana-CVE-2018-15727", + "description": "a small utility to generate a cookie in order to exploit a grafana vulnerability (CVE-2018-15727)", + "fork": false, + "created_at": "2018-08-29T16:35:22Z", + "updated_at": "2020-07-29T06:48:10Z", + "pushed_at": "2018-08-31T20:31:12Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 7, + "forks": 7, + "watchers": 21, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15832.json b/2018/CVE-2018-15832.json new file mode 100644 index 0000000000..bb0e42cc39 --- /dev/null +++ b/2018/CVE-2018-15832.json @@ -0,0 +1,25 @@ +[ + { + "id": 148423840, + "name": "Ubisoft-Uplay-Desktop-Client-63.0.5699.0", + "full_name": "JacksonKuo\/Ubisoft-Uplay-Desktop-Client-63.0.5699.0", + "owner": { + "login": "JacksonKuo", + "id": 5520730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5520730?v=4", + "html_url": "https:\/\/github.com\/JacksonKuo" + }, + "html_url": "https:\/\/github.com\/JacksonKuo\/Ubisoft-Uplay-Desktop-Client-63.0.5699.0", + "description": "CVE-2018-15832", + "fork": false, + "created_at": "2018-09-12T04:59:11Z", + "updated_at": "2018-09-12T05:05:37Z", + "pushed_at": "2018-09-12T05:00:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15912.json b/2018/CVE-2018-15912.json new file mode 100644 index 0000000000..4f4569786e --- /dev/null +++ b/2018/CVE-2018-15912.json @@ -0,0 +1,25 @@ +[ + { + "id": 146484081, + "name": "CVE-2018-15912-PoC", + "full_name": "coderobe\/CVE-2018-15912-PoC", + "owner": { + "login": "coderobe", + "id": 8442384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8442384?v=4", + "html_url": "https:\/\/github.com\/coderobe" + }, + "html_url": "https:\/\/github.com\/coderobe\/CVE-2018-15912-PoC", + "description": null, + "fork": false, + "created_at": "2018-08-28T17:40:52Z", + "updated_at": "2018-08-30T10:59:24Z", + "pushed_at": "2018-08-28T17:54:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15961.json b/2018/CVE-2018-15961.json index d2de9f53ce..4995a10f7c 100644 --- a/2018/CVE-2018-15961.json +++ b/2018/CVE-2018-15961.json @@ -1,4 +1,27 @@ [ + { + "id": 160696698, + "name": "CVE-2018-15961", + "full_name": "vah13\/CVE-2018-15961", + "owner": { + "login": "vah13", + "id": 7976421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7976421?v=4", + "html_url": "https:\/\/github.com\/vah13" + }, + "html_url": "https:\/\/github.com\/vah13\/CVE-2018-15961", + "description": "Unrestricted file upload in Adobe ColdFusion", + "fork": false, + "created_at": "2018-12-06T15:47:57Z", + "updated_at": "2019-10-21T04:12:24Z", + "pushed_at": "2018-12-11T16:06:39Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 5, + "forks": 5, + "watchers": 8, + "score": 0 + }, { "id": 166859165, "name": "cve-2018-15961", diff --git a/2018/CVE-2018-15982.json b/2018/CVE-2018-15982.json index 0761ff6a88..442ddc57c7 100644 --- a/2018/CVE-2018-15982.json +++ b/2018/CVE-2018-15982.json @@ -1,4 +1,27 @@ [ + { + "id": 160592463, + "name": "CVE-2018-15982", + "full_name": "FlatL1neAPT\/CVE-2018-15982", + "owner": { + "login": "FlatL1neAPT", + "id": 33692082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33692082?v=4", + "html_url": "https:\/\/github.com\/FlatL1neAPT" + }, + "html_url": "https:\/\/github.com\/FlatL1neAPT\/CVE-2018-15982", + "description": "Flash sources for CVE-2018-15982 used by NK", + "fork": false, + "created_at": "2018-12-05T23:41:37Z", + "updated_at": "2020-03-30T04:44:32Z", + "pushed_at": "2018-12-05T21:42:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 15, + "forks": 15, + "watchers": 1, + "score": 0 + }, { "id": 160650543, "name": "CVE-2018-15982_PoC", @@ -68,6 +91,29 @@ "watchers": 10, "score": 0 }, + { + "id": 161422909, + "name": "CVE-2018-15982_EXP_IE", + "full_name": "jas502n\/CVE-2018-15982_EXP_IE", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-15982_EXP_IE", + "description": "CVE-2018-15982_EXP_IE", + "fork": false, + "created_at": "2018-12-12T02:41:31Z", + "updated_at": "2020-04-06T10:50:19Z", + "pushed_at": "2018-12-12T02:54:01Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 7, + "forks": 7, + "watchers": 12, + "score": 0 + }, { "id": 161431093, "name": "CVE-2018-15982", diff --git a/2018/CVE-2018-16156.json b/2018/CVE-2018-16156.json new file mode 100644 index 0000000000..9897fb732e --- /dev/null +++ b/2018/CVE-2018-16156.json @@ -0,0 +1,25 @@ +[ + { + "id": 161401564, + "name": "CVE-2018-16156-Exploit", + "full_name": "securifera\/CVE-2018-16156-Exploit", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2018-16156-Exploit", + "description": null, + "fork": false, + "created_at": "2018-12-11T22:25:22Z", + "updated_at": "2020-03-30T03:50:41Z", + "pushed_at": "2018-12-11T22:29:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16370.json b/2018/CVE-2018-16370.json new file mode 100644 index 0000000000..eb73d14940 --- /dev/null +++ b/2018/CVE-2018-16370.json @@ -0,0 +1,25 @@ +[ + { + "id": 147602690, + "name": "CVE-2018-16370", + "full_name": "snappyJack\/CVE-2018-16370", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack" + }, + "html_url": "https:\/\/github.com\/snappyJack\/CVE-2018-16370", + "description": "In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through \/Public\/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.", + "fork": false, + "created_at": "2018-09-06T01:52:47Z", + "updated_at": "2018-09-06T02:02:55Z", + "pushed_at": "2018-09-06T02:02:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16373.json b/2018/CVE-2018-16373.json new file mode 100644 index 0000000000..711ccf0be4 --- /dev/null +++ b/2018/CVE-2018-16373.json @@ -0,0 +1,25 @@ +[ + { + "id": 147603389, + "name": "CVE-2018-16373", + "full_name": "snappyJack\/CVE-2018-16373", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack" + }, + "html_url": "https:\/\/github.com\/snappyJack\/CVE-2018-16373", + "description": "Frog CMS 0.9.5 has an Upload > vulnerability that can create files via > \/admin\/?\/plugin\/file_manager\/save", + "fork": false, + "created_at": "2018-09-06T02:00:24Z", + "updated_at": "2018-09-06T02:01:33Z", + "pushed_at": "2018-09-06T02:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16509.json b/2018/CVE-2018-16509.json index f9c73cda60..faa4524a15 100644 --- a/2018/CVE-2018-16509.json +++ b/2018/CVE-2018-16509.json @@ -1,4 +1,27 @@ [ + { + "id": 153072697, + "name": "PIL-RCE-Ghostscript-CVE-2018-16509", + "full_name": "farisv\/PIL-RCE-Ghostscript-CVE-2018-16509", + "owner": { + "login": "farisv", + "id": 44131180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44131180?v=4", + "html_url": "https:\/\/github.com\/farisv" + }, + "html_url": "https:\/\/github.com\/farisv\/PIL-RCE-Ghostscript-CVE-2018-16509", + "description": "PoC + Docker Environment for Python PIL\/Pillow Remote Shell Command Execution via Ghostscript CVE-2018-16509", + "fork": false, + "created_at": "2018-10-15T07:44:43Z", + "updated_at": "2020-11-07T05:36:37Z", + "pushed_at": "2021-01-06T01:11:32Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 4, + "forks": 4, + "watchers": 19, + "score": 0 + }, { "id": 157982249, "name": "CVE-2018-16509", diff --git a/2018/CVE-2018-16711.json b/2018/CVE-2018-16711.json new file mode 100644 index 0000000000..95372586ca --- /dev/null +++ b/2018/CVE-2018-16711.json @@ -0,0 +1,25 @@ +[ + { + "id": 149358711, + "name": "CVE-2018-16711", + "full_name": "DownWithUp\/CVE-2018-16711", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-16711", + "description": "PoC code for CVE-2018-16711 (exploit by wrmsr)", + "fork": false, + "created_at": "2018-09-18T22:18:32Z", + "updated_at": "2020-03-19T00:33:49Z", + "pushed_at": "2018-09-25T12:15:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16712.json b/2018/CVE-2018-16712.json new file mode 100644 index 0000000000..aa0485f8a0 --- /dev/null +++ b/2018/CVE-2018-16712.json @@ -0,0 +1,25 @@ +[ + { + "id": 150000695, + "name": "CVE-2018-16712", + "full_name": "DownWithUp\/CVE-2018-16712", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-16712", + "description": "PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)", + "fork": false, + "created_at": "2018-09-23T16:03:06Z", + "updated_at": "2020-04-22T12:48:46Z", + "pushed_at": "2018-12-01T23:02:46Z", + "stargazers_count": 23, + "watchers_count": 23, + "forks_count": 5, + "forks": 5, + "watchers": 23, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16713.json b/2018/CVE-2018-16713.json new file mode 100644 index 0000000000..3b9562214a --- /dev/null +++ b/2018/CVE-2018-16713.json @@ -0,0 +1,25 @@ +[ + { + "id": 148797728, + "name": "CVE-2018-16713", + "full_name": "DownWithUp\/CVE-2018-16713", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-16713", + "description": "PoC code for CVE-2018-16713 (exploit by rdmsr)", + "fork": false, + "created_at": "2018-09-14T14:10:22Z", + "updated_at": "2020-03-19T00:33:43Z", + "pushed_at": "2018-09-25T12:15:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16987.json b/2018/CVE-2018-16987.json new file mode 100644 index 0000000000..3022ca9e77 --- /dev/null +++ b/2018/CVE-2018-16987.json @@ -0,0 +1,25 @@ +[ + { + "id": 148659258, + "name": "CVE-2018-16987", + "full_name": "gquere\/CVE-2018-16987", + "owner": { + "login": "gquere", + "id": 1585000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1585000?v=4", + "html_url": "https:\/\/github.com\/gquere" + }, + "html_url": "https:\/\/github.com\/gquere\/CVE-2018-16987", + "description": "Details about CVE-2018-16987 - Cleartext storage of TA servers' passwords in Squash TM", + "fork": false, + "created_at": "2018-09-13T15:32:48Z", + "updated_at": "2018-09-14T06:17:55Z", + "pushed_at": "2018-09-13T16:47:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17144.json b/2018/CVE-2018-17144.json new file mode 100644 index 0000000000..36ce860464 --- /dev/null +++ b/2018/CVE-2018-17144.json @@ -0,0 +1,48 @@ +[ + { + "id": 152480350, + "name": "ban-exploitable-bitcoin-nodes", + "full_name": "iioch\/ban-exploitable-bitcoin-nodes", + "owner": { + "login": "iioch", + "id": 18705326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18705326?v=4", + "html_url": "https:\/\/github.com\/iioch" + }, + "html_url": "https:\/\/github.com\/iioch\/ban-exploitable-bitcoin-nodes", + "description": "Ban all denial-of-service vulnerability exploitable nodes from your node CVE-2018-17144 ", + "fork": false, + "created_at": "2018-10-10T19:44:09Z", + "updated_at": "2018-10-16T13:56:34Z", + "pushed_at": "2018-10-10T20:08:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 155528435, + "name": "CVE-2018-17144_POC", + "full_name": "hikame\/CVE-2018-17144_POC", + "owner": { + "login": "hikame", + "id": 6397196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6397196?v=4", + "html_url": "https:\/\/github.com\/hikame" + }, + "html_url": "https:\/\/github.com\/hikame\/CVE-2018-17144_POC", + "description": "Put the *.py files to test\/functional folder of bitcoin sourcecode (commit: 4901c00792c1dabae4bb01e6373c9b1ed9ef3008)", + "fork": false, + "created_at": "2018-10-31T09:07:35Z", + "updated_at": "2020-12-05T14:05:15Z", + "pushed_at": "2018-11-12T10:11:00Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 6, + "forks": 6, + "watchers": 10, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17182.json b/2018/CVE-2018-17182.json new file mode 100644 index 0000000000..9e1b5d7564 --- /dev/null +++ b/2018/CVE-2018-17182.json @@ -0,0 +1,71 @@ +[ + { + "id": 150880187, + "name": "CVE-2018-17182", + "full_name": "jas502n\/CVE-2018-17182", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-17182", + "description": "Linux 内核VMA-UAF 提权漏洞(CVE-2018-17182),0day", + "fork": false, + "created_at": "2018-09-29T15:58:55Z", + "updated_at": "2021-01-28T07:53:27Z", + "pushed_at": "2018-10-02T09:03:37Z", + "stargazers_count": 120, + "watchers_count": 120, + "forks_count": 48, + "forks": 48, + "watchers": 120, + "score": 0 + }, + { + "id": 151031561, + "name": "CVE-2018-17182", + "full_name": "likescam\/CVE-2018-17182", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-17182", + "description": null, + "fork": false, + "created_at": "2018-10-01T03:20:05Z", + "updated_at": "2018-10-01T03:20:17Z", + "pushed_at": "2018-10-01T03:20:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 151032211, + "name": "vmacache_CVE-2018-17182", + "full_name": "likescam\/vmacache_CVE-2018-17182", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/vmacache_CVE-2018-17182", + "description": null, + "fork": false, + "created_at": "2018-10-01T03:29:04Z", + "updated_at": "2018-10-01T16:07:20Z", + "pushed_at": "2018-10-01T03:34:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17418.json b/2018/CVE-2018-17418.json new file mode 100644 index 0000000000..2a99e71cf9 --- /dev/null +++ b/2018/CVE-2018-17418.json @@ -0,0 +1,25 @@ +[ + { + "id": 149421281, + "name": "monstra_cms-3.0.4--getshell", + "full_name": "AlwaysHereFight\/monstra_cms-3.0.4--getshell", + "owner": { + "login": "AlwaysHereFight", + "id": 21152658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21152658?v=4", + "html_url": "https:\/\/github.com\/AlwaysHereFight" + }, + "html_url": "https:\/\/github.com\/AlwaysHereFight\/monstra_cms-3.0.4--getshell", + "description": "monstra_cms-3.0.4-上传getshell CVE-2018-17418", + "fork": false, + "created_at": "2018-09-19T08:54:45Z", + "updated_at": "2018-10-09T06:40:44Z", + "pushed_at": "2018-09-24T15:58:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17456.json b/2018/CVE-2018-17456.json index acd7963853..bf29a931f7 100644 --- a/2018/CVE-2018-17456.json +++ b/2018/CVE-2018-17456.json @@ -1,4 +1,50 @@ [ + { + "id": 154035813, + "name": "CVE-2018-17456", + "full_name": "shpik-kr\/CVE-2018-17456", + "owner": { + "login": "shpik-kr", + "id": 12602773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12602773?v=4", + "html_url": "https:\/\/github.com\/shpik-kr" + }, + "html_url": "https:\/\/github.com\/shpik-kr\/CVE-2018-17456", + "description": "1-day", + "fork": false, + "created_at": "2018-10-21T17:46:10Z", + "updated_at": "2018-10-23T11:22:27Z", + "pushed_at": "2018-10-23T11:22:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 156715728, + "name": "CVE-2018-17456", + "full_name": "matlink\/CVE-2018-17456", + "owner": { + "login": "matlink", + "id": 4450078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4450078?v=4", + "html_url": "https:\/\/github.com\/matlink" + }, + "html_url": "https:\/\/github.com\/matlink\/CVE-2018-17456", + "description": null, + "fork": false, + "created_at": "2018-11-08T14:03:52Z", + "updated_at": "2018-11-08T14:21:16Z", + "pushed_at": "2018-11-08T14:21:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 190417594, "name": "CVE-2018-17456", diff --git a/2018/CVE-2018-17961.json b/2018/CVE-2018-17961.json new file mode 100644 index 0000000000..9b7fe676e3 --- /dev/null +++ b/2018/CVE-2018-17961.json @@ -0,0 +1,25 @@ +[ + { + "id": 155720048, + "name": "CVE-2018-17961", + "full_name": "matlink\/CVE-2018-17961", + "owner": { + "login": "matlink", + "id": 4450078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4450078?v=4", + "html_url": "https:\/\/github.com\/matlink" + }, + "html_url": "https:\/\/github.com\/matlink\/CVE-2018-17961", + "description": null, + "fork": false, + "created_at": "2018-11-01T13:33:12Z", + "updated_at": "2019-09-02T09:36:54Z", + "pushed_at": "2018-11-01T13:33:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18026.json b/2018/CVE-2018-18026.json new file mode 100644 index 0000000000..927c017096 --- /dev/null +++ b/2018/CVE-2018-18026.json @@ -0,0 +1,25 @@ +[ + { + "id": 153657332, + "name": "CVE-2018-18026", + "full_name": "DownWithUp\/CVE-2018-18026", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-18026", + "description": "PoC Code for CVE-2018-18026 (exploit by stack overflow)", + "fork": false, + "created_at": "2018-10-18T16:51:26Z", + "updated_at": "2020-03-19T00:33:33Z", + "pushed_at": "2018-11-07T04:00:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18387.json b/2018/CVE-2018-18387.json new file mode 100644 index 0000000000..e7133377b8 --- /dev/null +++ b/2018/CVE-2018-18387.json @@ -0,0 +1,25 @@ +[ + { + "id": 153663293, + "name": "CVE-2018-18387", + "full_name": "TheeBlind\/CVE-2018-18387", + "owner": { + "login": "TheeBlind", + "id": 26583110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26583110?v=4", + "html_url": "https:\/\/github.com\/TheeBlind" + }, + "html_url": "https:\/\/github.com\/TheeBlind\/CVE-2018-18387", + "description": "playSMS < = 1.4.2 - Privilege escalation", + "fork": false, + "created_at": "2018-10-18T17:40:42Z", + "updated_at": "2019-03-08T13:11:49Z", + "pushed_at": "2018-10-26T16:00:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18714.json b/2018/CVE-2018-18714.json new file mode 100644 index 0000000000..412f9bb812 --- /dev/null +++ b/2018/CVE-2018-18714.json @@ -0,0 +1,25 @@ +[ + { + "id": 155772208, + "name": "CVE-2018-18714", + "full_name": "DownWithUp\/CVE-2018-18714", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-18714", + "description": "PoC Code for CVE-2018-18714 (exploit by stack overflow)", + "fork": false, + "created_at": "2018-11-01T20:31:50Z", + "updated_at": "2020-03-19T00:33:27Z", + "pushed_at": "2018-11-09T21:08:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19126.json b/2018/CVE-2018-19126.json new file mode 100644 index 0000000000..d0a3dc7045 --- /dev/null +++ b/2018/CVE-2018-19126.json @@ -0,0 +1,25 @@ +[ + { + "id": 159935158, + "name": "PrestaShop-CVE-2018-19126", + "full_name": "farisv\/PrestaShop-CVE-2018-19126", + "owner": { + "login": "farisv", + "id": 44131180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44131180?v=4", + "html_url": "https:\/\/github.com\/farisv" + }, + "html_url": "https:\/\/github.com\/farisv\/PrestaShop-CVE-2018-19126", + "description": "PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)", + "fork": false, + "created_at": "2018-12-01T10:53:45Z", + "updated_at": "2020-11-28T10:03:37Z", + "pushed_at": "2018-12-12T22:11:45Z", + "stargazers_count": 38, + "watchers_count": 38, + "forks_count": 8, + "forks": 8, + "watchers": 38, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19127.json b/2018/CVE-2018-19127.json new file mode 100644 index 0000000000..5b897e73ff --- /dev/null +++ b/2018/CVE-2018-19127.json @@ -0,0 +1,25 @@ +[ + { + "id": 156842411, + "name": "phpcms-2008-CVE-2018-19127", + "full_name": "ab1gale\/phpcms-2008-CVE-2018-19127", + "owner": { + "login": "ab1gale", + "id": 5143253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5143253?v=4", + "html_url": "https:\/\/github.com\/ab1gale" + }, + "html_url": "https:\/\/github.com\/ab1gale\/phpcms-2008-CVE-2018-19127", + "description": null, + "fork": false, + "created_at": "2018-11-09T09:51:26Z", + "updated_at": "2020-06-27T16:23:09Z", + "pushed_at": "2018-11-09T09:55:35Z", + "stargazers_count": 43, + "watchers_count": 43, + "forks_count": 7, + "forks": 7, + "watchers": 43, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19131.json b/2018/CVE-2018-19131.json new file mode 100644 index 0000000000..b0ae423a74 --- /dev/null +++ b/2018/CVE-2018-19131.json @@ -0,0 +1,25 @@ +[ + { + "id": 157386452, + "name": "CVE-2018-19131", + "full_name": "JonathanWilbur\/CVE-2018-19131", + "owner": { + "login": "JonathanWilbur", + "id": 20342114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20342114?v=4", + "html_url": "https:\/\/github.com\/JonathanWilbur" + }, + "html_url": "https:\/\/github.com\/JonathanWilbur\/CVE-2018-19131", + "description": "Proof-of-Concept exploit of CVE-2018-19131: Squid Proxy XSS via X.509 Certificate", + "fork": false, + "created_at": "2018-11-13T13:40:10Z", + "updated_at": "2020-09-12T08:28:34Z", + "pushed_at": "2018-11-14T02:40:24Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 2, + "forks": 2, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19207.json b/2018/CVE-2018-19207.json index 85681a1f6d..b202844007 100644 --- a/2018/CVE-2018-19207.json +++ b/2018/CVE-2018-19207.json @@ -1,4 +1,27 @@ [ + { + "id": 159347902, + "name": "WP-GDPR-Compliance-Plugin-Exploit", + "full_name": "aeroot\/WP-GDPR-Compliance-Plugin-Exploit", + "owner": { + "login": "aeroot", + "id": 281911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/281911?v=4", + "html_url": "https:\/\/github.com\/aeroot" + }, + "html_url": "https:\/\/github.com\/aeroot\/WP-GDPR-Compliance-Plugin-Exploit", + "description": "Exploit of the privilege escalation vulnerability of the WordPress plugin \"WP GDPR Compliance\" by \"Van Ons\" (https:\/\/de.wordpress.org\/plugins\/wp-gdpr-compliance\/) CVE-2018-19207", + "fork": false, + "created_at": "2018-11-27T14:27:06Z", + "updated_at": "2019-05-02T21:05:50Z", + "pushed_at": "2018-11-27T14:51:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 175869819, "name": "cve-2018-19207", diff --git a/2018/CVE-2018-19537.json b/2018/CVE-2018-19537.json new file mode 100644 index 0000000000..d784af0589 --- /dev/null +++ b/2018/CVE-2018-19537.json @@ -0,0 +1,25 @@ +[ + { + "id": 159082952, + "name": "TP-Link-ArcherC5-RCE", + "full_name": "JackDoan\/TP-Link-ArcherC5-RCE", + "owner": { + "login": "JackDoan", + "id": 1024837, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1024837?v=4", + "html_url": "https:\/\/github.com\/JackDoan" + }, + "html_url": "https:\/\/github.com\/JackDoan\/TP-Link-ArcherC5-RCE", + "description": "CVE-2018-19537", + "fork": false, + "created_at": "2018-11-25T23:03:19Z", + "updated_at": "2021-01-26T15:41:10Z", + "pushed_at": "2018-11-26T22:39:08Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 5, + "forks": 5, + "watchers": 14, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19788.json b/2018/CVE-2018-19788.json index 2f09be8cfb..bda6966f4b 100644 --- a/2018/CVE-2018-19788.json +++ b/2018/CVE-2018-19788.json @@ -1,4 +1,50 @@ [ + { + "id": 160750436, + "name": "CVE-2018-19788", + "full_name": "AbsoZed\/CVE-2018-19788", + "owner": { + "login": "AbsoZed", + "id": 17788335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17788335?v=4", + "html_url": "https:\/\/github.com\/AbsoZed" + }, + "html_url": "https:\/\/github.com\/AbsoZed\/CVE-2018-19788", + "description": "Silly easy exploit for CVE-2018-19788", + "fork": false, + "created_at": "2018-12-07T00:42:35Z", + "updated_at": "2019-06-09T08:58:32Z", + "pushed_at": "2018-12-07T00:56:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + }, + { + "id": 160872186, + "name": "CVE-2018-19788", + "full_name": "d4gh0s7\/CVE-2018-19788", + "owner": { + "login": "d4gh0s7", + "id": 29960687, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29960687?v=4", + "html_url": "https:\/\/github.com\/d4gh0s7" + }, + "html_url": "https:\/\/github.com\/d4gh0s7\/CVE-2018-19788", + "description": "Ansible role to check the vulnerability tracked as CVE-2018-19788, impacts PolicyKit version 0.115 which comes pre-installed on a wide range of Linux distributions", + "fork": false, + "created_at": "2018-12-07T20:27:01Z", + "updated_at": "2019-12-17T20:34:48Z", + "pushed_at": "2018-12-10T15:57:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, { "id": 162179568, "name": "PoC", diff --git a/2018/CVE-2018-19911.json b/2018/CVE-2018-19911.json new file mode 100644 index 0000000000..1cc418730d --- /dev/null +++ b/2018/CVE-2018-19911.json @@ -0,0 +1,25 @@ +[ + { + "id": 160625335, + "name": "freeswitch_rce", + "full_name": "iSafeBlue\/freeswitch_rce", + "owner": { + "login": "iSafeBlue", + "id": 25784279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25784279?v=4", + "html_url": "https:\/\/github.com\/iSafeBlue" + }, + "html_url": "https:\/\/github.com\/iSafeBlue\/freeswitch_rce", + "description": "freeswitch all version remote command execute (cve-2018-19911)", + "fork": false, + "created_at": "2018-12-06T05:48:02Z", + "updated_at": "2019-06-30T16:07:31Z", + "pushed_at": "2018-12-06T08:47:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2380.json b/2018/CVE-2018-2380.json new file mode 100644 index 0000000000..c82ffd5285 --- /dev/null +++ b/2018/CVE-2018-2380.json @@ -0,0 +1,25 @@ +[ + { + "id": 125186745, + "name": "CVE-2018-2380", + "full_name": "erpscanteam\/CVE-2018-2380", + "owner": { + "login": "erpscanteam", + "id": 35491827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35491827?v=4", + "html_url": "https:\/\/github.com\/erpscanteam" + }, + "html_url": "https:\/\/github.com\/erpscanteam\/CVE-2018-2380", + "description": "PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM", + "fork": false, + "created_at": "2018-03-14T09:20:21Z", + "updated_at": "2020-08-09T21:12:29Z", + "pushed_at": "2018-03-14T12:13:43Z", + "stargazers_count": 46, + "watchers_count": 46, + "forks_count": 15, + "forks": 15, + "watchers": 46, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index dd9c0d9e45..cef475c6b7 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -1,4 +1,303 @@ [ + { + "id": 129995161, + "name": "CVE-2018-2628", + "full_name": "forlin\/CVE-2018-2628", + "owner": { + "login": "forlin", + "id": 3012554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3012554?v=4", + "html_url": "https:\/\/github.com\/forlin" + }, + "html_url": "https:\/\/github.com\/forlin\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-18T02:56:39Z", + "updated_at": "2020-05-16T15:11:58Z", + "pushed_at": "2018-04-18T02:48:58Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 42, + "forks": 42, + "watchers": 17, + "score": 0 + }, + { + "id": 130009588, + "name": "CVE-2018-2628", + "full_name": "shengqi158\/CVE-2018-2628", + "owner": { + "login": "shengqi158", + "id": 3364935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3364935?v=4", + "html_url": "https:\/\/github.com\/shengqi158" + }, + "html_url": "https:\/\/github.com\/shengqi158\/CVE-2018-2628", + "description": "CVE-2018-2628 & CVE-2018-2893", + "fork": false, + "created_at": "2018-04-18T05:41:23Z", + "updated_at": "2021-02-07T08:40:03Z", + "pushed_at": "2018-07-20T01:24:36Z", + "stargazers_count": 76, + "watchers_count": 76, + "forks_count": 49, + "forks": 49, + "watchers": 76, + "score": 0 + }, + { + "id": 130047996, + "name": "CVE-2018-2628", + "full_name": "skydarker\/CVE-2018-2628", + "owner": { + "login": "skydarker", + "id": 25345671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25345671?v=4", + "html_url": "https:\/\/github.com\/skydarker" + }, + "html_url": "https:\/\/github.com\/skydarker\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-18T10:50:09Z", + "updated_at": "2018-04-18T11:23:19Z", + "pushed_at": "2018-04-18T11:23:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 130088305, + "name": "weblogic-cve-2018-2628", + "full_name": "jiansiting\/weblogic-cve-2018-2628", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/weblogic-cve-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-18T16:04:17Z", + "updated_at": "2019-11-01T06:57:08Z", + "pushed_at": "2018-04-18T16:04:26Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 10, + "forks": 10, + "watchers": 13, + "score": 0 + }, + { + "id": 130098527, + "name": "CVE-2018-2628-detect", + "full_name": "zjxzjx\/CVE-2018-2628-detect", + "owner": { + "login": "zjxzjx", + "id": 8297291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8297291?v=4", + "html_url": "https:\/\/github.com\/zjxzjx" + }, + "html_url": "https:\/\/github.com\/zjxzjx\/CVE-2018-2628-detect", + "description": null, + "fork": false, + "created_at": "2018-04-18T17:28:44Z", + "updated_at": "2018-11-14T06:35:35Z", + "pushed_at": "2018-04-20T03:47:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 45, + "forks": 45, + "watchers": 0, + "score": 0 + }, + { + "id": 130101048, + "name": "CVE-2018-2628-MultiThreading", + "full_name": "aedoo\/CVE-2018-2628-MultiThreading", + "owner": { + "login": "aedoo", + "id": 19517413, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19517413?v=4", + "html_url": "https:\/\/github.com\/aedoo" + }, + "html_url": "https:\/\/github.com\/aedoo\/CVE-2018-2628-MultiThreading", + "description": "WebLogic WLS核心组件反序列化漏洞多线程批量检测脚本 CVE-2018-2628-MultiThreading", + "fork": false, + "created_at": "2018-04-18T17:50:29Z", + "updated_at": "2020-05-08T14:01:45Z", + "pushed_at": "2018-04-19T06:56:29Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 18, + "forks": 18, + "watchers": 15, + "score": 0 + }, + { + "id": 130153239, + "name": "CVE-2018-2628", + "full_name": "hawk-520\/CVE-2018-2628", + "owner": { + "login": "hawk-520", + "id": 37926610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37926610?v=4", + "html_url": "https:\/\/github.com\/hawk-520" + }, + "html_url": "https:\/\/github.com\/hawk-520\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-19T03:19:15Z", + "updated_at": "2020-10-20T18:58:02Z", + "pushed_at": "2018-04-18T18:28:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 9, + "forks": 9, + "watchers": 2, + "score": 0 + }, + { + "id": 130239892, + "name": "CVE-2018-2628", + "full_name": "9uest\/CVE-2018-2628", + "owner": { + "login": "9uest", + "id": 11766504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11766504?v=4", + "html_url": "https:\/\/github.com\/9uest" + }, + "html_url": "https:\/\/github.com\/9uest\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-19T15:56:49Z", + "updated_at": "2018-06-22T05:38:30Z", + "pushed_at": "2018-04-19T16:05:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 130291417, + "name": "CVE-2018-2628all", + "full_name": "Shadowshusky\/CVE-2018-2628all", + "owner": { + "login": "Shadowshusky", + "id": 31649758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31649758?v=4", + "html_url": "https:\/\/github.com\/Shadowshusky" + }, + "html_url": "https:\/\/github.com\/Shadowshusky\/CVE-2018-2628all", + "description": null, + "fork": false, + "created_at": "2018-04-20T01:24:17Z", + "updated_at": "2019-06-12T09:17:11Z", + "pushed_at": "2018-04-20T01:24:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 130296227, + "name": "CVE-2018-2628", + "full_name": "shaoshore\/CVE-2018-2628", + "owner": { + "login": "shaoshore", + "id": 36906351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36906351?v=4", + "html_url": "https:\/\/github.com\/shaoshore" + }, + "html_url": "https:\/\/github.com\/shaoshore\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-20T02:14:21Z", + "updated_at": "2018-04-20T02:14:21Z", + "pushed_at": "2018-04-20T02:14:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 131935440, + "name": "ysoserial-cve-2018-2628", + "full_name": "tdy218\/ysoserial-cve-2018-2628", + "owner": { + "login": "tdy218", + "id": 4214030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4214030?v=4", + "html_url": "https:\/\/github.com\/tdy218" + }, + "html_url": "https:\/\/github.com\/tdy218\/ysoserial-cve-2018-2628", + "description": "Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch", + "fork": false, + "created_at": "2018-05-03T03:13:05Z", + "updated_at": "2021-02-07T08:35:45Z", + "pushed_at": "2018-05-21T09:06:43Z", + "stargazers_count": 102, + "watchers_count": 102, + "forks_count": 52, + "forks": 52, + "watchers": 102, + "score": 0 + }, + { + "id": 134244931, + "name": "CVE-2018-2628", + "full_name": "s0wr0b1ndef\/CVE-2018-2628", + "owner": { + "login": "s0wr0b1ndef", + "id": 37288034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37288034?v=4", + "html_url": "https:\/\/github.com\/s0wr0b1ndef" + }, + "html_url": "https:\/\/github.com\/s0wr0b1ndef\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-05-21T09:04:45Z", + "updated_at": "2018-06-13T08:54:52Z", + "pushed_at": "2018-05-21T09:04:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 136104138, + "name": "cve-2018-2628", + "full_name": "wrysunny\/cve-2018-2628", + "owner": { + "login": "wrysunny", + "id": 20748454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20748454?v=4", + "html_url": "https:\/\/github.com\/wrysunny" + }, + "html_url": "https:\/\/github.com\/wrysunny\/cve-2018-2628", + "description": "cve-2018-2628 反弹shell", + "fork": false, + "created_at": "2018-06-05T01:47:02Z", + "updated_at": "2018-06-05T01:48:07Z", + "pushed_at": "2018-06-05T01:48:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 136164259, "name": "CVE-2018-2628", @@ -22,6 +321,98 @@ "watchers": 79, "score": 0 }, + { + "id": 138707761, + "name": "CVE-2018-2628", + "full_name": "stevenlinfeng\/CVE-2018-2628", + "owner": { + "login": "stevenlinfeng", + "id": 29966693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29966693?v=4", + "html_url": "https:\/\/github.com\/stevenlinfeng" + }, + "html_url": "https:\/\/github.com\/stevenlinfeng\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-06-26T08:25:57Z", + "updated_at": "2018-06-26T08:25:57Z", + "pushed_at": "2018-06-26T08:25:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 139417715, + "name": "CVE-2018-2628", + "full_name": "likescam\/CVE-2018-2628", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-07-02T09:00:34Z", + "updated_at": "2019-05-26T06:58:12Z", + "pushed_at": "2018-07-02T09:00:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 147341225, + "name": "WebLogic-RCE-exploit", + "full_name": "Nervous\/WebLogic-RCE-exploit", + "owner": { + "login": "Nervous", + "id": 172442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172442?v=4", + "html_url": "https:\/\/github.com\/Nervous" + }, + "html_url": "https:\/\/github.com\/Nervous\/WebLogic-RCE-exploit", + "description": "A remote code execution exploit for WebLogic based on CVE-2018-2628", + "fork": false, + "created_at": "2018-09-04T12:17:21Z", + "updated_at": "2019-10-11T08:19:19Z", + "pushed_at": "2018-09-04T12:21:21Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + }, + { + "id": 155318699, + "name": "CVE-2018-2628", + "full_name": "Lighird\/CVE-2018-2628", + "owner": { + "login": "Lighird", + "id": 28284964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28284964?v=4", + "html_url": "https:\/\/github.com\/Lighird" + }, + "html_url": "https:\/\/github.com\/Lighird\/CVE-2018-2628", + "description": "CVE-2018-2628漏洞工具包", + "fork": false, + "created_at": "2018-10-30T03:26:16Z", + "updated_at": "2020-07-13T02:21:36Z", + "pushed_at": "2018-10-30T03:35:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 6, + "forks": 6, + "watchers": 4, + "score": 0 + }, { "id": 164424976, "name": "CVE-2018-2628", diff --git a/2018/CVE-2018-2636.json b/2018/CVE-2018-2636.json new file mode 100644 index 0000000000..e835ecb855 --- /dev/null +++ b/2018/CVE-2018-2636.json @@ -0,0 +1,48 @@ +[ + { + "id": 119399468, + "name": "CVE-2018-2636", + "full_name": "erpscanteam\/CVE-2018-2636", + "owner": { + "login": "erpscanteam", + "id": 35491827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35491827?v=4", + "html_url": "https:\/\/github.com\/erpscanteam" + }, + "html_url": "https:\/\/github.com\/erpscanteam\/CVE-2018-2636", + "description": "ERPScan Public POC for CVE-2018-2636", + "fork": false, + "created_at": "2018-01-29T15:16:02Z", + "updated_at": "2020-07-17T11:18:33Z", + "pushed_at": "2018-02-01T15:36:19Z", + "stargazers_count": 23, + "watchers_count": 23, + "forks_count": 20, + "forks": 20, + "watchers": 23, + "score": 0 + }, + { + "id": 120569870, + "name": "micros_honeypot", + "full_name": "Cymmetria\/micros_honeypot", + "owner": { + "login": "Cymmetria", + "id": 19413345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19413345?v=4", + "html_url": "https:\/\/github.com\/Cymmetria" + }, + "html_url": "https:\/\/github.com\/Cymmetria\/micros_honeypot", + "description": "MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.", + "fork": false, + "created_at": "2018-02-07T05:54:46Z", + "updated_at": "2019-08-29T20:49:08Z", + "pushed_at": "2018-09-25T22:00:12Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 4, + "forks": 4, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2844.json b/2018/CVE-2018-2844.json new file mode 100644 index 0000000000..a6cf343959 --- /dev/null +++ b/2018/CVE-2018-2844.json @@ -0,0 +1,25 @@ +[ + { + "id": 146413224, + "name": "virtualbox-cve-2018-2844", + "full_name": "renorobert\/virtualbox-cve-2018-2844", + "owner": { + "login": "renorobert", + "id": 4233909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4233909?v=4", + "html_url": "https:\/\/github.com\/renorobert" + }, + "html_url": "https:\/\/github.com\/renorobert\/virtualbox-cve-2018-2844", + "description": null, + "fork": false, + "created_at": "2018-08-28T08:04:19Z", + "updated_at": "2021-02-08T17:01:33Z", + "pushed_at": "2018-08-28T08:06:21Z", + "stargazers_count": 93, + "watchers_count": 93, + "forks_count": 32, + "forks": 32, + "watchers": 93, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2879.json b/2018/CVE-2018-2879.json index 4a6635e7e5..42a0e0c1d8 100644 --- a/2018/CVE-2018-2879.json +++ b/2018/CVE-2018-2879.json @@ -1,4 +1,27 @@ [ + { + "id": 142485401, + "name": "Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "full_name": "MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "owner": { + "login": "MostafaSoliman", + "id": 13528184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13528184?v=4", + "html_url": "https:\/\/github.com\/MostafaSoliman" + }, + "html_url": "https:\/\/github.com\/MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "description": null, + "fork": false, + "created_at": "2018-07-26T19:31:45Z", + "updated_at": "2020-07-10T13:31:49Z", + "pushed_at": "2018-07-27T12:09:40Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 6, + "forks": 6, + "watchers": 9, + "score": 0 + }, { "id": 142787515, "name": "oracle-oam-authentication-bypas-exploit", diff --git a/2018/CVE-2018-2893.json b/2018/CVE-2018-2893.json index 7bdf069de5..4c06ae88d5 100644 --- a/2018/CVE-2018-2893.json +++ b/2018/CVE-2018-2893.json @@ -1,4 +1,142 @@ [ + { + "id": 141531715, + "name": "CVE-2018-2893", + "full_name": "sry309\/CVE-2018-2893", + "owner": { + "login": "sry309", + "id": 15671013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15671013?v=4", + "html_url": "https:\/\/github.com\/sry309" + }, + "html_url": "https:\/\/github.com\/sry309\/CVE-2018-2893", + "description": "CVE-2018-2893", + "fork": false, + "created_at": "2018-07-19T06:06:10Z", + "updated_at": "2020-12-10T06:55:01Z", + "pushed_at": "2018-07-19T05:59:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 141534186, + "name": "CVE-2018-2893", + "full_name": "ryanInf\/CVE-2018-2893", + "owner": { + "login": "ryanInf", + "id": 19621374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19621374?v=4", + "html_url": "https:\/\/github.com\/ryanInf" + }, + "html_url": "https:\/\/github.com\/ryanInf\/CVE-2018-2893", + "description": "CVE-2018-2893 PoC", + "fork": false, + "created_at": "2018-07-19T06:28:12Z", + "updated_at": "2020-12-16T09:58:12Z", + "pushed_at": "2018-07-19T06:12:51Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 37, + "forks": 37, + "watchers": 28, + "score": 0 + }, + { + "id": 141678694, + "name": "CVE-2018-2893", + "full_name": "bigsizeme\/CVE-2018-2893", + "owner": { + "login": "bigsizeme", + "id": 17845094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17845094?v=4", + "html_url": "https:\/\/github.com\/bigsizeme" + }, + "html_url": "https:\/\/github.com\/bigsizeme\/CVE-2018-2893", + "description": "反弹shell生成器", + "fork": false, + "created_at": "2018-07-20T07:26:43Z", + "updated_at": "2019-04-22T04:46:36Z", + "pushed_at": "2018-07-23T04:31:27Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 5, + "forks": 5, + "watchers": 17, + "score": 0 + }, + { + "id": 141856470, + "name": "CVE-2018-2893", + "full_name": "pyn3rd\/CVE-2018-2893", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-2893", + "description": "CVE-2018-2893-PoC", + "fork": false, + "created_at": "2018-07-22T01:15:58Z", + "updated_at": "2021-02-07T08:16:47Z", + "pushed_at": "2018-10-27T01:42:20Z", + "stargazers_count": 91, + "watchers_count": 91, + "forks_count": 37, + "forks": 37, + "watchers": 91, + "score": 0 + }, + { + "id": 142403659, + "name": "CVE-2018-2893", + "full_name": "qianl0ng\/CVE-2018-2893", + "owner": { + "login": "qianl0ng", + "id": 26949233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26949233?v=4", + "html_url": "https:\/\/github.com\/qianl0ng" + }, + "html_url": "https:\/\/github.com\/qianl0ng\/CVE-2018-2893", + "description": "可以直接反弹shell", + "fork": false, + "created_at": "2018-07-26T07:16:38Z", + "updated_at": "2020-08-19T01:40:23Z", + "pushed_at": "2018-07-26T07:50:15Z", + "stargazers_count": 44, + "watchers_count": 44, + "forks_count": 14, + "forks": 14, + "watchers": 44, + "score": 0 + }, + { + "id": 151921677, + "name": "CVE-2018-2893", + "full_name": "jas502n\/CVE-2018-2893", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-2893", + "description": "CVE-2018-2893", + "fork": false, + "created_at": "2018-10-07T08:41:14Z", + "updated_at": "2020-12-16T08:25:44Z", + "pushed_at": "2018-10-07T09:53:54Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 9, + "forks": 9, + "watchers": 10, + "score": 0 + }, { "id": 219763712, "name": "CVE-2018-2893", diff --git a/2018/CVE-2018-2894.json b/2018/CVE-2018-2894.json index d59d30a742..f13f7586e3 100644 --- a/2018/CVE-2018-2894.json +++ b/2018/CVE-2018-2894.json @@ -1,4 +1,50 @@ [ + { + "id": 141601079, + "name": "cve-2018-2894", + "full_name": "111ddea\/cve-2018-2894", + "owner": { + "login": "111ddea", + "id": 41444127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41444127?v=4", + "html_url": "https:\/\/github.com\/111ddea" + }, + "html_url": "https:\/\/github.com\/111ddea\/cve-2018-2894", + "description": "cve-2018-2894 不同别人的利用方法。", + "fork": false, + "created_at": "2018-07-19T15:50:35Z", + "updated_at": "2020-11-26T11:40:23Z", + "pushed_at": "2018-07-22T08:34:27Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 7, + "forks": 7, + "watchers": 13, + "score": 0 + }, + { + "id": 141661586, + "name": "CVE-2018-2894", + "full_name": "LandGrey\/CVE-2018-2894", + "owner": { + "login": "LandGrey", + "id": 16769779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16769779?v=4", + "html_url": "https:\/\/github.com\/LandGrey" + }, + "html_url": "https:\/\/github.com\/LandGrey\/CVE-2018-2894", + "description": "CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script", + "fork": false, + "created_at": "2018-07-20T03:59:18Z", + "updated_at": "2021-02-04T08:53:23Z", + "pushed_at": "2018-07-20T12:46:50Z", + "stargazers_count": 130, + "watchers_count": 130, + "forks_count": 49, + "forks": 49, + "watchers": 130, + "score": 0 + }, { "id": 151928392, "name": "CVE-2018-2894", diff --git a/2018/CVE-2018-3191.json b/2018/CVE-2018-3191.json new file mode 100644 index 0000000000..77da0523b9 --- /dev/null +++ b/2018/CVE-2018-3191.json @@ -0,0 +1,117 @@ +[ + { + "id": 154076972, + "name": "CVE-2018-3191", + "full_name": "arongmh\/CVE-2018-3191", + "owner": { + "login": "arongmh", + "id": 30547070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30547070?v=4", + "html_url": "https:\/\/github.com\/arongmh" + }, + "html_url": "https:\/\/github.com\/arongmh\/CVE-2018-3191", + "description": "CVE-2018-3191 payload generator", + "fork": false, + "created_at": "2018-10-22T02:29:12Z", + "updated_at": "2020-04-06T11:03:47Z", + "pushed_at": "2018-10-21T17:28:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 52, + "forks": 52, + "watchers": 1, + "score": 0 + }, + { + "id": 154250933, + "name": "CVE-2018-3191", + "full_name": "pyn3rd\/CVE-2018-3191", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-3191", + "description": "CVE-2018-3191-PoC", + "fork": false, + "created_at": "2018-10-23T02:43:39Z", + "updated_at": "2021-01-03T06:01:52Z", + "pushed_at": "2018-10-26T17:54:54Z", + "stargazers_count": 94, + "watchers_count": 94, + "forks_count": 44, + "forks": 44, + "watchers": 94, + "score": 0 + }, + { + "id": 154368972, + "name": "CVE-2018-3191", + "full_name": "Libraggbond\/CVE-2018-3191", + "owner": { + "login": "Libraggbond", + "id": 37012218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37012218?v=4", + "html_url": "https:\/\/github.com\/Libraggbond" + }, + "html_url": "https:\/\/github.com\/Libraggbond\/CVE-2018-3191", + "description": "CVE-2018-3191 反弹shell", + "fork": false, + "created_at": "2018-10-23T17:24:43Z", + "updated_at": "2020-05-01T11:51:36Z", + "pushed_at": "2018-10-23T17:28:05Z", + "stargazers_count": 54, + "watchers_count": 54, + "forks_count": 31, + "forks": 31, + "watchers": 54, + "score": 0 + }, + { + "id": 154426418, + "name": "CVE-2018-3191", + "full_name": "jas502n\/CVE-2018-3191", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3191", + "description": "Weblogic-CVE-2018-3191远程代码命令执行漏洞", + "fork": false, + "created_at": "2018-10-24T02:26:53Z", + "updated_at": "2020-12-22T15:35:45Z", + "pushed_at": "2018-10-24T17:42:47Z", + "stargazers_count": 62, + "watchers_count": 62, + "forks_count": 24, + "forks": 24, + "watchers": 62, + "score": 0 + }, + { + "id": 154477893, + "name": "CVE-2018-3191-Rce-Exploit", + "full_name": "mackleadmire\/CVE-2018-3191-Rce-Exploit", + "owner": { + "login": "mackleadmire", + "id": 10216868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10216868?v=4", + "html_url": "https:\/\/github.com\/mackleadmire" + }, + "html_url": "https:\/\/github.com\/mackleadmire\/CVE-2018-3191-Rce-Exploit", + "description": null, + "fork": false, + "created_at": "2018-10-24T09:54:00Z", + "updated_at": "2020-11-19T04:08:52Z", + "pushed_at": "2018-10-25T08:12:46Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 3, + "forks": 3, + "watchers": 19, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3245.json b/2018/CVE-2018-3245.json index 42662a8f55..26acda74f0 100644 --- a/2018/CVE-2018-3245.json +++ b/2018/CVE-2018-3245.json @@ -1,4 +1,50 @@ [ + { + "id": 154452586, + "name": "CVE-2018-3245", + "full_name": "pyn3rd\/CVE-2018-3245", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-3245", + "description": "CVE-2018-3245-PoC", + "fork": false, + "created_at": "2018-10-24T06:49:33Z", + "updated_at": "2020-10-26T07:34:53Z", + "pushed_at": "2018-10-27T01:41:18Z", + "stargazers_count": 154, + "watchers_count": 154, + "forks_count": 62, + "forks": 62, + "watchers": 154, + "score": 0 + }, + { + "id": 154593773, + "name": "CVE-2018-3245", + "full_name": "jas502n\/CVE-2018-3245", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3245", + "description": "CVE-2018-3245", + "fork": false, + "created_at": "2018-10-25T01:46:56Z", + "updated_at": "2019-08-23T03:53:49Z", + "pushed_at": "2018-10-25T02:01:39Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 9, + "forks": 9, + "watchers": 12, + "score": 0 + }, { "id": 219765536, "name": "CVE-2018-3245", diff --git a/2018/CVE-2018-3252.json b/2018/CVE-2018-3252.json new file mode 100644 index 0000000000..7e77c3bc71 --- /dev/null +++ b/2018/CVE-2018-3252.json @@ -0,0 +1,71 @@ +[ + { + "id": 154596948, + "name": "CVE-2018-3252", + "full_name": "jas502n\/CVE-2018-3252", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3252", + "description": "Weblogic-CVE-2018-3252", + "fork": false, + "created_at": "2018-10-25T02:16:49Z", + "updated_at": "2019-03-12T05:44:19Z", + "pushed_at": "2018-10-25T02:16:50Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 2, + "forks": 2, + "watchers": 7, + "score": 0 + }, + { + "id": 160289379, + "name": "CVE-2018-3252", + "full_name": "b1ueb0y\/CVE-2018-3252", + "owner": { + "login": "b1ueb0y", + "id": 13690411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13690411?v=4", + "html_url": "https:\/\/github.com\/b1ueb0y" + }, + "html_url": "https:\/\/github.com\/b1ueb0y\/CVE-2018-3252", + "description": null, + "fork": false, + "created_at": "2018-12-04T03:14:21Z", + "updated_at": "2020-10-12T02:02:08Z", + "pushed_at": "2018-12-04T04:01:01Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 2, + "forks": 2, + "watchers": 16, + "score": 0 + }, + { + "id": 160681161, + "name": "CVE-2018-3252", + "full_name": "pyn3rd\/CVE-2018-3252", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-3252", + "description": "CVE-2018-3252-PoC", + "fork": false, + "created_at": "2018-12-06T13:48:53Z", + "updated_at": "2020-05-22T02:13:16Z", + "pushed_at": "2018-12-07T04:31:50Z", + "stargazers_count": 70, + "watchers_count": 70, + "forks_count": 24, + "forks": 24, + "watchers": 70, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3608.json b/2018/CVE-2018-3608.json new file mode 100644 index 0000000000..e157b5844a --- /dev/null +++ b/2018/CVE-2018-3608.json @@ -0,0 +1,25 @@ +[ + { + "id": 120301126, + "name": "Trend_Micro_POC", + "full_name": "ZhiyuanWang-Chengdu-Qihoo360\/Trend_Micro_POC", + "owner": { + "login": "ZhiyuanWang-Chengdu-Qihoo360", + "id": 35134599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35134599?v=4", + "html_url": "https:\/\/github.com\/ZhiyuanWang-Chengdu-Qihoo360" + }, + "html_url": "https:\/\/github.com\/ZhiyuanWang-Chengdu-Qihoo360\/Trend_Micro_POC", + "description": "CVE-2018-3608 Trend_Micro_CVE", + "fork": false, + "created_at": "2018-02-05T12:22:28Z", + "updated_at": "2019-09-27T17:09:24Z", + "pushed_at": "2018-02-05T12:55:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3639.json b/2018/CVE-2018-3639.json index 41a226001d..c07376cc2a 100644 --- a/2018/CVE-2018-3639.json +++ b/2018/CVE-2018-3639.json @@ -1,4 +1,50 @@ [ + { + "id": 135628428, + "name": "ssbd-tools", + "full_name": "tyhicks\/ssbd-tools", + "owner": { + "login": "tyhicks", + "id": 1051156, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1051156?v=4", + "html_url": "https:\/\/github.com\/tyhicks" + }, + "html_url": "https:\/\/github.com\/tyhicks\/ssbd-tools", + "description": "Tools to exercise the Linux kernel mitigation for CVE-2018-3639 (aka Variant 4) using the Speculative Store Bypass Disable (SSBD) feature of x86 processors", + "fork": false, + "created_at": "2018-05-31T19:48:18Z", + "updated_at": "2019-12-16T15:32:25Z", + "pushed_at": "2018-06-01T16:53:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 137829375, + "name": "Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "full_name": "malindarathnayake\/Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "owner": { + "login": "malindarathnayake", + "id": 9443796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9443796?v=4", + "html_url": "https:\/\/github.com\/malindarathnayake" + }, + "html_url": "https:\/\/github.com\/malindarathnayake\/Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "description": null, + "fork": false, + "created_at": "2018-06-19T02:19:26Z", + "updated_at": "2018-06-19T02:57:22Z", + "pushed_at": "2018-06-19T02:57:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 186128549, "name": "CVE-2018-3639", diff --git a/2018/CVE-2018-3810.json b/2018/CVE-2018-3810.json index 83e106dee0..34d765b329 100644 --- a/2018/CVE-2018-3810.json +++ b/2018/CVE-2018-3810.json @@ -1,4 +1,27 @@ [ + { + "id": 127300096, + "name": "CVE-2018-3810", + "full_name": "lucad93\/CVE-2018-3810", + "owner": { + "login": "lucad93", + "id": 11524244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11524244?v=4", + "html_url": "https:\/\/github.com\/lucad93" + }, + "html_url": "https:\/\/github.com\/lucad93\/CVE-2018-3810", + "description": null, + "fork": false, + "created_at": "2018-03-29T14:04:11Z", + "updated_at": "2018-03-29T14:06:18Z", + "pushed_at": "2018-04-04T13:42:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 168879431, "name": "cve-2018-3810", diff --git a/2018/CVE-2018-4013.json b/2018/CVE-2018-4013.json new file mode 100644 index 0000000000..a6fcf5f6f4 --- /dev/null +++ b/2018/CVE-2018-4013.json @@ -0,0 +1,48 @@ +[ + { + "id": 154464449, + "name": "cve-2018-4013", + "full_name": "DoubleMice\/cve-2018-4013", + "owner": { + "login": "DoubleMice", + "id": 22325256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22325256?v=4", + "html_url": "https:\/\/github.com\/DoubleMice" + }, + "html_url": "https:\/\/github.com\/DoubleMice\/cve-2018-4013", + "description": "TALOS-2018-0684\/cve-2018-4013 poc", + "fork": false, + "created_at": "2018-10-24T08:19:25Z", + "updated_at": "2018-12-05T10:24:48Z", + "pushed_at": "2018-11-24T03:01:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 3, + "forks": 3, + "watchers": 7, + "score": 0 + }, + { + "id": 158950902, + "name": "RTSPServer-Code-Execution-Vulnerability", + "full_name": "r3dxpl0it\/RTSPServer-Code-Execution-Vulnerability", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/RTSPServer-Code-Execution-Vulnerability", + "description": "RTSPServer Code Execution Vulnerability CVE-2018-4013", + "fork": false, + "created_at": "2018-11-24T15:49:53Z", + "updated_at": "2020-08-06T07:17:07Z", + "pushed_at": "2018-11-26T23:35:57Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 5, + "forks": 5, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4087.json b/2018/CVE-2018-4087.json index f41519a77d..7886ed1748 100644 --- a/2018/CVE-2018-4087.json +++ b/2018/CVE-2018-4087.json @@ -21,5 +21,51 @@ "forks": 22, "watchers": 56, "score": 0 + }, + { + "id": 123298406, + "name": "UnjailMe", + "full_name": "MTJailed\/UnjailMe", + "owner": { + "login": "MTJailed", + "id": 31187886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31187886?v=4", + "html_url": "https:\/\/github.com\/MTJailed" + }, + "html_url": "https:\/\/github.com\/MTJailed\/UnjailMe", + "description": "A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)", + "fork": false, + "created_at": "2018-02-28T14:45:06Z", + "updated_at": "2020-10-10T22:24:09Z", + "pushed_at": "2018-05-08T10:59:23Z", + "stargazers_count": 78, + "watchers_count": 78, + "forks_count": 23, + "forks": 23, + "watchers": 78, + "score": 0 + }, + { + "id": 124429247, + "name": "Exploit11.2", + "full_name": "joedaguy\/Exploit11.2", + "owner": { + "login": "joedaguy", + "id": 37167590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37167590?v=4", + "html_url": "https:\/\/github.com\/joedaguy" + }, + "html_url": "https:\/\/github.com\/joedaguy\/Exploit11.2", + "description": "Exploit iOS 11.2.x by ZIMPERIUM and semi-completed by me. Sandbox escapes on CVE-2018-4087. ", + "fork": false, + "created_at": "2018-03-08T18:04:31Z", + "updated_at": "2020-04-06T19:47:42Z", + "pushed_at": "2018-03-08T15:41:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 28, + "forks": 28, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-4110.json b/2018/CVE-2018-4110.json new file mode 100644 index 0000000000..613c262f2e --- /dev/null +++ b/2018/CVE-2018-4110.json @@ -0,0 +1,25 @@ +[ + { + "id": 105685717, + "name": "ios11-cookie-set-expire-issue", + "full_name": "bencompton\/ios11-cookie-set-expire-issue", + "owner": { + "login": "bencompton", + "id": 3343482, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3343482?v=4", + "html_url": "https:\/\/github.com\/bencompton" + }, + "html_url": "https:\/\/github.com\/bencompton\/ios11-cookie-set-expire-issue", + "description": "Reproduction of iOS 11 bug CVE-2018-4110", + "fork": false, + "created_at": "2017-10-03T18:09:30Z", + "updated_at": "2019-05-07T14:07:43Z", + "pushed_at": "2017-10-16T15:07:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4121.json b/2018/CVE-2018-4121.json new file mode 100644 index 0000000000..6a91b72aa0 --- /dev/null +++ b/2018/CVE-2018-4121.json @@ -0,0 +1,71 @@ +[ + { + "id": 130184573, + "name": "CVE-2018-4121", + "full_name": "FSecureLABS\/CVE-2018-4121", + "owner": { + "login": "FSecureLABS", + "id": 1469843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1469843?v=4", + "html_url": "https:\/\/github.com\/FSecureLABS" + }, + "html_url": "https:\/\/github.com\/FSecureLABS\/CVE-2018-4121", + "description": "macOS 10.13.3 (17D47) Safari Wasm Exploit ", + "fork": false, + "created_at": "2018-04-19T08:33:12Z", + "updated_at": "2020-04-16T03:34:01Z", + "pushed_at": "2018-04-19T11:20:41Z", + "stargazers_count": 114, + "watchers_count": 114, + "forks_count": 34, + "forks": 34, + "watchers": 114, + "score": 0 + }, + { + "id": 141314432, + "name": "CVE-2018-4121", + "full_name": "likescam\/CVE-2018-4121", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-4121", + "description": null, + "fork": false, + "created_at": "2018-07-17T16:15:29Z", + "updated_at": "2018-07-17T16:15:44Z", + "pushed_at": "2018-07-17T16:15:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 147746670, + "name": "CVE-2018-4121", + "full_name": "jezzus\/CVE-2018-4121", + "owner": { + "login": "jezzus", + "id": 9899999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9899999?v=4", + "html_url": "https:\/\/github.com\/jezzus" + }, + "html_url": "https:\/\/github.com\/jezzus\/CVE-2018-4121", + "description": null, + "fork": false, + "created_at": "2018-09-06T23:55:43Z", + "updated_at": "2018-09-06T23:55:53Z", + "pushed_at": "2018-09-06T23:55:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4150.json b/2018/CVE-2018-4150.json new file mode 100644 index 0000000000..aef3efed9b --- /dev/null +++ b/2018/CVE-2018-4150.json @@ -0,0 +1,71 @@ +[ + { + "id": 132634317, + "name": "CVE-2018-4150", + "full_name": "Jailbreaks\/CVE-2018-4150", + "owner": { + "login": "Jailbreaks", + "id": 25392316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25392316?v=4", + "html_url": "https:\/\/github.com\/Jailbreaks" + }, + "html_url": "https:\/\/github.com\/Jailbreaks\/CVE-2018-4150", + "description": "Proof of concept for CVE-2018-4150 by @cmwdotme ", + "fork": false, + "created_at": "2018-05-08T16:12:59Z", + "updated_at": "2018-11-16T12:24:04Z", + "pushed_at": "2018-05-08T16:14:50Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 4, + "forks": 4, + "watchers": 11, + "score": 0 + }, + { + "id": 132916613, + "name": "LovelySn0w", + "full_name": "RPwnage\/LovelySn0w", + "owner": { + "login": "RPwnage", + "id": 33968601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33968601?v=4", + "html_url": "https:\/\/github.com\/RPwnage" + }, + "html_url": "https:\/\/github.com\/RPwnage\/LovelySn0w", + "description": "a iOS CVE-2018-4150 Application example.", + "fork": false, + "created_at": "2018-05-10T15:04:44Z", + "updated_at": "2020-12-19T19:45:56Z", + "pushed_at": "2018-05-14T14:32:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + }, + { + "id": 135454936, + "name": "incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "full_name": "littlelailo\/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "owner": { + "login": "littlelailo", + "id": 28736661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28736661?v=4", + "html_url": "https:\/\/github.com\/littlelailo" + }, + "html_url": "https:\/\/github.com\/littlelailo\/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "description": "incomplete exploit for CVE-2018-4150 (by cmwdotme) for devices without SMAP", + "fork": false, + "created_at": "2018-05-30T14:29:37Z", + "updated_at": "2020-09-29T08:51:45Z", + "pushed_at": "2018-05-30T14:39:55Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4185.json b/2018/CVE-2018-4185.json new file mode 100644 index 0000000000..739a6530b4 --- /dev/null +++ b/2018/CVE-2018-4185.json @@ -0,0 +1,25 @@ +[ + { + "id": 123051746, + "name": "x18-leak", + "full_name": "bazad\/x18-leak", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/x18-leak", + "description": "CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation.", + "fork": false, + "created_at": "2018-02-27T00:58:39Z", + "updated_at": "2020-09-07T11:40:43Z", + "pushed_at": "2018-03-07T08:07:29Z", + "stargazers_count": 76, + "watchers_count": 76, + "forks_count": 12, + "forks": 12, + "watchers": 76, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4233.json b/2018/CVE-2018-4233.json new file mode 100644 index 0000000000..cafb5c11aa --- /dev/null +++ b/2018/CVE-2018-4233.json @@ -0,0 +1,25 @@ +[ + { + "id": 144027153, + "name": "cve-2018-4233", + "full_name": "saelo\/cve-2018-4233", + "owner": { + "login": "saelo", + "id": 2453290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2453290?v=4", + "html_url": "https:\/\/github.com\/saelo" + }, + "html_url": "https:\/\/github.com\/saelo\/cve-2018-4233", + "description": "Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018", + "fork": false, + "created_at": "2018-08-08T14:41:20Z", + "updated_at": "2021-01-27T19:33:40Z", + "pushed_at": "2018-08-17T23:31:46Z", + "stargazers_count": 154, + "watchers_count": 154, + "forks_count": 32, + "forks": 32, + "watchers": 154, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4241.json b/2018/CVE-2018-4241.json new file mode 100644 index 0000000000..306a67d679 --- /dev/null +++ b/2018/CVE-2018-4241.json @@ -0,0 +1,25 @@ +[ + { + "id": 136248519, + "name": "multi_path", + "full_name": "0neday\/multi_path", + "owner": { + "login": "0neday", + "id": 15697803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15697803?v=4", + "html_url": "https:\/\/github.com\/0neday" + }, + "html_url": "https:\/\/github.com\/0neday\/multi_path", + "description": "CVE-2018-4241: XNU kernel heap overflow due to bad bounds checking in MPTCP for iOS 11 - 11.3.1released by Ian Beer", + "fork": false, + "created_at": "2018-06-06T00:07:01Z", + "updated_at": "2020-12-04T15:46:11Z", + "pushed_at": "2018-06-06T23:57:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4242.json b/2018/CVE-2018-4242.json new file mode 100644 index 0000000000..81b7d9bfe1 --- /dev/null +++ b/2018/CVE-2018-4242.json @@ -0,0 +1,25 @@ +[ + { + "id": 160888223, + "name": "Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-", + "full_name": "yeonnic\/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-", + "owner": { + "login": "yeonnic", + "id": 23390602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23390602?v=4", + "html_url": "https:\/\/github.com\/yeonnic" + }, + "html_url": "https:\/\/github.com\/yeonnic\/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-", + "description": null, + "fork": false, + "created_at": "2018-12-08T00:13:28Z", + "updated_at": "2018-12-21T06:43:45Z", + "pushed_at": "2018-12-08T02:15:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4243.json b/2018/CVE-2018-4243.json new file mode 100644 index 0000000000..a15588be1c --- /dev/null +++ b/2018/CVE-2018-4243.json @@ -0,0 +1,25 @@ +[ + { + "id": 137236042, + "name": "empty_list", + "full_name": "Jailbreaks\/empty_list", + "owner": { + "login": "Jailbreaks", + "id": 25392316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25392316?v=4", + "html_url": "https:\/\/github.com\/Jailbreaks" + }, + "html_url": "https:\/\/github.com\/Jailbreaks\/empty_list", + "description": "empty_list - exploit for p0 issue 1564 (CVE-2018-4243) iOS 11.0 - 11.3.1 kernel r\/w", + "fork": false, + "created_at": "2018-06-13T15:38:18Z", + "updated_at": "2021-01-23T08:10:04Z", + "pushed_at": "2018-06-13T15:40:15Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 5, + "forks": 5, + "watchers": 17, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4248.json b/2018/CVE-2018-4248.json new file mode 100644 index 0000000000..ba6463a2b0 --- /dev/null +++ b/2018/CVE-2018-4248.json @@ -0,0 +1,25 @@ +[ + { + "id": 132848731, + "name": "xpc-string-leak", + "full_name": "bazad\/xpc-string-leak", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/xpc-string-leak", + "description": "CVE-2018-4248: Out-of-bounds read in libxpc during string serialization.", + "fork": false, + "created_at": "2018-05-10T04:31:38Z", + "updated_at": "2020-03-17T04:31:39Z", + "pushed_at": "2018-07-10T00:05:46Z", + "stargazers_count": 46, + "watchers_count": 46, + "forks_count": 4, + "forks": 4, + "watchers": 46, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4280.json b/2018/CVE-2018-4280.json new file mode 100644 index 0000000000..895740f716 --- /dev/null +++ b/2018/CVE-2018-4280.json @@ -0,0 +1,48 @@ +[ + { + "id": 118415497, + "name": "launchd-portrep", + "full_name": "bazad\/launchd-portrep", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/launchd-portrep", + "description": "CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.", + "fork": false, + "created_at": "2018-01-22T06:22:59Z", + "updated_at": "2020-12-07T01:17:50Z", + "pushed_at": "2018-10-28T20:23:30Z", + "stargazers_count": 48, + "watchers_count": 48, + "forks_count": 4, + "forks": 4, + "watchers": 48, + "score": 0 + }, + { + "id": 122551718, + "name": "blanket", + "full_name": "bazad\/blanket", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/blanket", + "description": "CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.", + "fork": false, + "created_at": "2018-02-23T00:19:05Z", + "updated_at": "2021-01-26T00:45:25Z", + "pushed_at": "2018-11-13T00:26:18Z", + "stargazers_count": 211, + "watchers_count": 211, + "forks_count": 40, + "forks": 40, + "watchers": 211, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4327.json b/2018/CVE-2018-4327.json new file mode 100644 index 0000000000..bc0fa42226 --- /dev/null +++ b/2018/CVE-2018-4327.json @@ -0,0 +1,48 @@ +[ + { + "id": 148367467, + "name": "brokentooth", + "full_name": "omerporze\/brokentooth", + "owner": { + "login": "omerporze", + "id": 6332303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6332303?v=4", + "html_url": "https:\/\/github.com\/omerporze" + }, + "html_url": "https:\/\/github.com\/omerporze\/brokentooth", + "description": " POC for CVE-2018-4327", + "fork": false, + "created_at": "2018-09-11T19:15:09Z", + "updated_at": "2020-12-26T09:15:03Z", + "pushed_at": "2018-09-13T15:59:05Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 8, + "forks": 8, + "watchers": 41, + "score": 0 + }, + { + "id": 148547298, + "name": "POC-CVE-2018-4327-and-CVE-2018-4330", + "full_name": "harryanon\/POC-CVE-2018-4327-and-CVE-2018-4330", + "owner": { + "login": "harryanon", + "id": 37672417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37672417?v=4", + "html_url": "https:\/\/github.com\/harryanon" + }, + "html_url": "https:\/\/github.com\/harryanon\/POC-CVE-2018-4327-and-CVE-2018-4330", + "description": null, + "fork": false, + "created_at": "2018-09-12T22:00:58Z", + "updated_at": "2018-09-30T09:47:45Z", + "pushed_at": "2018-09-12T22:01:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4330.json b/2018/CVE-2018-4330.json new file mode 100644 index 0000000000..f5f6ecbf50 --- /dev/null +++ b/2018/CVE-2018-4330.json @@ -0,0 +1,25 @@ +[ + { + "id": 148663645, + "name": "toothfairy", + "full_name": "omerporze\/toothfairy", + "owner": { + "login": "omerporze", + "id": 6332303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6332303?v=4", + "html_url": "https:\/\/github.com\/omerporze" + }, + "html_url": "https:\/\/github.com\/omerporze\/toothfairy", + "description": "CVE-2018-4330 POC for iOS", + "fork": false, + "created_at": "2018-09-13T16:05:20Z", + "updated_at": "2021-02-05T15:44:05Z", + "pushed_at": "2018-09-13T18:34:20Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 2, + "forks": 2, + "watchers": 14, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4331.json b/2018/CVE-2018-4331.json new file mode 100644 index 0000000000..de1b139aab --- /dev/null +++ b/2018/CVE-2018-4331.json @@ -0,0 +1,25 @@ +[ + { + "id": 114446755, + "name": "gsscred-race", + "full_name": "bazad\/gsscred-race", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/gsscred-race", + "description": "CVE-2018-4331: Exploit for a race condition in the GSSCred system service on iOS 11.2.", + "fork": false, + "created_at": "2017-12-16T08:48:08Z", + "updated_at": "2020-04-14T17:58:29Z", + "pushed_at": "2018-01-09T07:23:15Z", + "stargazers_count": 20, + "watchers_count": 20, + "forks_count": 5, + "forks": 5, + "watchers": 20, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4343.json b/2018/CVE-2018-4343.json new file mode 100644 index 0000000000..cfe368478e --- /dev/null +++ b/2018/CVE-2018-4343.json @@ -0,0 +1,25 @@ +[ + { + "id": 113555592, + "name": "gsscred-move-uaf", + "full_name": "bazad\/gsscred-move-uaf", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/gsscred-move-uaf", + "description": "CVE-2018-4343: Proof-of-concept for a use-after-free in the GSSCred daemon on macOS and iOS.", + "fork": false, + "created_at": "2017-12-08T09:15:37Z", + "updated_at": "2020-10-10T06:38:29Z", + "pushed_at": "2017-12-09T23:23:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4407.json b/2018/CVE-2018-4407.json index d4050b59c2..ac5b282cf8 100644 --- a/2018/CVE-2018-4407.json +++ b/2018/CVE-2018-4407.json @@ -1,4 +1,96 @@ [ + { + "id": 155684007, + "name": "check_icmp_dos", + "full_name": "Pa55w0rd\/check_icmp_dos", + "owner": { + "login": "Pa55w0rd", + "id": 16274549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16274549?v=4", + "html_url": "https:\/\/github.com\/Pa55w0rd" + }, + "html_url": "https:\/\/github.com\/Pa55w0rd\/check_icmp_dos", + "description": "iOS 12 \/ OS X Remote Kernel Heap Overflow (CVE-2018-4407) POC", + "fork": false, + "created_at": "2018-11-01T08:21:59Z", + "updated_at": "2020-04-06T11:00:33Z", + "pushed_at": "2018-11-01T08:53:23Z", + "stargazers_count": 59, + "watchers_count": 59, + "forks_count": 14, + "forks": 14, + "watchers": 59, + "score": 0 + }, + { + "id": 155748281, + "name": "cve-2018-4407", + "full_name": "unixpickle\/cve-2018-4407", + "owner": { + "login": "unixpickle", + "id": 406021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/406021?v=4", + "html_url": "https:\/\/github.com\/unixpickle" + }, + "html_url": "https:\/\/github.com\/unixpickle\/cve-2018-4407", + "description": "Crash macOS and iOS devices with one packet", + "fork": false, + "created_at": "2018-11-01T17:03:25Z", + "updated_at": "2020-12-21T17:36:52Z", + "pushed_at": "2018-11-15T21:13:37Z", + "stargazers_count": 50, + "watchers_count": 50, + "forks_count": 19, + "forks": 19, + "watchers": 50, + "score": 0 + }, + { + "id": 155810193, + "name": "check_icmp_dos-CVE-2018-4407-", + "full_name": "s2339956\/check_icmp_dos-CVE-2018-4407-", + "owner": { + "login": "s2339956", + "id": 17181670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17181670?v=4", + "html_url": "https:\/\/github.com\/s2339956" + }, + "html_url": "https:\/\/github.com\/s2339956\/check_icmp_dos-CVE-2018-4407-", + "description": "CVE-2018-4407 概述與實現", + "fork": false, + "created_at": "2018-11-02T03:38:41Z", + "updated_at": "2018-11-02T03:48:36Z", + "pushed_at": "2018-11-02T03:48:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 155836421, + "name": "AppleDOS", + "full_name": "farisv\/AppleDOS", + "owner": { + "login": "farisv", + "id": 44131180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44131180?v=4", + "html_url": "https:\/\/github.com\/farisv" + }, + "html_url": "https:\/\/github.com\/farisv\/AppleDOS", + "description": "Messing Apple devices on the network with CVE-2018-4407 (heap overflow in bad packet handling)", + "fork": false, + "created_at": "2018-11-02T08:29:29Z", + "updated_at": "2020-10-03T07:29:19Z", + "pushed_at": "2018-12-04T08:21:43Z", + "stargazers_count": 24, + "watchers_count": 24, + "forks_count": 5, + "forks": 5, + "watchers": 24, + "score": 0 + }, { "id": 155837722, "name": "CVE-2018-4407", @@ -22,6 +114,98 @@ "watchers": 13, "score": 0 }, + { + "id": 155885238, + "name": "CVE-2018-4407-IOS", + "full_name": "zteeed\/CVE-2018-4407-IOS", + "owner": { + "login": "zteeed", + "id": 34286541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34286541?v=4", + "html_url": "https:\/\/github.com\/zteeed" + }, + "html_url": "https:\/\/github.com\/zteeed\/CVE-2018-4407-IOS", + "description": "POC: Heap buffer overflow in the networking code in the XNU operating system kernel", + "fork": false, + "created_at": "2018-11-02T15:26:47Z", + "updated_at": "2020-11-23T22:13:12Z", + "pushed_at": "2018-12-01T23:17:56Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 1, + "forks": 1, + "watchers": 13, + "score": 0 + }, + { + "id": 155925880, + "name": "node-cve-2018-4407", + "full_name": "SamDecrock\/node-cve-2018-4407", + "owner": { + "login": "SamDecrock", + "id": 550487, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/550487?v=4", + "html_url": "https:\/\/github.com\/SamDecrock" + }, + "html_url": "https:\/\/github.com\/SamDecrock\/node-cve-2018-4407", + "description": "Node.js PoC exploit code for CVE-2018-4407", + "fork": false, + "created_at": "2018-11-02T22:00:17Z", + "updated_at": "2020-06-19T07:48:32Z", + "pushed_at": "2018-11-02T22:13:40Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 6, + "forks": 6, + "watchers": 11, + "score": 0 + }, + { + "id": 156039963, + "name": "CVE-2018-4407", + "full_name": "r3dxpl0it\/CVE-2018-4407", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/CVE-2018-4407", + "description": "IOS\/MAC Denial-Of-Service [POC\/EXPLOIT FOR MASSIVE ATTACK TO IOS\/MAC IN NETWORK]", + "fork": false, + "created_at": "2018-11-04T01:47:05Z", + "updated_at": "2020-12-28T15:24:25Z", + "pushed_at": "2018-11-04T02:25:08Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 10, + "forks": 10, + "watchers": 22, + "score": 0 + }, + { + "id": 156051346, + "name": "CVE-2018-4407", + "full_name": "lucagiovagnoli\/CVE-2018-4407", + "owner": { + "login": "lucagiovagnoli", + "id": 4341034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4341034?v=4", + "html_url": "https:\/\/github.com\/lucagiovagnoli" + }, + "html_url": "https:\/\/github.com\/lucagiovagnoli\/CVE-2018-4407", + "description": "A buffer overflow vulnerability in the XNU kernel's ICMP error code causes IOS devices to crash (laptops and mobiles).", + "fork": false, + "created_at": "2018-11-04T05:10:38Z", + "updated_at": "2019-12-06T13:15:13Z", + "pushed_at": "2018-11-04T19:00:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 156611823, "name": "Apple-Remote-Crash-Tool-CVE-2018-4407", @@ -45,6 +229,29 @@ "watchers": 4, "score": 0 }, + { + "id": 159180451, + "name": "wifi", + "full_name": "soccercab\/wifi", + "owner": { + "login": "soccercab", + "id": 26183552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26183552?v=4", + "html_url": "https:\/\/github.com\/soccercab" + }, + "html_url": "https:\/\/github.com\/soccercab\/wifi", + "description": "iOS 11 WiFi Exploit - icmp_error_CVE-2018-4407", + "fork": false, + "created_at": "2018-11-26T14:14:55Z", + "updated_at": "2018-11-26T20:38:51Z", + "pushed_at": "2018-11-26T20:38:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 163652093, "name": "CVE-2018-4407-iOS-exploit", diff --git a/2018/CVE-2018-4415.json b/2018/CVE-2018-4415.json new file mode 100644 index 0000000000..0b195e01e1 --- /dev/null +++ b/2018/CVE-2018-4415.json @@ -0,0 +1,25 @@ +[ + { + "id": 159675683, + "name": "CVE-2018-4415", + "full_name": "T1V0h\/CVE-2018-4415", + "owner": { + "login": "T1V0h", + "id": 27940897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27940897?v=4", + "html_url": "https:\/\/github.com\/T1V0h" + }, + "html_url": "https:\/\/github.com\/T1V0h\/CVE-2018-4415", + "description": null, + "fork": false, + "created_at": "2018-11-29T14:06:50Z", + "updated_at": "2018-11-29T14:12:49Z", + "pushed_at": "2018-11-29T14:09:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4878.json b/2018/CVE-2018-4878.json index 9358da7d49..711beb1a21 100644 --- a/2018/CVE-2018-4878.json +++ b/2018/CVE-2018-4878.json @@ -1,4 +1,188 @@ [ + { + "id": 118241221, + "name": "CVE-2018-4878-", + "full_name": "ydl555\/CVE-2018-4878-", + "owner": { + "login": "ydl555", + "id": 12909271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12909271?v=4", + "html_url": "https:\/\/github.com\/ydl555" + }, + "html_url": "https:\/\/github.com\/ydl555\/CVE-2018-4878-", + "description": "备忘:flash挂马工具备份 CVE-2018-4878", + "fork": false, + "created_at": "2018-01-20T12:32:26Z", + "updated_at": "2018-06-14T13:18:54Z", + "pushed_at": "2018-06-12T03:04:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 120909146, + "name": "CVE-2018-4878", + "full_name": "mdsecactivebreach\/CVE-2018-4878", + "owner": { + "login": "mdsecactivebreach", + "id": 29373540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29373540?v=4", + "html_url": "https:\/\/github.com\/mdsecactivebreach" + }, + "html_url": "https:\/\/github.com\/mdsecactivebreach\/CVE-2018-4878", + "description": null, + "fork": false, + "created_at": "2018-02-09T13:30:46Z", + "updated_at": "2020-03-26T07:15:42Z", + "pushed_at": "2018-02-09T14:38:27Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 17, + "forks": 17, + "watchers": 21, + "score": 0 + }, + { + "id": 120962228, + "name": "CVE-2018-4878", + "full_name": "hybridious\/CVE-2018-4878", + "owner": { + "login": "hybridious", + "id": 26754785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26754785?v=4", + "html_url": "https:\/\/github.com\/hybridious" + }, + "html_url": "https:\/\/github.com\/hybridious\/CVE-2018-4878", + "description": "Aggressor Script to just launch IE driveby for CVE-2018-4878", + "fork": false, + "created_at": "2018-02-09T22:25:03Z", + "updated_at": "2018-02-10T09:26:14Z", + "pushed_at": "2018-02-09T22:09:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 5, + "forks": 5, + "watchers": 0, + "score": 0 + }, + { + "id": 121002284, + "name": "CVE-2018-4878", + "full_name": "vysecurity\/CVE-2018-4878", + "owner": { + "login": "vysecurity", + "id": 3596242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3596242?v=4", + "html_url": "https:\/\/github.com\/vysecurity" + }, + "html_url": "https:\/\/github.com\/vysecurity\/CVE-2018-4878", + "description": "Aggressor Script to launch IE driveby for CVE-2018-4878", + "fork": false, + "created_at": "2018-02-10T09:30:18Z", + "updated_at": "2021-02-07T07:18:41Z", + "pushed_at": "2018-02-10T19:39:10Z", + "stargazers_count": 80, + "watchers_count": 80, + "forks_count": 33, + "forks": 33, + "watchers": 80, + "score": 0 + }, + { + "id": 122663508, + "name": "CVE-2018-4878", + "full_name": "KathodeN\/CVE-2018-4878", + "owner": { + "login": "KathodeN", + "id": 29355827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29355827?v=4", + "html_url": "https:\/\/github.com\/KathodeN" + }, + "html_url": "https:\/\/github.com\/KathodeN\/CVE-2018-4878", + "description": "CVE-2018-4878 样本", + "fork": false, + "created_at": "2018-02-23T19:24:40Z", + "updated_at": "2020-12-10T06:55:01Z", + "pushed_at": "2018-02-22T07:10:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 53, + "forks": 53, + "watchers": 0, + "score": 0 + }, + { + "id": 128007297, + "name": "CVE-2018-4878", + "full_name": "SyFi\/CVE-2018-4878", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-4878", + "description": "Flash Exploit Poc", + "fork": false, + "created_at": "2018-04-04T04:33:44Z", + "updated_at": "2020-05-29T17:05:11Z", + "pushed_at": "2018-09-03T11:41:25Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 10, + "forks": 10, + "watchers": 10, + "score": 0 + }, + { + "id": 137009230, + "name": "CVE-2018-4878", + "full_name": "ydl555\/CVE-2018-4878", + "owner": { + "login": "ydl555", + "id": 12909271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12909271?v=4", + "html_url": "https:\/\/github.com\/ydl555" + }, + "html_url": "https:\/\/github.com\/ydl555\/CVE-2018-4878", + "description": " CVE-2018-4878 flash 0day", + "fork": false, + "created_at": "2018-06-12T02:57:59Z", + "updated_at": "2018-06-12T03:01:52Z", + "pushed_at": "2018-06-12T02:57:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153381902, + "name": "CVE-2018-4878", + "full_name": "B0fH\/CVE-2018-4878", + "owner": { + "login": "B0fH", + "id": 1335037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1335037?v=4", + "html_url": "https:\/\/github.com\/B0fH" + }, + "html_url": "https:\/\/github.com\/B0fH\/CVE-2018-4878", + "description": "Metasploit module for CVE-2018-4878", + "fork": false, + "created_at": "2018-10-17T02:11:24Z", + "updated_at": "2018-12-26T09:33:54Z", + "pushed_at": "2018-10-24T02:18:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, { "id": 162440583, "name": "CVE-2018-4878", diff --git a/2018/CVE-2018-4879.json b/2018/CVE-2018-4879.json new file mode 100644 index 0000000000..594750907f --- /dev/null +++ b/2018/CVE-2018-4879.json @@ -0,0 +1,25 @@ +[ + { + "id": 125461828, + "name": "CVE-2018-4879", + "full_name": "H3llozy\/CVE-2018-4879", + "owner": { + "login": "H3llozy", + "id": 15612861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15612861?v=4", + "html_url": "https:\/\/github.com\/H3llozy" + }, + "html_url": "https:\/\/github.com\/H3llozy\/CVE-2018-4879", + "description": null, + "fork": false, + "created_at": "2018-03-16T04:04:55Z", + "updated_at": "2021-01-13T15:13:50Z", + "pushed_at": "2018-03-15T16:02:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4901.json b/2018/CVE-2018-4901.json new file mode 100644 index 0000000000..69a8a6abec --- /dev/null +++ b/2018/CVE-2018-4901.json @@ -0,0 +1,25 @@ +[ + { + "id": 125818046, + "name": "CVE-2018-4901", + "full_name": "bigric3\/CVE-2018-4901", + "owner": { + "login": "bigric3", + "id": 22165361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22165361?v=4", + "html_url": "https:\/\/github.com\/bigric3" + }, + "html_url": "https:\/\/github.com\/bigric3\/CVE-2018-4901", + "description": "crash poc & Leak info PoC", + "fork": false, + "created_at": "2018-03-19T07:27:53Z", + "updated_at": "2018-11-16T12:24:04Z", + "pushed_at": "2018-03-19T07:29:42Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 5, + "forks": 5, + "watchers": 18, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5234.json b/2018/CVE-2018-5234.json new file mode 100644 index 0000000000..d778964913 --- /dev/null +++ b/2018/CVE-2018-5234.json @@ -0,0 +1,25 @@ +[ + { + "id": 131737249, + "name": "ble_norton_core", + "full_name": "embedi\/ble_norton_core", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi" + }, + "html_url": "https:\/\/github.com\/embedi\/ble_norton_core", + "description": "PoC exploit for CVE-2018-5234", + "fork": false, + "created_at": "2018-05-01T16:40:30Z", + "updated_at": "2021-01-15T23:48:08Z", + "pushed_at": "2018-05-02T08:50:57Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 9, + "forks": 9, + "watchers": 28, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5711.json b/2018/CVE-2018-5711.json new file mode 100644 index 0000000000..d308960c71 --- /dev/null +++ b/2018/CVE-2018-5711.json @@ -0,0 +1,48 @@ +[ + { + "id": 119782218, + "name": "Test-7-2-0-PHP-CVE-2018-5711", + "full_name": "huzhenghui\/Test-7-2-0-PHP-CVE-2018-5711", + "owner": { + "login": "huzhenghui", + "id": 4843755, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4843755?v=4", + "html_url": "https:\/\/github.com\/huzhenghui" + }, + "html_url": "https:\/\/github.com\/huzhenghui\/Test-7-2-0-PHP-CVE-2018-5711", + "description": null, + "fork": false, + "created_at": "2018-02-01T04:21:13Z", + "updated_at": "2018-02-02T07:40:36Z", + "pushed_at": "2018-02-01T06:24:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 119790221, + "name": "Test-7-2-1-PHP-CVE-2018-5711", + "full_name": "huzhenghui\/Test-7-2-1-PHP-CVE-2018-5711", + "owner": { + "login": "huzhenghui", + "id": 4843755, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4843755?v=4", + "html_url": "https:\/\/github.com\/huzhenghui" + }, + "html_url": "https:\/\/github.com\/huzhenghui\/Test-7-2-1-PHP-CVE-2018-5711", + "description": null, + "fork": false, + "created_at": "2018-02-01T06:00:14Z", + "updated_at": "2018-02-02T04:30:18Z", + "pushed_at": "2018-02-01T06:23:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5740.json b/2018/CVE-2018-5740.json new file mode 100644 index 0000000000..d59d038d97 --- /dev/null +++ b/2018/CVE-2018-5740.json @@ -0,0 +1,25 @@ +[ + { + "id": 144792218, + "name": "cve-2018-5740", + "full_name": "sischkg\/cve-2018-5740", + "owner": { + "login": "sischkg", + "id": 3468384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3468384?v=4", + "html_url": "https:\/\/github.com\/sischkg" + }, + "html_url": "https:\/\/github.com\/sischkg\/cve-2018-5740", + "description": null, + "fork": false, + "created_at": "2018-08-15T01:50:41Z", + "updated_at": "2019-02-25T15:06:06Z", + "pushed_at": "2018-08-15T06:25:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5951.json b/2018/CVE-2018-5951.json new file mode 100644 index 0000000000..778424ee66 --- /dev/null +++ b/2018/CVE-2018-5951.json @@ -0,0 +1,25 @@ +[ + { + "id": 118846181, + "name": "CVE-2018-5951", + "full_name": "Nat-Lab\/CVE-2018-5951", + "owner": { + "login": "Nat-Lab", + "id": 18462539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18462539?v=4", + "html_url": "https:\/\/github.com\/Nat-Lab" + }, + "html_url": "https:\/\/github.com\/Nat-Lab\/CVE-2018-5951", + "description": "MikroTik RouterOS Denial of Service Vulnerability", + "fork": false, + "created_at": "2018-01-25T01:40:02Z", + "updated_at": "2020-10-01T13:43:56Z", + "pushed_at": "2018-02-11T06:51:29Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 7, + "forks": 7, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index 9067b9d1aa..a3218d06cc 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -1,4 +1,27 @@ [ + { + "id": 148261072, + "name": "GitStackRCE", + "full_name": "cisp\/GitStackRCE", + "owner": { + "login": "cisp", + "id": 11972644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11972644?v=4", + "html_url": "https:\/\/github.com\/cisp" + }, + "html_url": "https:\/\/github.com\/cisp\/GitStackRCE", + "description": "GitStackRCE漏洞(CVE-2018-5955)EXP", + "fork": false, + "created_at": "2018-09-11T04:39:43Z", + "updated_at": "2018-09-21T15:13:18Z", + "pushed_at": "2018-09-11T04:40:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 229491909, "name": "Cerberus", diff --git a/2018/CVE-2018-6242.json b/2018/CVE-2018-6242.json index d4aa7894fe..6dafc57a7f 100644 --- a/2018/CVE-2018-6242.json +++ b/2018/CVE-2018-6242.json @@ -1,4 +1,50 @@ [ + { + "id": 131405057, + "name": "NXLoader", + "full_name": "DavidBuchanan314\/NXLoader", + "owner": { + "login": "DavidBuchanan314", + "id": 13520633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13520633?v=4", + "html_url": "https:\/\/github.com\/DavidBuchanan314" + }, + "html_url": "https:\/\/github.com\/DavidBuchanan314\/NXLoader", + "description": "My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)", + "fork": false, + "created_at": "2018-04-28T11:50:00Z", + "updated_at": "2021-02-13T20:07:20Z", + "pushed_at": "2018-08-30T05:37:03Z", + "stargazers_count": 414, + "watchers_count": 414, + "forks_count": 54, + "forks": 54, + "watchers": 414, + "score": 0 + }, + { + "id": 134342730, + "name": "rcm-modchips", + "full_name": "reswitched\/rcm-modchips", + "owner": { + "login": "reswitched", + "id": 26338222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26338222?v=4", + "html_url": "https:\/\/github.com\/reswitched" + }, + "html_url": "https:\/\/github.com\/reswitched\/rcm-modchips", + "description": "Collection of \"modchip\" designs for launching payloads via the Tegra RCM bug (CVE-2018-6242) ", + "fork": false, + "created_at": "2018-05-22T01:15:14Z", + "updated_at": "2019-01-22T23:33:39Z", + "pushed_at": "2018-05-22T07:44:42Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 3, + "forks": 3, + "watchers": 21, + "score": 0 + }, { "id": 213283473, "name": "fusho", diff --git a/2018/CVE-2018-6376.json b/2018/CVE-2018-6376.json new file mode 100644 index 0000000000..90e32fecff --- /dev/null +++ b/2018/CVE-2018-6376.json @@ -0,0 +1,25 @@ +[ + { + "id": 121202213, + "name": "CVE-2018-6376", + "full_name": "knqyf263\/CVE-2018-6376", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-6376", + "description": "Joomla!, Second Order SQL Injection", + "fork": false, + "created_at": "2018-02-12T05:02:52Z", + "updated_at": "2018-10-04T17:23:42Z", + "pushed_at": "2018-02-12T12:14:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6389.json b/2018/CVE-2018-6389.json index 5a169f6fa2..d807a073c3 100644 --- a/2018/CVE-2018-6389.json +++ b/2018/CVE-2018-6389.json @@ -1,4 +1,211 @@ [ + { + "id": 120386140, + "name": "wordpress-fix-cve-2018-6389", + "full_name": "yolabingo\/wordpress-fix-cve-2018-6389", + "owner": { + "login": "yolabingo", + "id": 628954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/628954?v=4", + "html_url": "https:\/\/github.com\/yolabingo" + }, + "html_url": "https:\/\/github.com\/yolabingo\/wordpress-fix-cve-2018-6389", + "description": "Apache RewriteRule to mitigate potential DoS attack via Wordpress wp-admin\/load-scripts.php file", + "fork": false, + "created_at": "2018-02-06T01:43:33Z", + "updated_at": "2018-02-08T01:19:57Z", + "pushed_at": "2018-02-06T01:46:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 120477120, + "name": "CVE-2018-6389", + "full_name": "WazeHell\/CVE-2018-6389", + "owner": { + "login": "WazeHell", + "id": 20618414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20618414?v=4", + "html_url": "https:\/\/github.com\/WazeHell" + }, + "html_url": "https:\/\/github.com\/WazeHell\/CVE-2018-6389", + "description": "CVE-2018-6389 Exploit In WordPress DoS ", + "fork": false, + "created_at": "2018-02-06T15:16:03Z", + "updated_at": "2020-07-04T11:10:46Z", + "pushed_at": "2018-02-06T15:36:29Z", + "stargazers_count": 76, + "watchers_count": 76, + "forks_count": 36, + "forks": 36, + "watchers": 76, + "score": 0 + }, + { + "id": 120533146, + "name": "modsecurity-cve-2018-6389", + "full_name": "rastating\/modsecurity-cve-2018-6389", + "owner": { + "login": "rastating", + "id": 2500434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2500434?v=4", + "html_url": "https:\/\/github.com\/rastating" + }, + "html_url": "https:\/\/github.com\/rastating\/modsecurity-cve-2018-6389", + "description": "A ModSecurity ruleset for detecting potential attacks using CVE-2018-6389", + "fork": false, + "created_at": "2018-02-06T22:51:21Z", + "updated_at": "2020-10-21T21:49:25Z", + "pushed_at": "2018-02-07T01:05:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 120540306, + "name": "CVE-2018-6389", + "full_name": "knqyf263\/CVE-2018-6389", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-6389", + "description": "WordPress DoS (CVE-2018-6389)", + "fork": false, + "created_at": "2018-02-07T00:20:57Z", + "updated_at": "2020-01-17T20:42:25Z", + "pushed_at": "2018-02-07T00:43:23Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 2, + "forks": 2, + "watchers": 10, + "score": 0 + }, + { + "id": 120617956, + "name": "cve-2018-6389-php-patcher", + "full_name": "JulienGadanho\/cve-2018-6389-php-patcher", + "owner": { + "login": "JulienGadanho", + "id": 18120161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18120161?v=4", + "html_url": "https:\/\/github.com\/JulienGadanho" + }, + "html_url": "https:\/\/github.com\/JulienGadanho\/cve-2018-6389-php-patcher", + "description": "Patch Wordpress DOS breach (CVE-2018-6389) in PHP", + "fork": false, + "created_at": "2018-02-07T13:22:31Z", + "updated_at": "2018-12-02T15:55:12Z", + "pushed_at": "2018-02-13T08:19:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, + { + "id": 120916403, + "name": "wordpress-CVE-2018-6389", + "full_name": "dsfau\/wordpress-CVE-2018-6389", + "owner": { + "login": "dsfau", + "id": 26786936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26786936?v=4", + "html_url": "https:\/\/github.com\/dsfau" + }, + "html_url": "https:\/\/github.com\/dsfau\/wordpress-CVE-2018-6389", + "description": "Metasploit module for WordPress DOS load-scripts.php CVE-2018-638", + "fork": false, + "created_at": "2018-02-09T14:37:44Z", + "updated_at": "2018-12-11T09:20:38Z", + "pushed_at": "2018-02-09T19:40:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 121636079, + "name": "CVE-2018-6389-FIX", + "full_name": "Jetserver\/CVE-2018-6389-FIX", + "owner": { + "login": "Jetserver", + "id": 16237996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16237996?v=4", + "html_url": "https:\/\/github.com\/Jetserver" + }, + "html_url": "https:\/\/github.com\/Jetserver\/CVE-2018-6389-FIX", + "description": "Global Fix for Wordpress CVE-2018-6389", + "fork": false, + "created_at": "2018-02-15T14:00:14Z", + "updated_at": "2018-02-15T14:02:54Z", + "pushed_at": "2018-02-18T11:40:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 122881954, + "name": "PoC---CVE-2018-6389", + "full_name": "thechrono13\/PoC---CVE-2018-6389", + "owner": { + "login": "thechrono13", + "id": 23078415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23078415?v=4", + "html_url": "https:\/\/github.com\/thechrono13" + }, + "html_url": "https:\/\/github.com\/thechrono13\/PoC---CVE-2018-6389", + "description": "Proof of Concept of vunerability CVE-2018-6389 on Wordpress 4.9.2", + "fork": false, + "created_at": "2018-02-25T22:06:05Z", + "updated_at": "2018-02-25T22:07:50Z", + "pushed_at": "2018-02-26T10:13:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 122955721, + "name": "cve-2018-6389", + "full_name": "BlackRouter\/cve-2018-6389", + "owner": { + "login": "BlackRouter", + "id": 15177510, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15177510?v=4", + "html_url": "https:\/\/github.com\/BlackRouter" + }, + "html_url": "https:\/\/github.com\/BlackRouter\/cve-2018-6389", + "description": null, + "fork": false, + "created_at": "2018-02-26T10:45:27Z", + "updated_at": "2018-02-26T10:45:27Z", + "pushed_at": "2018-02-26T10:47:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 123245165, "name": "PoC---CVE-2018-6389", @@ -22,6 +229,52 @@ "watchers": 0, "score": 0 }, + { + "id": 123487751, + "name": "wordpress-cve-2018-6389", + "full_name": "JavierOlmedo\/wordpress-cve-2018-6389", + "owner": { + "login": "JavierOlmedo", + "id": 15904748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15904748?v=4", + "html_url": "https:\/\/github.com\/JavierOlmedo" + }, + "html_url": "https:\/\/github.com\/JavierOlmedo\/wordpress-cve-2018-6389", + "description": "CVE-2018-6389 WordPress Core - 'load-scripts.php' Denial of Service <= 4.9.4", + "fork": false, + "created_at": "2018-03-01T20:19:14Z", + "updated_at": "2018-03-19T20:05:40Z", + "pushed_at": "2018-03-07T20:11:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 123791550, + "name": "wordpress_cve-2018-6389", + "full_name": "m3ssap0\/wordpress_cve-2018-6389", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress_cve-2018-6389", + "description": "Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.", + "fork": false, + "created_at": "2018-03-04T13:33:15Z", + "updated_at": "2018-09-18T13:02:37Z", + "pushed_at": "2018-03-10T11:57:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 123796262, "name": "Shiva", @@ -45,6 +298,98 @@ "watchers": 81, "score": 0 }, + { + "id": 130395597, + "name": "Wordpress-Hack-CVE-2018-6389", + "full_name": "mudhappy\/Wordpress-Hack-CVE-2018-6389", + "owner": { + "login": "mudhappy", + "id": 7614944, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7614944?v=4", + "html_url": "https:\/\/github.com\/mudhappy" + }, + "html_url": "https:\/\/github.com\/mudhappy\/Wordpress-Hack-CVE-2018-6389", + "description": null, + "fork": false, + "created_at": "2018-04-20T17:45:38Z", + "updated_at": "2018-04-20T17:48:12Z", + "pushed_at": "2018-04-20T17:48:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 132090592, + "name": "WP-DOS-Exploit-CVE-2018-6389", + "full_name": "armaanpathan12345\/WP-DOS-Exploit-CVE-2018-6389", + "owner": { + "login": "armaanpathan12345", + "id": 16278863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16278863?v=4", + "html_url": "https:\/\/github.com\/armaanpathan12345" + }, + "html_url": "https:\/\/github.com\/armaanpathan12345\/WP-DOS-Exploit-CVE-2018-6389", + "description": "WP-DOS-Exploit-CVE-2018-6389", + "fork": false, + "created_at": "2018-05-04T05:15:33Z", + "updated_at": "2018-05-04T05:19:30Z", + "pushed_at": "2018-05-04T05:19:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 146678844, + "name": "trellis-cve-2018-6389", + "full_name": "ItinerisLtd\/trellis-cve-2018-6389", + "owner": { + "login": "ItinerisLtd", + "id": 32365928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32365928?v=4", + "html_url": "https:\/\/github.com\/ItinerisLtd" + }, + "html_url": "https:\/\/github.com\/ItinerisLtd\/trellis-cve-2018-6389", + "description": "Mitigate CVE-2018-6389 WordPress load-scripts \/ load-styles attacks", + "fork": false, + "created_at": "2018-08-30T01:25:20Z", + "updated_at": "2020-08-11T04:43:27Z", + "pushed_at": "2018-08-30T01:47:48Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 0, + "forks": 0, + "watchers": 7, + "score": 0 + }, + { + "id": 155115549, + "name": "Wordpress-DOS", + "full_name": "Zazzzles\/Wordpress-DOS", + "owner": { + "login": "Zazzzles", + "id": 16189557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16189557?v=4", + "html_url": "https:\/\/github.com\/Zazzzles" + }, + "html_url": "https:\/\/github.com\/Zazzzles\/Wordpress-DOS", + "description": "Exploit for vulnerability CVE-2018-6389 on wordpress sites", + "fork": false, + "created_at": "2018-10-28T21:05:04Z", + "updated_at": "2020-06-17T01:53:45Z", + "pushed_at": "2018-11-01T06:45:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + }, { "id": 164352797, "name": "tvsz", diff --git a/2018/CVE-2018-6396.json b/2018/CVE-2018-6396.json new file mode 100644 index 0000000000..5904aff93e --- /dev/null +++ b/2018/CVE-2018-6396.json @@ -0,0 +1,25 @@ +[ + { + "id": 123634317, + "name": "joomla-cve-2018-6396", + "full_name": "JavierOlmedo\/joomla-cve-2018-6396", + "owner": { + "login": "JavierOlmedo", + "id": 15904748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15904748?v=4", + "html_url": "https:\/\/github.com\/JavierOlmedo" + }, + "html_url": "https:\/\/github.com\/JavierOlmedo\/joomla-cve-2018-6396", + "description": "Joomla - Component Google Map Landkarten <= 4.2.3 - SQL Injection", + "fork": false, + "created_at": "2018-03-02T21:46:28Z", + "updated_at": "2019-09-20T10:02:47Z", + "pushed_at": "2018-03-07T20:13:21Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6407.json b/2018/CVE-2018-6407.json new file mode 100644 index 0000000000..b0d39e7ab4 --- /dev/null +++ b/2018/CVE-2018-6407.json @@ -0,0 +1,25 @@ +[ + { + "id": 119438300, + "name": "ConceptronicIPCam_MultipleVulnerabilities", + "full_name": "dreadlocked\/ConceptronicIPCam_MultipleVulnerabilities", + "owner": { + "login": "dreadlocked", + "id": 7407033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7407033?v=4", + "html_url": "https:\/\/github.com\/dreadlocked" + }, + "html_url": "https:\/\/github.com\/dreadlocked\/ConceptronicIPCam_MultipleVulnerabilities", + "description": "[CVE-2018-6407 & CVE-2018-6408] Conceptronic IPCam Administration panel CSRF and Denial of Service", + "fork": false, + "created_at": "2018-01-29T20:36:54Z", + "updated_at": "2020-04-01T13:33:57Z", + "pushed_at": "2018-01-31T00:13:31Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 7, + "forks": 7, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6479.json b/2018/CVE-2018-6479.json new file mode 100644 index 0000000000..511093bee4 --- /dev/null +++ b/2018/CVE-2018-6479.json @@ -0,0 +1,25 @@ +[ + { + "id": 119714188, + "name": "netwave-dosvulnerability", + "full_name": "dreadlocked\/netwave-dosvulnerability", + "owner": { + "login": "dreadlocked", + "id": 7407033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7407033?v=4", + "html_url": "https:\/\/github.com\/dreadlocked" + }, + "html_url": "https:\/\/github.com\/dreadlocked\/netwave-dosvulnerability", + "description": "[CVE-2018-6479] Netwave IP Camera server vulnerable to Denial of Service via one single huge POST request.", + "fork": false, + "created_at": "2018-01-31T16:38:48Z", + "updated_at": "2020-04-06T19:50:52Z", + "pushed_at": "2018-02-01T20:08:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 5, + "forks": 5, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6518.json b/2018/CVE-2018-6518.json new file mode 100644 index 0000000000..5a7b68fc1b --- /dev/null +++ b/2018/CVE-2018-6518.json @@ -0,0 +1,25 @@ +[ + { + "id": 131035487, + "name": "Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "full_name": "faizzaidi\/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "description": "Composr CMS 10.0.13 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6518", + "fork": false, + "created_at": "2018-04-25T16:35:41Z", + "updated_at": "2020-07-17T05:22:18Z", + "pushed_at": "2018-04-25T16:37:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6546.json b/2018/CVE-2018-6546.json new file mode 100644 index 0000000000..d2f5ebc334 --- /dev/null +++ b/2018/CVE-2018-6546.json @@ -0,0 +1,48 @@ +[ + { + "id": 129653418, + "name": "CVE-2018-6546-Exploit", + "full_name": "securifera\/CVE-2018-6546-Exploit", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2018-6546-Exploit", + "description": "CVE-2018-6546-Exploit", + "fork": false, + "created_at": "2018-04-15T21:42:20Z", + "updated_at": "2020-06-06T02:32:24Z", + "pushed_at": "2018-04-15T21:59:34Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 10, + "forks": 10, + "watchers": 41, + "score": 0 + }, + { + "id": 142284375, + "name": "CVE-2018-6546", + "full_name": "YanZiShuang\/CVE-2018-6546", + "owner": { + "login": "YanZiShuang", + "id": 41621080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41621080?v=4", + "html_url": "https:\/\/github.com\/YanZiShuang" + }, + "html_url": "https:\/\/github.com\/YanZiShuang\/CVE-2018-6546", + "description": null, + "fork": false, + "created_at": "2018-07-25T10:22:53Z", + "updated_at": "2019-09-02T13:24:16Z", + "pushed_at": "2018-07-25T11:59:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6574.json b/2018/CVE-2018-6574.json index bd4cbd26ef..c342fb89ef 100644 --- a/2018/CVE-2018-6574.json +++ b/2018/CVE-2018-6574.json @@ -1,4 +1,165 @@ [ + { + "id": 127698499, + "name": "cve-2018-6574", + "full_name": "acole76\/cve-2018-6574", + "owner": { + "login": "acole76", + "id": 1920278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1920278?v=4", + "html_url": "https:\/\/github.com\/acole76" + }, + "html_url": "https:\/\/github.com\/acole76\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-04-02T03:34:29Z", + "updated_at": "2018-04-02T03:44:17Z", + "pushed_at": "2018-04-02T03:44:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 130792609, + "name": "CVE-2018-6574-POC", + "full_name": "neargle\/CVE-2018-6574-POC", + "owner": { + "login": "neargle", + "id": 7868679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7868679?v=4", + "html_url": "https:\/\/github.com\/neargle" + }, + "html_url": "https:\/\/github.com\/neargle\/CVE-2018-6574-POC", + "description": "CVE-2018-6574 POC : golang 'go get' remote command execution during source code build", + "fork": false, + "created_at": "2018-04-24T03:44:20Z", + "updated_at": "2020-11-01T09:29:29Z", + "pushed_at": "2018-04-24T16:32:22Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 13, + "forks": 13, + "watchers": 22, + "score": 0 + }, + { + "id": 133783468, + "name": "go-get-rce", + "full_name": "willbo4r\/go-get-rce", + "owner": { + "login": "willbo4r", + "id": 13272847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13272847?v=4", + "html_url": "https:\/\/github.com\/willbo4r" + }, + "html_url": "https:\/\/github.com\/willbo4r\/go-get-rce", + "description": "CVE-2018-6574 for pentesterLAB", + "fork": false, + "created_at": "2018-05-17T08:32:40Z", + "updated_at": "2018-05-17T08:33:33Z", + "pushed_at": "2018-05-17T08:33:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 134137690, + "name": "go-get-rce", + "full_name": "ahmetmanga\/go-get-rce", + "owner": { + "login": "ahmetmanga", + "id": 25594206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25594206?v=4", + "html_url": "https:\/\/github.com\/ahmetmanga" + }, + "html_url": "https:\/\/github.com\/ahmetmanga\/go-get-rce", + "description": "cve-2018-6574 @pentesterlab", + "fork": false, + "created_at": "2018-05-20T09:39:15Z", + "updated_at": "2018-05-20T09:40:53Z", + "pushed_at": "2018-05-20T09:40:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 134184478, + "name": "cve-2018-6574", + "full_name": "ahmetmanga\/cve-2018-6574", + "owner": { + "login": "ahmetmanga", + "id": 25594206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25594206?v=4", + "html_url": "https:\/\/github.com\/ahmetmanga" + }, + "html_url": "https:\/\/github.com\/ahmetmanga\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-05-20T20:32:15Z", + "updated_at": "2018-05-20T20:33:17Z", + "pushed_at": "2018-05-20T20:33:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 150020637, + "name": "cve-2018-6574", + "full_name": "kenprice\/cve-2018-6574", + "owner": { + "login": "kenprice", + "id": 8813522, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8813522?v=4", + "html_url": "https:\/\/github.com\/kenprice" + }, + "html_url": "https:\/\/github.com\/kenprice\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-09-23T20:00:38Z", + "updated_at": "2018-09-23T20:17:54Z", + "pushed_at": "2018-09-23T20:16:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 155760240, + "name": "cve-2018-6574", + "full_name": "redirected\/cve-2018-6574", + "owner": { + "login": "redirected", + "id": 11227335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11227335?v=4", + "html_url": "https:\/\/github.com\/redirected" + }, + "html_url": "https:\/\/github.com\/redirected\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-11-01T18:44:35Z", + "updated_at": "2018-11-01T18:57:35Z", + "pushed_at": "2018-11-01T18:57:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 162044535, "name": "CVE-2018-6574-POC", diff --git a/2018/CVE-2018-6643.json b/2018/CVE-2018-6643.json new file mode 100644 index 0000000000..178d45d2bb --- /dev/null +++ b/2018/CVE-2018-6643.json @@ -0,0 +1,25 @@ +[ + { + "id": 146195248, + "name": "CVE-2018-6643", + "full_name": "undefinedmode\/CVE-2018-6643", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2018-6643", + "description": "CVE-2018-6643", + "fork": false, + "created_at": "2018-08-26T16:03:08Z", + "updated_at": "2018-08-27T13:36:10Z", + "pushed_at": "2018-08-28T23:03:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6789.json b/2018/CVE-2018-6789.json index e589fe6ff1..dbb7f5fa74 100644 --- a/2018/CVE-2018-6789.json +++ b/2018/CVE-2018-6789.json @@ -1,4 +1,27 @@ [ + { + "id": 125541441, + "name": "exim-vuln-poc", + "full_name": "c0llision\/exim-vuln-poc", + "owner": { + "login": "c0llision", + "id": 32601427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32601427?v=4", + "html_url": "https:\/\/github.com\/c0llision" + }, + "html_url": "https:\/\/github.com\/c0llision\/exim-vuln-poc", + "description": "CVE-2018-6789", + "fork": false, + "created_at": "2018-03-16T16:21:22Z", + "updated_at": "2018-05-03T17:20:25Z", + "pushed_at": "2018-05-03T17:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 156674030, "name": "CVE-2018-6789", diff --git a/2018/CVE-2018-6791.json b/2018/CVE-2018-6791.json new file mode 100644 index 0000000000..f485277905 --- /dev/null +++ b/2018/CVE-2018-6791.json @@ -0,0 +1,25 @@ +[ + { + "id": 121303569, + "name": "KDE_Vuln", + "full_name": "rarar0\/KDE_Vuln", + "owner": { + "login": "rarar0", + "id": 14985119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14985119?v=4", + "html_url": "https:\/\/github.com\/rarar0" + }, + "html_url": "https:\/\/github.com\/rarar0\/KDE_Vuln", + "description": "CVE-2018-6791 Troubleshooting", + "fork": false, + "created_at": "2018-02-12T21:21:29Z", + "updated_at": "2019-01-03T01:14:32Z", + "pushed_at": "2018-02-13T21:14:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6890.json b/2018/CVE-2018-6890.json new file mode 100644 index 0000000000..b1ee228e85 --- /dev/null +++ b/2018/CVE-2018-6890.json @@ -0,0 +1,25 @@ +[ + { + "id": 121122391, + "name": "WolfCMS-XSS-POC", + "full_name": "pradeepjairamani\/WolfCMS-XSS-POC", + "owner": { + "login": "pradeepjairamani", + "id": 24669027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24669027?v=4", + "html_url": "https:\/\/github.com\/pradeepjairamani" + }, + "html_url": "https:\/\/github.com\/pradeepjairamani\/WolfCMS-XSS-POC", + "description": "WolfCMS-v0.8.3.1 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6890", + "fork": false, + "created_at": "2018-02-11T12:43:41Z", + "updated_at": "2018-04-15T22:32:05Z", + "pushed_at": "2018-04-08T07:41:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6892.json b/2018/CVE-2018-6892.json index 443757fd8a..490885f799 100644 --- a/2018/CVE-2018-6892.json +++ b/2018/CVE-2018-6892.json @@ -1,4 +1,50 @@ [ + { + "id": 135526594, + "name": "CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "full_name": "manojcode\/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode" + }, + "html_url": "https:\/\/github.com\/manojcode\/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "description": "My version - CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass on Win7 x64 CVE-2018-6892", + "fork": false, + "created_at": "2018-05-31T03:25:02Z", + "updated_at": "2018-06-04T01:09:39Z", + "pushed_at": "2018-06-04T01:09:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 135564232, + "name": "-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "full_name": "manojcode\/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode" + }, + "html_url": "https:\/\/github.com\/manojcode\/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "description": "My version - [Win10 x64] CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass CVE-2018-6892", + "fork": false, + "created_at": "2018-05-31T09:44:07Z", + "updated_at": "2018-05-31T16:18:39Z", + "pushed_at": "2018-05-31T09:45:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 281250144, "name": "CVE-2018-6892-Golang", diff --git a/2018/CVE-2018-6905.json b/2018/CVE-2018-6905.json new file mode 100644 index 0000000000..dace564a8b --- /dev/null +++ b/2018/CVE-2018-6905.json @@ -0,0 +1,25 @@ +[ + { + "id": 128607175, + "name": "TYPO3-XSS-POC", + "full_name": "pradeepjairamani\/TYPO3-XSS-POC", + "owner": { + "login": "pradeepjairamani", + "id": 24669027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24669027?v=4", + "html_url": "https:\/\/github.com\/pradeepjairamani" + }, + "html_url": "https:\/\/github.com\/pradeepjairamani\/TYPO3-XSS-POC", + "description": "Typo3 -v9.1.0 Persistent Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6905", + "fork": false, + "created_at": "2018-04-08T06:34:34Z", + "updated_at": "2019-01-18T12:19:17Z", + "pushed_at": "2018-04-08T07:42:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7171.json b/2018/CVE-2018-7171.json new file mode 100644 index 0000000000..b2acb26048 --- /dev/null +++ b/2018/CVE-2018-7171.json @@ -0,0 +1,25 @@ +[ + { + "id": 116845038, + "name": "sharingIsCaring", + "full_name": "mechanico\/sharingIsCaring", + "owner": { + "login": "mechanico", + "id": 32109749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32109749?v=4", + "html_url": "https:\/\/github.com\/mechanico" + }, + "html_url": "https:\/\/github.com\/mechanico\/sharingIsCaring", + "description": "TwonkyMedia Server 7.0.11-8.5 Directory Traversal CVE-2018-7171", + "fork": false, + "created_at": "2018-01-09T17:01:45Z", + "updated_at": "2020-07-11T06:38:46Z", + "pushed_at": "2018-06-03T14:54:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 7, + "forks": 7, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7197.json b/2018/CVE-2018-7197.json new file mode 100644 index 0000000000..b7a689f628 --- /dev/null +++ b/2018/CVE-2018-7197.json @@ -0,0 +1,25 @@ +[ + { + "id": 122677679, + "name": "CVE-2018-7197", + "full_name": "Alyssa-o-Herrera\/CVE-2018-7197", + "owner": { + "login": "Alyssa-o-Herrera", + "id": 27867026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27867026?v=4", + "html_url": "https:\/\/github.com\/Alyssa-o-Herrera" + }, + "html_url": "https:\/\/github.com\/Alyssa-o-Herrera\/CVE-2018-7197", + "description": "CVE-2018-7197 Write up", + "fork": false, + "created_at": "2018-02-23T22:06:51Z", + "updated_at": "2018-10-04T17:25:29Z", + "pushed_at": "2018-02-23T22:07:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7211.json b/2018/CVE-2018-7211.json new file mode 100644 index 0000000000..c20bfdabc3 --- /dev/null +++ b/2018/CVE-2018-7211.json @@ -0,0 +1,25 @@ +[ + { + "id": 121942694, + "name": "CVE-2018-7211-PoC", + "full_name": "c3r34lk1ll3r\/CVE-2018-7211-PoC", + "owner": { + "login": "c3r34lk1ll3r", + "id": 12492834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12492834?v=4", + "html_url": "https:\/\/github.com\/c3r34lk1ll3r" + }, + "html_url": "https:\/\/github.com\/c3r34lk1ll3r\/CVE-2018-7211-PoC", + "description": "This is the original PoC of CVE-2018-7211", + "fork": false, + "created_at": "2018-02-18T10:47:00Z", + "updated_at": "2018-02-18T10:48:45Z", + "pushed_at": "2018-02-18T10:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7249.json b/2018/CVE-2018-7249.json new file mode 100644 index 0000000000..80d74dff56 --- /dev/null +++ b/2018/CVE-2018-7249.json @@ -0,0 +1,25 @@ +[ + { + "id": 122389904, + "name": "NotSecDrv", + "full_name": "Elvin9\/NotSecDrv", + "owner": { + "login": "Elvin9", + "id": 10520535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10520535?v=4", + "html_url": "https:\/\/github.com\/Elvin9" + }, + "html_url": "https:\/\/github.com\/Elvin9\/NotSecDrv", + "description": "A PoC for CVE-2018-7249", + "fork": false, + "created_at": "2018-02-21T20:31:09Z", + "updated_at": "2020-10-21T22:15:43Z", + "pushed_at": "2018-03-01T19:06:50Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 8, + "forks": 8, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7250.json b/2018/CVE-2018-7250.json new file mode 100644 index 0000000000..f0328ed393 --- /dev/null +++ b/2018/CVE-2018-7250.json @@ -0,0 +1,25 @@ +[ + { + "id": 122391619, + "name": "SecDrvPoolLeak", + "full_name": "Elvin9\/SecDrvPoolLeak", + "owner": { + "login": "Elvin9", + "id": 10520535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10520535?v=4", + "html_url": "https:\/\/github.com\/Elvin9" + }, + "html_url": "https:\/\/github.com\/Elvin9\/SecDrvPoolLeak", + "description": "A PoC for CVE-2018-7250", + "fork": false, + "created_at": "2018-02-21T20:47:39Z", + "updated_at": "2020-10-21T22:15:43Z", + "pushed_at": "2018-02-27T11:10:01Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 4, + "forks": 4, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7422.json b/2018/CVE-2018-7422.json new file mode 100644 index 0000000000..453eea5d4a --- /dev/null +++ b/2018/CVE-2018-7422.json @@ -0,0 +1,25 @@ +[ + { + "id": 156874990, + "name": "CVE-2018-7422", + "full_name": "0x00-0x00\/CVE-2018-7422", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-7422", + "description": "Wordpress plugin Site-Editor v1.1.1 LFI exploit", + "fork": false, + "created_at": "2018-11-09T14:42:57Z", + "updated_at": "2019-09-27T14:14:03Z", + "pushed_at": "2018-11-09T14:43:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7489.json b/2018/CVE-2018-7489.json new file mode 100644 index 0000000000..13768fc252 --- /dev/null +++ b/2018/CVE-2018-7489.json @@ -0,0 +1,25 @@ +[ + { + "id": 158225407, + "name": "CVE-2018-7489", + "full_name": "tafamace\/CVE-2018-7489", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-7489", + "description": null, + "fork": false, + "created_at": "2018-11-19T13:13:27Z", + "updated_at": "2018-11-19T13:23:28Z", + "pushed_at": "2018-11-19T13:23:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json index aba11a1ffa..66b9df1f76 100644 --- a/2018/CVE-2018-7600.json +++ b/2018/CVE-2018-7600.json @@ -1,4 +1,27 @@ [ + { + "id": 127405676, + "name": "CVE-2018-7600-Drupal-RCE", + "full_name": "g0rx\/CVE-2018-7600-Drupal-RCE", + "owner": { + "login": "g0rx", + "id": 10961397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10961397?v=4", + "html_url": "https:\/\/github.com\/g0rx" + }, + "html_url": "https:\/\/github.com\/g0rx\/CVE-2018-7600-Drupal-RCE", + "description": "CVE-2018-7600 Drupal RCE", + "fork": false, + "created_at": "2018-03-30T08:52:54Z", + "updated_at": "2020-11-25T13:33:13Z", + "pushed_at": "2018-04-18T06:58:39Z", + "stargazers_count": 110, + "watchers_count": 110, + "forks_count": 49, + "forks": 49, + "watchers": 110, + "score": 0 + }, { "id": 127436541, "name": "CVE-2018-7600", @@ -45,6 +68,351 @@ "watchers": 459, "score": 0 }, + { + "id": 129384553, + "name": "CVE-2018-7600", + "full_name": "knqyf263\/CVE-2018-7600", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-7600", + "description": "CVE-2018-7600 (Drupal)", + "fork": false, + "created_at": "2018-04-13T10:04:36Z", + "updated_at": "2020-04-04T18:09:28Z", + "pushed_at": "2018-11-17T14:47:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 129500604, + "name": "CVE-2018-7600-Drupal-0day-RCE", + "full_name": "dr-iman\/CVE-2018-7600-Drupal-0day-RCE", + "owner": { + "login": "dr-iman", + "id": 25507113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25507113?v=4", + "html_url": "https:\/\/github.com\/dr-iman" + }, + "html_url": "https:\/\/github.com\/dr-iman\/CVE-2018-7600-Drupal-0day-RCE", + "description": "Drupal 0day Remote PHP Code Execution (Perl)", + "fork": false, + "created_at": "2018-04-14T09:02:54Z", + "updated_at": "2020-04-06T19:37:49Z", + "pushed_at": "2018-04-14T09:06:44Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 7, + "forks": 7, + "watchers": 7, + "score": 0 + }, + { + "id": 129514721, + "name": "drupalgeddon2", + "full_name": "jirojo2\/drupalgeddon2", + "owner": { + "login": "jirojo2", + "id": 3594710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3594710?v=4", + "html_url": "https:\/\/github.com\/jirojo2" + }, + "html_url": "https:\/\/github.com\/jirojo2\/drupalgeddon2", + "description": "MSF exploit module for Drupalgeddon 2 (CVE-2018-7600 \/ SA-CORE-2018-002)", + "fork": false, + "created_at": "2018-04-14T12:26:10Z", + "updated_at": "2018-04-26T08:15:06Z", + "pushed_at": "2018-04-14T23:48:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + }, + { + "id": 129543577, + "name": "CVE-2018-7600", + "full_name": "dwisiswant0\/CVE-2018-7600", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2018-7600", + "description": "PoC for CVE-2018-7600 Drupal SA-CORE-2018-002 (Drupalgeddon 2).", + "fork": false, + "created_at": "2018-04-14T18:26:26Z", + "updated_at": "2018-05-07T09:33:54Z", + "pushed_at": "2018-04-14T20:52:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 129569913, + "name": "CVE-2018-7600", + "full_name": "thehappydinoa\/CVE-2018-7600", + "owner": { + "login": "thehappydinoa", + "id": 30162978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30162978?v=4", + "html_url": "https:\/\/github.com\/thehappydinoa" + }, + "html_url": "https:\/\/github.com\/thehappydinoa\/CVE-2018-7600", + "description": "Proof-of-Concept for Drupal CVE-2018-7600 \/ SA-CORE-2018-002", + "fork": false, + "created_at": "2018-04-15T02:21:59Z", + "updated_at": "2019-12-30T13:14:00Z", + "pushed_at": "2018-05-04T00:53:24Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 0, + "forks": 0, + "watchers": 6, + "score": 0 + }, + { + "id": 129605925, + "name": "CVE-2018-7600", + "full_name": "sl4cky\/CVE-2018-7600", + "owner": { + "login": "sl4cky", + "id": 13188087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13188087?v=4", + "html_url": "https:\/\/github.com\/sl4cky" + }, + "html_url": "https:\/\/github.com\/sl4cky\/CVE-2018-7600", + "description": "Testing and exploitation tool for Drupalgeddon 2 (CVE-2018-7600)", + "fork": false, + "created_at": "2018-04-15T12:01:41Z", + "updated_at": "2020-07-09T18:52:40Z", + "pushed_at": "2018-04-15T12:31:03Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 5, + "forks": 5, + "watchers": 6, + "score": 0 + }, + { + "id": 129620689, + "name": "CVE-2018-7600-Masschecker", + "full_name": "sl4cky\/CVE-2018-7600-Masschecker", + "owner": { + "login": "sl4cky", + "id": 13188087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13188087?v=4", + "html_url": "https:\/\/github.com\/sl4cky" + }, + "html_url": "https:\/\/github.com\/sl4cky\/CVE-2018-7600-Masschecker", + "description": "Tool to check for CVE-2018-7600 vulnerability on several URLS", + "fork": false, + "created_at": "2018-04-15T14:56:35Z", + "updated_at": "2020-07-09T18:52:40Z", + "pushed_at": "2018-04-15T14:58:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 129800155, + "name": "CVE-2018-7600", + "full_name": "FireFart\/CVE-2018-7600", + "owner": { + "login": "FireFart", + "id": 105281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105281?v=4", + "html_url": "https:\/\/github.com\/FireFart" + }, + "html_url": "https:\/\/github.com\/FireFart\/CVE-2018-7600", + "description": "CVE-2018-7600 - Drupal 7.x RCE", + "fork": false, + "created_at": "2018-04-16T20:16:21Z", + "updated_at": "2020-12-17T09:40:30Z", + "pushed_at": "2018-04-18T20:34:19Z", + "stargazers_count": 68, + "watchers_count": 68, + "forks_count": 36, + "forks": 36, + "watchers": 68, + "score": 0 + }, + { + "id": 129927277, + "name": "CVE-2018-7600", + "full_name": "pimps\/CVE-2018-7600", + "owner": { + "login": "pimps", + "id": 11393266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11393266?v=4", + "html_url": "https:\/\/github.com\/pimps" + }, + "html_url": "https:\/\/github.com\/pimps\/CVE-2018-7600", + "description": "Exploit for Drupal 7 <= 7.57 CVE-2018-7600", + "fork": false, + "created_at": "2018-04-17T15:38:15Z", + "updated_at": "2021-02-02T23:08:14Z", + "pushed_at": "2018-04-26T15:40:28Z", + "stargazers_count": 83, + "watchers_count": 83, + "forks_count": 39, + "forks": 39, + "watchers": 83, + "score": 0 + }, + { + "id": 130154422, + "name": "drupalgeddon2", + "full_name": "lorddemon\/drupalgeddon2", + "owner": { + "login": "lorddemon", + "id": 6675738, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6675738?v=4", + "html_url": "https:\/\/github.com\/lorddemon" + }, + "html_url": "https:\/\/github.com\/lorddemon\/drupalgeddon2", + "description": "Exploit for CVE-2018-7600.. called drupalgeddon2, ", + "fork": false, + "created_at": "2018-04-19T03:31:47Z", + "updated_at": "2020-06-18T08:10:33Z", + "pushed_at": "2018-04-19T03:38:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 7, + "forks": 7, + "watchers": 4, + "score": 0 + }, + { + "id": 130868059, + "name": "drupal-check", + "full_name": "Hestat\/drupal-check", + "owner": { + "login": "Hestat", + "id": 22892300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22892300?v=4", + "html_url": "https:\/\/github.com\/Hestat" + }, + "html_url": "https:\/\/github.com\/Hestat\/drupal-check", + "description": "Tool to dive Apache logs for evidence of exploitation of CVE-2018-7600", + "fork": false, + "created_at": "2018-04-24T14:34:46Z", + "updated_at": "2018-07-08T12:46:15Z", + "pushed_at": "2018-05-08T17:30:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 131244306, + "name": "CVE-2018-7600-drupalgeddon2-scanner", + "full_name": "fyraiga\/CVE-2018-7600-drupalgeddon2-scanner", + "owner": { + "login": "fyraiga", + "id": 38775758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38775758?v=4", + "html_url": "https:\/\/github.com\/fyraiga" + }, + "html_url": "https:\/\/github.com\/fyraiga\/CVE-2018-7600-drupalgeddon2-scanner", + "description": "Drupalgeddon2 POC + Scanner (adapted)", + "fork": false, + "created_at": "2018-04-27T04:11:43Z", + "updated_at": "2020-11-19T09:06:56Z", + "pushed_at": "2018-08-08T02:58:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 131665156, + "name": "drupalgeddon-2", + "full_name": "Damian972\/drupalgeddon-2", + "owner": { + "login": "Damian972", + "id": 25445518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25445518?v=4", + "html_url": "https:\/\/github.com\/Damian972" + }, + "html_url": "https:\/\/github.com\/Damian972\/drupalgeddon-2", + "description": "Vuln checker for Drupal v7.x + v8.x (CVE-2018-7600 \/ SA-CORE-2018-002)", + "fork": false, + "created_at": "2018-05-01T01:38:43Z", + "updated_at": "2019-02-28T05:09:20Z", + "pushed_at": "2018-05-03T01:23:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 134812138, + "name": "CVE-2018-7600", + "full_name": "Jyozi\/CVE-2018-7600", + "owner": { + "login": "Jyozi", + "id": 20456656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20456656?v=4", + "html_url": "https:\/\/github.com\/Jyozi" + }, + "html_url": "https:\/\/github.com\/Jyozi\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2018-05-25T06:19:05Z", + "updated_at": "2018-05-25T06:20:54Z", + "pushed_at": "2018-05-25T06:20:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 140643631, + "name": "CVE-2018-7600", + "full_name": "happynote3966\/CVE-2018-7600", + "owner": { + "login": "happynote3966", + "id": 19719330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19719330?v=4", + "html_url": "https:\/\/github.com\/happynote3966" + }, + "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2018-07-12T01:12:44Z", + "updated_at": "2018-07-17T03:24:11Z", + "pushed_at": "2018-07-17T03:24:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 151199861, "name": "CVE-2018-7600-Drupal-RCE", diff --git a/2018/CVE-2018-7602.json b/2018/CVE-2018-7602.json index 934025888e..a25e194e0e 100644 --- a/2018/CVE-2018-7602.json +++ b/2018/CVE-2018-7602.json @@ -1,4 +1,50 @@ [ + { + "id": 131232015, + "name": "Drupalgedon3", + "full_name": "1337g\/Drupalgedon3", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/Drupalgedon3", + "description": "POC to test\/exploit drupal vulnerability SA-CORE-2018-004 \/ CVE-2018-7602", + "fork": false, + "created_at": "2018-04-27T01:59:31Z", + "updated_at": "2020-04-02T11:58:48Z", + "pushed_at": "2018-04-26T14:49:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + }, + { + "id": 140663638, + "name": "CVE-2018-7602", + "full_name": "happynote3966\/CVE-2018-7602", + "owner": { + "login": "happynote3966", + "id": 19719330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19719330?v=4", + "html_url": "https:\/\/github.com\/happynote3966" + }, + "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7602", + "description": null, + "fork": false, + "created_at": "2018-07-12T05:08:14Z", + "updated_at": "2018-07-17T02:57:18Z", + "pushed_at": "2018-07-17T02:57:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 155205612, "name": "CVE-2018-7602", diff --git a/2018/CVE-2018-7747.json b/2018/CVE-2018-7747.json new file mode 100644 index 0000000000..62c96c854a --- /dev/null +++ b/2018/CVE-2018-7747.json @@ -0,0 +1,25 @@ +[ + { + "id": 130383133, + "name": "CVE-2018-7747", + "full_name": "mindpr00f\/CVE-2018-7747", + "owner": { + "login": "mindpr00f", + "id": 38467006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38467006?v=4", + "html_url": "https:\/\/github.com\/mindpr00f" + }, + "html_url": "https:\/\/github.com\/mindpr00f\/CVE-2018-7747", + "description": "CalderaForms 1.5.9.1 XSS (WordPress plugin) - tutorial", + "fork": false, + "created_at": "2018-04-20T15:49:23Z", + "updated_at": "2018-04-21T13:40:18Z", + "pushed_at": "2018-04-21T13:40:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7750.json b/2018/CVE-2018-7750.json new file mode 100644 index 0000000000..cab1dc65d7 --- /dev/null +++ b/2018/CVE-2018-7750.json @@ -0,0 +1,25 @@ +[ + { + "id": 156363089, + "name": "CVE-2018-7750", + "full_name": "jm33-m0\/CVE-2018-7750", + "owner": { + "login": "jm33-m0", + "id": 10167884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10167884?v=4", + "html_url": "https:\/\/github.com\/jm33-m0" + }, + "html_url": "https:\/\/github.com\/jm33-m0\/CVE-2018-7750", + "description": "an RCE (remote command execution) approach of CVE-2018-7750", + "fork": false, + "created_at": "2018-11-06T10:01:13Z", + "updated_at": "2020-04-06T10:57:16Z", + "pushed_at": "2018-11-06T10:10:31Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 8, + "forks": 8, + "watchers": 17, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8021.json b/2018/CVE-2018-8021.json new file mode 100644 index 0000000000..b29b64efee --- /dev/null +++ b/2018/CVE-2018-8021.json @@ -0,0 +1,25 @@ +[ + { + "id": 160079576, + "name": "Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021", + "full_name": "r3dxpl0it\/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021", + "description": "CVE-2018-8021 Proof-Of-Concept and Exploit ", + "fork": false, + "created_at": "2018-12-02T19:01:17Z", + "updated_at": "2020-12-14T07:02:58Z", + "pushed_at": "2018-12-03T21:13:00Z", + "stargazers_count": 104, + "watchers_count": 104, + "forks_count": 18, + "forks": 18, + "watchers": 104, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8038.json b/2018/CVE-2018-8038.json new file mode 100644 index 0000000000..b64100d260 --- /dev/null +++ b/2018/CVE-2018-8038.json @@ -0,0 +1,25 @@ +[ + { + "id": 158217015, + "name": "CVE-2018-8038", + "full_name": "tafamace\/CVE-2018-8038", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-8038", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:14:45Z", + "updated_at": "2018-11-19T12:37:32Z", + "pushed_at": "2018-11-19T12:37:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8039.json b/2018/CVE-2018-8039.json new file mode 100644 index 0000000000..744f3612c7 --- /dev/null +++ b/2018/CVE-2018-8039.json @@ -0,0 +1,25 @@ +[ + { + "id": 158216115, + "name": "CVE-2018-8039", + "full_name": "tafamace\/CVE-2018-8039", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-8039", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:08:07Z", + "updated_at": "2018-11-19T12:29:15Z", + "pushed_at": "2018-11-19T12:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8060.json b/2018/CVE-2018-8060.json new file mode 100644 index 0000000000..72f3b904bb --- /dev/null +++ b/2018/CVE-2018-8060.json @@ -0,0 +1,25 @@ +[ + { + "id": 131338446, + "name": "SIOCtl", + "full_name": "otavioarj\/SIOCtl", + "owner": { + "login": "otavioarj", + "id": 851029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/851029?v=4", + "html_url": "https:\/\/github.com\/otavioarj" + }, + "html_url": "https:\/\/github.com\/otavioarj\/SIOCtl", + "description": "Simple IOCTL dispatcher for CVE-2018-8060\/8061", + "fork": false, + "created_at": "2018-04-27T19:45:20Z", + "updated_at": "2019-01-22T23:13:45Z", + "pushed_at": "2018-05-09T22:05:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8065.json b/2018/CVE-2018-8065.json new file mode 100644 index 0000000000..a02d978d94 --- /dev/null +++ b/2018/CVE-2018-8065.json @@ -0,0 +1,25 @@ +[ + { + "id": 134886212, + "name": "CVE-2018-8065", + "full_name": "EgeBalci\/CVE-2018-8065", + "owner": { + "login": "EgeBalci", + "id": 17179401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17179401?v=4", + "html_url": "https:\/\/github.com\/EgeBalci" + }, + "html_url": "https:\/\/github.com\/EgeBalci\/CVE-2018-8065", + "description": "Flexense HTTP Server <= 10.6.24 - Denial Of Service Exploit", + "fork": false, + "created_at": "2018-05-25T17:31:05Z", + "updated_at": "2020-09-09T15:23:11Z", + "pushed_at": "2018-09-03T18:25:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 5, + "forks": 5, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8078.json b/2018/CVE-2018-8078.json new file mode 100644 index 0000000000..c3259a0634 --- /dev/null +++ b/2018/CVE-2018-8078.json @@ -0,0 +1,25 @@ +[ + { + "id": 124507539, + "name": "YZMCMSxss", + "full_name": "AlwaysHereFight\/YZMCMSxss", + "owner": { + "login": "AlwaysHereFight", + "id": 21152658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21152658?v=4", + "html_url": "https:\/\/github.com\/AlwaysHereFight" + }, + "html_url": "https:\/\/github.com\/AlwaysHereFight\/YZMCMSxss", + "description": "YZMCMS v3.7最新版xss漏洞 CVE-2018-8078", + "fork": false, + "created_at": "2018-03-09T07:56:56Z", + "updated_at": "2020-01-30T09:51:26Z", + "pushed_at": "2018-03-13T02:44:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 2, + "forks": 2, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8090.json b/2018/CVE-2018-8090.json new file mode 100644 index 0000000000..7bc3cc026a --- /dev/null +++ b/2018/CVE-2018-8090.json @@ -0,0 +1,25 @@ +[ + { + "id": 141976453, + "name": "CVE-2018-8090", + "full_name": "kernelm0de\/CVE-2018-8090", + "owner": { + "login": "kernelm0de", + "id": 30472260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30472260?v=4", + "html_url": "https:\/\/github.com\/kernelm0de" + }, + "html_url": "https:\/\/github.com\/kernelm0de\/CVE-2018-8090", + "description": "DLL Hijacking in Quickheal Total Security\/ Internet Security\/ Antivirus Pro (Installers)", + "fork": false, + "created_at": "2018-07-23T07:17:07Z", + "updated_at": "2019-01-22T12:46:02Z", + "pushed_at": "2018-07-26T13:39:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8108.json b/2018/CVE-2018-8108.json new file mode 100644 index 0000000000..473f58b432 --- /dev/null +++ b/2018/CVE-2018-8108.json @@ -0,0 +1,25 @@ +[ + { + "id": 125155388, + "name": "BUI-select-xss", + "full_name": "zlgxzswjy\/BUI-select-xss", + "owner": { + "login": "zlgxzswjy", + "id": 12388719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12388719?v=4", + "html_url": "https:\/\/github.com\/zlgxzswjy" + }, + "html_url": "https:\/\/github.com\/zlgxzswjy\/BUI-select-xss", + "description": "cve-2018-8108", + "fork": false, + "created_at": "2018-03-14T04:32:01Z", + "updated_at": "2018-03-14T04:54:50Z", + "pushed_at": "2018-03-14T04:54:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8120.json b/2018/CVE-2018-8120.json index 375cec4ea4..bbd80105bf 100644 --- a/2018/CVE-2018-8120.json +++ b/2018/CVE-2018-8120.json @@ -1,4 +1,165 @@ [ + { + "id": 133785986, + "name": "cve-2018-8120", + "full_name": "bigric3\/cve-2018-8120", + "owner": { + "login": "bigric3", + "id": 22165361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22165361?v=4", + "html_url": "https:\/\/github.com\/bigric3" + }, + "html_url": "https:\/\/github.com\/bigric3\/cve-2018-8120", + "description": null, + "fork": false, + "created_at": "2018-05-17T08:51:39Z", + "updated_at": "2020-12-18T03:54:01Z", + "pushed_at": "2018-05-18T07:49:45Z", + "stargazers_count": 165, + "watchers_count": 165, + "forks_count": 71, + "forks": 71, + "watchers": 165, + "score": 0 + }, + { + "id": 134023459, + "name": "CVE-2018-8120", + "full_name": "unamer\/CVE-2018-8120", + "owner": { + "login": "unamer", + "id": 12728984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12728984?v=4", + "html_url": "https:\/\/github.com\/unamer" + }, + "html_url": "https:\/\/github.com\/unamer\/CVE-2018-8120", + "description": "CVE-2018-8120 Windows LPE exploit", + "fork": false, + "created_at": "2018-05-19T02:43:15Z", + "updated_at": "2021-01-25T03:33:07Z", + "pushed_at": "2018-05-30T13:09:54Z", + "stargazers_count": 447, + "watchers_count": 447, + "forks_count": 206, + "forks": 206, + "watchers": 447, + "score": 0 + }, + { + "id": 136113184, + "name": "cve-2018-8120", + "full_name": "ne1llee\/cve-2018-8120", + "owner": { + "login": "ne1llee", + "id": 12810839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12810839?v=4", + "html_url": "https:\/\/github.com\/ne1llee" + }, + "html_url": "https:\/\/github.com\/ne1llee\/cve-2018-8120", + "description": null, + "fork": false, + "created_at": "2018-06-05T03:12:52Z", + "updated_at": "2020-07-02T08:47:02Z", + "pushed_at": "2018-06-05T03:48:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + }, + { + "id": 136446726, + "name": "CVE-2018-8120", + "full_name": "alpha1ab\/CVE-2018-8120", + "owner": { + "login": "alpha1ab", + "id": 39789275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39789275?v=4", + "html_url": "https:\/\/github.com\/alpha1ab" + }, + "html_url": "https:\/\/github.com\/alpha1ab\/CVE-2018-8120", + "description": "CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7 ", + "fork": false, + "created_at": "2018-06-07T08:30:07Z", + "updated_at": "2020-12-20T17:04:55Z", + "pushed_at": "2018-08-08T05:48:24Z", + "stargazers_count": 278, + "watchers_count": 278, + "forks_count": 121, + "forks": 121, + "watchers": 278, + "score": 0 + }, + { + "id": 137569820, + "name": "CVE-2018-8120", + "full_name": "areuu\/CVE-2018-8120", + "owner": { + "login": "areuu", + "id": 15951836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15951836?v=4", + "html_url": "https:\/\/github.com\/areuu" + }, + "html_url": "https:\/\/github.com\/areuu\/CVE-2018-8120", + "description": "CVE-2018-8120 POC", + "fork": false, + "created_at": "2018-06-16T09:40:27Z", + "updated_at": "2019-11-21T07:01:19Z", + "pushed_at": "2018-06-16T10:18:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 140512208, + "name": "CVE-2018-8120", + "full_name": "EVOL4\/CVE-2018-8120", + "owner": { + "login": "EVOL4", + "id": 26862344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26862344?v=4", + "html_url": "https:\/\/github.com\/EVOL4" + }, + "html_url": "https:\/\/github.com\/EVOL4\/CVE-2018-8120", + "description": "dd", + "fork": false, + "created_at": "2018-07-11T02:41:16Z", + "updated_at": "2018-11-16T12:24:05Z", + "pushed_at": "2018-08-10T13:06:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 144975276, + "name": "CVE-2018-8120", + "full_name": "ozkanbilge\/CVE-2018-8120", + "owner": { + "login": "ozkanbilge", + "id": 39211596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39211596?v=4", + "html_url": "https:\/\/github.com\/ozkanbilge" + }, + "html_url": "https:\/\/github.com\/ozkanbilge\/CVE-2018-8120", + "description": "CVE-2018-8120 Windows LPE exploit", + "fork": false, + "created_at": "2018-08-16T10:51:00Z", + "updated_at": "2020-10-20T17:21:43Z", + "pushed_at": "2018-08-16T10:53:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 162424739, "name": "CVE-2018-8120", diff --git a/2018/CVE-2018-8172.json b/2018/CVE-2018-8172.json new file mode 100644 index 0000000000..5e4d083932 --- /dev/null +++ b/2018/CVE-2018-8172.json @@ -0,0 +1,25 @@ +[ + { + "id": 145187210, + "name": "CVE-2018-8172", + "full_name": "SyFi\/CVE-2018-8172", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8172", + "description": "Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2018-08-18T03:37:15Z", + "updated_at": "2020-10-21T22:16:11Z", + "pushed_at": "2018-08-18T03:56:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8174.json b/2018/CVE-2018-8174.json index eaf397f62e..802ea2810c 100644 --- a/2018/CVE-2018-8174.json +++ b/2018/CVE-2018-8174.json @@ -1,4 +1,142 @@ [ + { + "id": 134479769, + "name": "CVE-2018-8174-msf", + "full_name": "0x09AL\/CVE-2018-8174-msf", + "owner": { + "login": "0x09AL", + "id": 25826294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25826294?v=4", + "html_url": "https:\/\/github.com\/0x09AL" + }, + "html_url": "https:\/\/github.com\/0x09AL\/CVE-2018-8174-msf", + "description": "CVE-2018-8174 - VBScript memory corruption exploit.", + "fork": false, + "created_at": "2018-05-22T21:50:32Z", + "updated_at": "2021-02-01T03:18:48Z", + "pushed_at": "2018-05-23T20:43:58Z", + "stargazers_count": 165, + "watchers_count": 165, + "forks_count": 79, + "forks": 79, + "watchers": 165, + "score": 0 + }, + { + "id": 135381512, + "name": "CVE-2018-8174_EXP", + "full_name": "Yt1g3r\/CVE-2018-8174_EXP", + "owner": { + "login": "Yt1g3r", + "id": 12625147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4", + "html_url": "https:\/\/github.com\/Yt1g3r" + }, + "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2018-8174_EXP", + "description": "CVE-2018-8174_python", + "fork": false, + "created_at": "2018-05-30T03:12:32Z", + "updated_at": "2021-01-18T05:06:16Z", + "pushed_at": "2018-05-30T03:33:14Z", + "stargazers_count": 131, + "watchers_count": 131, + "forks_count": 58, + "forks": 58, + "watchers": 131, + "score": 0 + }, + { + "id": 135767741, + "name": "CVE-2018-8174", + "full_name": "SyFi\/CVE-2018-8174", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8174", + "description": "MS Word MS WordPad via IE VBS Engine RCE ", + "fork": false, + "created_at": "2018-06-01T22:12:54Z", + "updated_at": "2020-10-15T19:47:06Z", + "pushed_at": "2018-06-01T22:18:59Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 11, + "forks": 11, + "watchers": 9, + "score": 0 + }, + { + "id": 138712476, + "name": "Rig-Exploit-for-CVE-2018-8174", + "full_name": "orf53975\/Rig-Exploit-for-CVE-2018-8174", + "owner": { + "login": "orf53975", + "id": 25189997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25189997?v=4", + "html_url": "https:\/\/github.com\/orf53975" + }, + "html_url": "https:\/\/github.com\/orf53975\/Rig-Exploit-for-CVE-2018-8174", + "description": "Rig Exploit for CVE-2018-8174 As with its previous campaigns, Rig’s Seamless campaign uses malvertising. In this case, the malvertisements have a hidden iframe that redirects victims to Rig’s landing page, which includes an exploit for CVE-2018-8174 and shellcode. This enables remote code execution of the shellcode obfuscated in the landing page. After successful exploitation, a second-stage downloader is retrieved, which appears to be a variant of SmokeLoader due to the URL. It would then download the final payload, a Monero miner.", + "fork": false, + "created_at": "2018-06-26T09:03:45Z", + "updated_at": "2018-11-16T12:24:05Z", + "pushed_at": "2018-06-08T14:33:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 140478620, + "name": "cve-2018-8174_analysis", + "full_name": "piotrflorczyk\/cve-2018-8174_analysis", + "owner": { + "login": "piotrflorczyk", + "id": 7830144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7830144?v=4", + "html_url": "https:\/\/github.com\/piotrflorczyk" + }, + "html_url": "https:\/\/github.com\/piotrflorczyk\/cve-2018-8174_analysis", + "description": "Analysis of VBS exploit CVE-2018-8174", + "fork": false, + "created_at": "2018-07-10T19:31:25Z", + "updated_at": "2020-08-22T07:25:12Z", + "pushed_at": "2018-07-12T08:35:13Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 16, + "forks": 16, + "watchers": 16, + "score": 0 + }, + { + "id": 147615569, + "name": "CVE-2018-8174-msf", + "full_name": "likescam\/CVE-2018-8174-msf", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-8174-msf", + "description": null, + "fork": false, + "created_at": "2018-09-06T04:03:25Z", + "updated_at": "2018-09-06T04:03:37Z", + "pushed_at": "2018-09-06T04:03:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 188212551, "name": "ie11_vbscript_exploit", diff --git a/2018/CVE-2018-8208.json b/2018/CVE-2018-8208.json new file mode 100644 index 0000000000..433d699d8b --- /dev/null +++ b/2018/CVE-2018-8208.json @@ -0,0 +1,25 @@ +[ + { + "id": 144541015, + "name": "CVE-2018-8208", + "full_name": "kaisaryousuf\/CVE-2018-8208", + "owner": { + "login": "kaisaryousuf", + "id": 27071719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27071719?v=4", + "html_url": "https:\/\/github.com\/kaisaryousuf" + }, + "html_url": "https:\/\/github.com\/kaisaryousuf\/CVE-2018-8208", + "description": null, + "fork": false, + "created_at": "2018-08-13T06:56:11Z", + "updated_at": "2018-11-12T16:22:38Z", + "pushed_at": "2018-06-21T15:06:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8214.json b/2018/CVE-2018-8214.json new file mode 100644 index 0000000000..267d75d035 --- /dev/null +++ b/2018/CVE-2018-8214.json @@ -0,0 +1,25 @@ +[ + { + "id": 138600643, + "name": "CVE-2018-8214", + "full_name": "guwudoor\/CVE-2018-8214", + "owner": { + "login": "guwudoor", + "id": 40532741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40532741?v=4", + "html_url": "https:\/\/github.com\/guwudoor" + }, + "html_url": "https:\/\/github.com\/guwudoor\/CVE-2018-8214", + "description": null, + "fork": false, + "created_at": "2018-06-25T13:43:58Z", + "updated_at": "2018-11-12T16:22:38Z", + "pushed_at": "2018-06-21T15:24:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 4, + "forks": 4, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8353.json b/2018/CVE-2018-8353.json new file mode 100644 index 0000000000..24c17a3572 --- /dev/null +++ b/2018/CVE-2018-8353.json @@ -0,0 +1,25 @@ +[ + { + "id": 148192905, + "name": "CVE-2018-8353-POC", + "full_name": "whereisr0da\/CVE-2018-8353-POC", + "owner": { + "login": "whereisr0da", + "id": 37551872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37551872?v=4", + "html_url": "https:\/\/github.com\/whereisr0da" + }, + "html_url": "https:\/\/github.com\/whereisr0da\/CVE-2018-8353-POC", + "description": "Simple poc of CVE-2018-8353 Microsoft Scripting Engine Use After Free", + "fork": false, + "created_at": "2018-09-10T17:28:05Z", + "updated_at": "2018-10-15T01:07:56Z", + "pushed_at": "2018-09-10T17:32:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 4, + "forks": 4, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8420.json b/2018/CVE-2018-8420.json new file mode 100644 index 0000000000..7023a6c566 --- /dev/null +++ b/2018/CVE-2018-8420.json @@ -0,0 +1,25 @@ +[ + { + "id": 148446677, + "name": "CVE-2018-8420", + "full_name": "idkwim\/CVE-2018-8420", + "owner": { + "login": "idkwim", + "id": 4337087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4337087?v=4", + "html_url": "https:\/\/github.com\/idkwim" + }, + "html_url": "https:\/\/github.com\/idkwim\/CVE-2018-8420", + "description": null, + "fork": false, + "created_at": "2018-09-12T08:22:54Z", + "updated_at": "2020-10-21T22:16:16Z", + "pushed_at": "2018-09-12T03:50:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 53, + "forks": 53, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8440.json b/2018/CVE-2018-8440.json new file mode 100644 index 0000000000..81941bb7d7 --- /dev/null +++ b/2018/CVE-2018-8440.json @@ -0,0 +1,25 @@ +[ + { + "id": 155593957, + "name": "CVE-2018-8440", + "full_name": "sourceincite\/CVE-2018-8440", + "owner": { + "login": "sourceincite", + "id": 13770985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13770985?v=4", + "html_url": "https:\/\/github.com\/sourceincite" + }, + "html_url": "https:\/\/github.com\/sourceincite\/CVE-2018-8440", + "description": "CVE-2018-8440 standalone exploit", + "fork": false, + "created_at": "2018-10-31T17:00:43Z", + "updated_at": "2021-01-14T02:30:12Z", + "pushed_at": "2018-10-31T19:05:17Z", + "stargazers_count": 72, + "watchers_count": 72, + "forks_count": 22, + "forks": 22, + "watchers": 72, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8495.json b/2018/CVE-2018-8495.json new file mode 100644 index 0000000000..980b31a679 --- /dev/null +++ b/2018/CVE-2018-8495.json @@ -0,0 +1,25 @@ +[ + { + "id": 152781400, + "name": "CVE-2018-8495-POC", + "full_name": "whereisr0da\/CVE-2018-8495-POC", + "owner": { + "login": "whereisr0da", + "id": 37551872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37551872?v=4", + "html_url": "https:\/\/github.com\/whereisr0da" + }, + "html_url": "https:\/\/github.com\/whereisr0da\/CVE-2018-8495-POC", + "description": "Simple poc of CVE-2018-8495 Microsoft Edge Remote Code Execution", + "fork": false, + "created_at": "2018-10-12T16:49:57Z", + "updated_at": "2019-01-11T09:07:45Z", + "pushed_at": "2018-10-12T16:52:34Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 8, + "forks": 8, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8733.json b/2018/CVE-2018-8733.json new file mode 100644 index 0000000000..3279f9e887 --- /dev/null +++ b/2018/CVE-2018-8733.json @@ -0,0 +1,25 @@ +[ + { + "id": 132509937, + "name": "Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed", + "full_name": "xfer0\/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed", + "owner": { + "login": "xfer0", + "id": 30201498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30201498?v=4", + "html_url": "https:\/\/github.com\/xfer0" + }, + "html_url": "https:\/\/github.com\/xfer0\/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed", + "description": "Fixed exploit for Nagios CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736 https:\/\/www.exploit-db.com\/exploits\/44560\/", + "fork": false, + "created_at": "2018-05-07T19:55:36Z", + "updated_at": "2020-04-27T15:35:39Z", + "pushed_at": "2018-05-07T19:55:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8820.json b/2018/CVE-2018-8820.json new file mode 100644 index 0000000000..eb89ab64b7 --- /dev/null +++ b/2018/CVE-2018-8820.json @@ -0,0 +1,25 @@ +[ + { + "id": 127013387, + "name": "frevvomapexec", + "full_name": "hateshape\/frevvomapexec", + "owner": { + "login": "hateshape", + "id": 31131951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31131951?v=4", + "html_url": "https:\/\/github.com\/hateshape" + }, + "html_url": "https:\/\/github.com\/hateshape\/frevvomapexec", + "description": " PoC Exploit for CVE-2018-8820", + "fork": false, + "created_at": "2018-03-27T16:09:46Z", + "updated_at": "2019-01-29T17:35:37Z", + "pushed_at": "2018-03-27T17:00:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8897.json b/2018/CVE-2018-8897.json new file mode 100644 index 0000000000..295bfc2d93 --- /dev/null +++ b/2018/CVE-2018-8897.json @@ -0,0 +1,94 @@ +[ + { + "id": 132952646, + "name": "CVE-2018-8897", + "full_name": "nmulasmajic\/CVE-2018-8897", + "owner": { + "login": "nmulasmajic", + "id": 30013958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30013958?v=4", + "html_url": "https:\/\/github.com\/nmulasmajic" + }, + "html_url": "https:\/\/github.com\/nmulasmajic\/CVE-2018-8897", + "description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS). ", + "fork": false, + "created_at": "2018-05-10T20:46:30Z", + "updated_at": "2020-12-09T22:13:11Z", + "pushed_at": "2018-05-10T20:47:59Z", + "stargazers_count": 71, + "watchers_count": 71, + "forks_count": 28, + "forks": 28, + "watchers": 71, + "score": 0 + }, + { + "id": 133221173, + "name": "pop-mov-ss-exploit", + "full_name": "jiazhang0\/pop-mov-ss-exploit", + "owner": { + "login": "jiazhang0", + "id": 10241344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10241344?v=4", + "html_url": "https:\/\/github.com\/jiazhang0" + }, + "html_url": "https:\/\/github.com\/jiazhang0\/pop-mov-ss-exploit", + "description": "The exploitation for CVE-2018-8897", + "fork": false, + "created_at": "2018-05-13T09:05:07Z", + "updated_at": "2018-05-20T21:56:22Z", + "pushed_at": "2018-05-16T14:15:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 4, + "forks": 4, + "watchers": 3, + "score": 0 + }, + { + "id": 133268202, + "name": "CVE-2018-8897", + "full_name": "can1357\/CVE-2018-8897", + "owner": { + "login": "can1357", + "id": 11807264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11807264?v=4", + "html_url": "https:\/\/github.com\/can1357" + }, + "html_url": "https:\/\/github.com\/can1357\/CVE-2018-8897", + "description": "Arbitrary code execution with kernel privileges using CVE-2018-8897.", + "fork": false, + "created_at": "2018-05-13T19:34:17Z", + "updated_at": "2021-02-10T06:40:39Z", + "pushed_at": "2018-05-18T12:26:53Z", + "stargazers_count": 372, + "watchers_count": 372, + "forks_count": 107, + "forks": 107, + "watchers": 372, + "score": 0 + }, + { + "id": 144062105, + "name": "syscall_exploit_CVE-2018-8897", + "full_name": "nmulasmajic\/syscall_exploit_CVE-2018-8897", + "owner": { + "login": "nmulasmajic", + "id": 30013958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30013958?v=4", + "html_url": "https:\/\/github.com\/nmulasmajic" + }, + "html_url": "https:\/\/github.com\/nmulasmajic\/syscall_exploit_CVE-2018-8897", + "description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).", + "fork": false, + "created_at": "2018-08-08T20:04:56Z", + "updated_at": "2020-12-22T17:40:42Z", + "pushed_at": "2018-08-08T20:12:20Z", + "stargazers_count": 105, + "watchers_count": 105, + "forks_count": 24, + "forks": 24, + "watchers": 105, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8941.json b/2018/CVE-2018-8941.json new file mode 100644 index 0000000000..2fed54940c --- /dev/null +++ b/2018/CVE-2018-8941.json @@ -0,0 +1,25 @@ +[ + { + "id": 127970329, + "name": "CVE-2018-8941", + "full_name": "SECFORCE\/CVE-2018-8941", + "owner": { + "login": "SECFORCE", + "id": 8157384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8157384?v=4", + "html_url": "https:\/\/github.com\/SECFORCE" + }, + "html_url": "https:\/\/github.com\/SECFORCE\/CVE-2018-8941", + "description": "D-Link DSL-3782 Code Execution (Proof of Concept)", + "fork": false, + "created_at": "2018-04-03T21:22:34Z", + "updated_at": "2020-05-18T10:42:30Z", + "pushed_at": "2018-04-03T21:59:31Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 9, + "forks": 9, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8970.json b/2018/CVE-2018-8970.json new file mode 100644 index 0000000000..6acf9583ac --- /dev/null +++ b/2018/CVE-2018-8970.json @@ -0,0 +1,25 @@ +[ + { + "id": 126690207, + "name": "CVE-2018-8970", + "full_name": "tiran\/CVE-2018-8970", + "owner": { + "login": "tiran", + "id": 444071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/444071?v=4", + "html_url": "https:\/\/github.com\/tiran" + }, + "html_url": "https:\/\/github.com\/tiran\/CVE-2018-8970", + "description": "Demo for https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-8970", + "fork": false, + "created_at": "2018-03-25T11:22:47Z", + "updated_at": "2018-04-10T15:41:19Z", + "pushed_at": "2018-03-25T11:23:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9059.json b/2018/CVE-2018-9059.json new file mode 100644 index 0000000000..2cc04cdfed --- /dev/null +++ b/2018/CVE-2018-9059.json @@ -0,0 +1,25 @@ +[ + { + "id": 134121800, + "name": "easy-file-share-7.2-exploit-CVE-2018-9059", + "full_name": "manojcode\/easy-file-share-7.2-exploit-CVE-2018-9059", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode" + }, + "html_url": "https:\/\/github.com\/manojcode\/easy-file-share-7.2-exploit-CVE-2018-9059", + "description": "My version - Easy File Sharing Web Server 7.2 - 'UserID' - Win 7 'DEP' bypass ", + "fork": false, + "created_at": "2018-05-20T05:13:25Z", + "updated_at": "2018-05-21T06:49:16Z", + "pushed_at": "2018-05-21T06:49:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9075.json b/2018/CVE-2018-9075.json new file mode 100644 index 0000000000..231478bd8a --- /dev/null +++ b/2018/CVE-2018-9075.json @@ -0,0 +1,25 @@ +[ + { + "id": 150627369, + "name": "cve-2018-9075", + "full_name": "beverlymiller818\/cve-2018-9075", + "owner": { + "login": "beverlymiller818", + "id": 43651541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43651541?v=4", + "html_url": "https:\/\/github.com\/beverlymiller818" + }, + "html_url": "https:\/\/github.com\/beverlymiller818\/cve-2018-9075", + "description": null, + "fork": false, + "created_at": "2018-09-27T17:58:00Z", + "updated_at": "2018-09-27T19:26:57Z", + "pushed_at": "2018-09-27T19:27:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9160.json b/2018/CVE-2018-9160.json new file mode 100644 index 0000000000..1e77a68cfb --- /dev/null +++ b/2018/CVE-2018-9160.json @@ -0,0 +1,25 @@ +[ + { + "id": 131106110, + "name": "sickrageWTF", + "full_name": "mechanico\/sickrageWTF", + "owner": { + "login": "mechanico", + "id": 32109749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32109749?v=4", + "html_url": "https:\/\/github.com\/mechanico" + }, + "html_url": "https:\/\/github.com\/mechanico\/sickrageWTF", + "description": "CVE-2018-9160", + "fork": false, + "created_at": "2018-04-26T05:49:09Z", + "updated_at": "2018-04-26T06:38:11Z", + "pushed_at": "2018-04-26T06:38:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9206.json b/2018/CVE-2018-9206.json index d433564bd9..f0ef5557ce 100644 --- a/2018/CVE-2018-9206.json +++ b/2018/CVE-2018-9206.json @@ -1,4 +1,50 @@ [ + { + "id": 154178141, + "name": "CVE-2018-9206", + "full_name": "Den1al\/CVE-2018-9206", + "owner": { + "login": "Den1al", + "id": 7230603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7230603?v=4", + "html_url": "https:\/\/github.com\/Den1al" + }, + "html_url": "https:\/\/github.com\/Den1al\/CVE-2018-9206", + "description": "A Python PoC for CVE-2018-9206", + "fork": false, + "created_at": "2018-10-22T16:33:22Z", + "updated_at": "2020-06-04T11:39:14Z", + "pushed_at": "2018-10-22T16:49:08Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 12, + "forks": 12, + "watchers": 13, + "score": 0 + }, + { + "id": 154564555, + "name": "JQShell", + "full_name": "Stahlz\/JQShell", + "owner": { + "login": "Stahlz", + "id": 4689086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4689086?v=4", + "html_url": "https:\/\/github.com\/Stahlz" + }, + "html_url": "https:\/\/github.com\/Stahlz\/JQShell", + "description": "A weaponized version of CVE-2018-9206", + "fork": false, + "created_at": "2018-10-24T20:24:20Z", + "updated_at": "2020-10-26T09:05:01Z", + "pushed_at": "2018-10-30T01:48:42Z", + "stargazers_count": 63, + "watchers_count": 63, + "forks_count": 17, + "forks": 17, + "watchers": 63, + "score": 0 + }, { "id": 165319420, "name": "cve-2018-9206", diff --git a/2018/CVE-2018-9411.json b/2018/CVE-2018-9411.json new file mode 100644 index 0000000000..e4e71a204f --- /dev/null +++ b/2018/CVE-2018-9411.json @@ -0,0 +1,25 @@ +[ + { + "id": 155439217, + "name": "CVE-2018-9411", + "full_name": "tamirzb\/CVE-2018-9411", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2018-9411", + "description": "Exploit code for CVE-2018-9411 for MediaCasService", + "fork": false, + "created_at": "2018-10-30T18:48:20Z", + "updated_at": "2020-10-21T22:16:25Z", + "pushed_at": "2018-10-30T21:51:16Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 14, + "forks": 14, + "watchers": 49, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9539.json b/2018/CVE-2018-9539.json new file mode 100644 index 0000000000..8735a38386 --- /dev/null +++ b/2018/CVE-2018-9539.json @@ -0,0 +1,25 @@ +[ + { + "id": 157086233, + "name": "CVE-2018-9539", + "full_name": "tamirzb\/CVE-2018-9539", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2018-9539", + "description": " PoC code for CVE-2018-9539", + "fork": false, + "created_at": "2018-11-11T14:14:04Z", + "updated_at": "2019-07-11T00:57:55Z", + "pushed_at": "2018-11-11T14:19:32Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 8, + "forks": 8, + "watchers": 18, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9948.json b/2018/CVE-2018-9948.json new file mode 100644 index 0000000000..204e4d3cc6 --- /dev/null +++ b/2018/CVE-2018-9948.json @@ -0,0 +1,48 @@ +[ + { + "id": 143491453, + "name": "Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "full_name": "manojcode\/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode" + }, + "html_url": "https:\/\/github.com\/manojcode\/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "description": "Foxit Reader version 9.0.1.1049 Use After Free with ASLR and DEP bypass on heap", + "fork": false, + "created_at": "2018-08-04T02:32:28Z", + "updated_at": "2018-09-17T14:27:42Z", + "pushed_at": "2018-09-11T14:19:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 145526091, + "name": "cve-2018-9948-9958-exp", + "full_name": "orangepirate\/cve-2018-9948-9958-exp", + "owner": { + "login": "orangepirate", + "id": 40813235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40813235?v=4", + "html_url": "https:\/\/github.com\/orangepirate" + }, + "html_url": "https:\/\/github.com\/orangepirate\/cve-2018-9948-9958-exp", + "description": "a exp for cve-2018-9948\/9958 , current shellcode called win-calc ", + "fork": false, + "created_at": "2018-08-21T07:43:38Z", + "updated_at": "2018-08-24T00:18:07Z", + "pushed_at": "2018-08-24T00:18:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9958.json b/2018/CVE-2018-9958.json new file mode 100644 index 0000000000..c014300f62 --- /dev/null +++ b/2018/CVE-2018-9958.json @@ -0,0 +1,25 @@ +[ + { + "id": 138641204, + "name": "CVE-2018-9958--Exploit", + "full_name": "t3rabyt3-zz\/CVE-2018-9958--Exploit", + "owner": { + "login": "t3rabyt3-zz", + "id": 37320349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37320349?v=4", + "html_url": "https:\/\/github.com\/t3rabyt3-zz" + }, + "html_url": "https:\/\/github.com\/t3rabyt3-zz\/CVE-2018-9958--Exploit", + "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process.", + "fork": false, + "created_at": "2018-06-25T19:34:36Z", + "updated_at": "2018-06-25T19:43:30Z", + "pushed_at": "2018-06-25T19:43:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 3, + "forks": 3, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9995.json b/2018/CVE-2018-9995.json index 353d8e1660..ce6146eb2b 100644 --- a/2018/CVE-2018-9995.json +++ b/2018/CVE-2018-9995.json @@ -22,6 +22,121 @@ "watchers": 443, "score": 0 }, + { + "id": 132603275, + "name": "CVE-2018-9995_Batch_scanning_exp", + "full_name": "zzh217\/CVE-2018-9995_Batch_scanning_exp", + "owner": { + "login": "zzh217", + "id": 26359175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26359175?v=4", + "html_url": "https:\/\/github.com\/zzh217" + }, + "html_url": "https:\/\/github.com\/zzh217\/CVE-2018-9995_Batch_scanning_exp", + "description": "CVE-2018-9995_Batch_scanning_exp", + "fork": false, + "created_at": "2018-05-08T12:07:26Z", + "updated_at": "2018-11-29T12:00:35Z", + "pushed_at": "2018-08-09T14:41:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + }, + { + "id": 132681023, + "name": "CVE-2018-9995_check", + "full_name": "Huangkey\/CVE-2018-9995_check", + "owner": { + "login": "Huangkey", + "id": 22346795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22346795?v=4", + "html_url": "https:\/\/github.com\/Huangkey" + }, + "html_url": "https:\/\/github.com\/Huangkey\/CVE-2018-9995_check", + "description": "DVR系列摄像头批量检测", + "fork": false, + "created_at": "2018-05-09T00:43:24Z", + "updated_at": "2020-07-23T08:06:05Z", + "pushed_at": "2018-05-09T10:13:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 133002644, + "name": "CVE-2018-9995-ModifiedByGwolfs", + "full_name": "gwolfs\/CVE-2018-9995-ModifiedByGwolfs", + "owner": { + "login": "gwolfs", + "id": 39183087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39183087?v=4", + "html_url": "https:\/\/github.com\/gwolfs" + }, + "html_url": "https:\/\/github.com\/gwolfs\/CVE-2018-9995-ModifiedByGwolfs", + "description": null, + "fork": false, + "created_at": "2018-05-11T07:05:37Z", + "updated_at": "2018-05-21T06:35:44Z", + "pushed_at": "2018-05-21T06:35:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 139241933, + "name": "cve-2018-9995", + "full_name": "shacojx\/cve-2018-9995", + "owner": { + "login": "shacojx", + "id": 19655109, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19655109?v=4", + "html_url": "https:\/\/github.com\/shacojx" + }, + "html_url": "https:\/\/github.com\/shacojx\/cve-2018-9995", + "description": "exploit camera with vuln cve-2018-9995 ( Novo, CeNova, QSee, Pulnix, XVR 5 in 1 (title: \"XVR Login\"), Securus, - Security. Never Compromise !! - Night OWL, DVR Login, HVR Login, MDVR Login )", + "fork": false, + "created_at": "2018-06-30T10:54:40Z", + "updated_at": "2020-06-09T05:57:47Z", + "pushed_at": "2018-06-30T10:55:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + }, + { + "id": 150025071, + "name": "DVR-Exploiter", + "full_name": "Cyb0r9\/DVR-Exploiter", + "owner": { + "login": "Cyb0r9", + "id": 43474676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43474676?v=4", + "html_url": "https:\/\/github.com\/Cyb0r9" + }, + "html_url": "https:\/\/github.com\/Cyb0r9\/DVR-Exploiter", + "description": "DVR-Exploiter a Bash Script Program Exploit The DVR's Based on CVE-2018-9995", + "fork": false, + "created_at": "2018-09-23T20:58:40Z", + "updated_at": "2020-12-23T20:45:44Z", + "pushed_at": "2018-10-11T16:54:31Z", + "stargazers_count": 81, + "watchers_count": 81, + "forks_count": 42, + "forks": 42, + "watchers": 81, + "score": 0 + }, { "id": 167874136, "name": "CVE-2018-9995", diff --git a/2019/CVE-2019-11043.json b/2019/CVE-2019-11043.json index 8bf8b11ad0..c18edd0226 100644 --- a/2019/CVE-2019-11043.json +++ b/2019/CVE-2019-11043.json @@ -13,13 +13,13 @@ "description": "Exploit for CVE-2019-11043", "fork": false, "created_at": "2019-09-23T21:37:27Z", - "updated_at": "2021-02-10T17:49:21Z", + "updated_at": "2021-02-14T02:48:36Z", "pushed_at": "2019-11-12T18:53:14Z", - "stargazers_count": 1636, - "watchers_count": 1636, + "stargazers_count": 1637, + "watchers_count": 1637, "forks_count": 245, "forks": 245, - "watchers": 1636, + "watchers": 1637, "score": 0 }, { diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 629af134ec..4306f98b6c 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -82,13 +82,13 @@ "description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持", "fork": false, "created_at": "2019-06-21T09:22:43Z", - "updated_at": "2021-02-10T18:48:36Z", + "updated_at": "2021-02-14T02:15:44Z", "pushed_at": "2020-04-26T10:49:25Z", - "stargazers_count": 716, - "watchers_count": 716, + "stargazers_count": 717, + "watchers_count": 717, "forks_count": 150, "forks": 150, - "watchers": 716, + "watchers": 717, "score": 0 }, { diff --git a/2020/CVE-2020-0069.json b/2020/CVE-2020-0069.json index 557b78a30e..82cf9ade88 100644 --- a/2020/CVE-2020-0069.json +++ b/2020/CVE-2020-0069.json @@ -21,74 +21,5 @@ "forks": 9, "watchers": 53, "score": 0 - }, - { - "id": 244758802, - "name": "mtk-su-reverse-cve-2020-0069", - "full_name": "TheRealJunior\/mtk-su-reverse-cve-2020-0069", - "owner": { - "login": "TheRealJunior", - "id": 8438895, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8438895?v=4", - "html_url": "https:\/\/github.com\/TheRealJunior" - }, - "html_url": "https:\/\/github.com\/TheRealJunior\/mtk-su-reverse-cve-2020-0069", - "description": "reversing mtk-su", - "fork": false, - "created_at": "2020-03-03T22:55:42Z", - "updated_at": "2020-11-12T08:11:02Z", - "pushed_at": "2020-03-04T22:32:03Z", - "stargazers_count": 11, - "watchers_count": 11, - "forks_count": 5, - "forks": 5, - "watchers": 11, - "score": 0 - }, - { - "id": 245598253, - "name": "CVE-2020-0069", - "full_name": "yanglingxi1993\/CVE-2020-0069", - "owner": { - "login": "yanglingxi1993", - "id": 61902155, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61902155?v=4", - "html_url": "https:\/\/github.com\/yanglingxi1993" - }, - "html_url": "https:\/\/github.com\/yanglingxi1993\/CVE-2020-0069", - "description": "simple poc for CVE-2020-0069", - "fork": false, - "created_at": "2020-03-07T08:50:48Z", - "updated_at": "2020-03-07T08:50:48Z", - "pushed_at": "2020-03-07T08:50:49Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 249711372, - "name": "CVE-2020-0069_poc", - "full_name": "quarkslab\/CVE-2020-0069_poc", - "owner": { - "login": "quarkslab", - "id": 3357711, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3357711?v=4", - "html_url": "https:\/\/github.com\/quarkslab" - }, - "html_url": "https:\/\/github.com\/quarkslab\/CVE-2020-0069_poc", - "description": null, - "fork": false, - "created_at": "2020-03-24T13:10:39Z", - "updated_at": "2021-01-23T10:38:43Z", - "pushed_at": "2020-03-24T13:19:34Z", - "stargazers_count": 75, - "watchers_count": 75, - "forks_count": 22, - "forks": 22, - "watchers": 75, - "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0551.json b/2020/CVE-2020-0551.json deleted file mode 100644 index 3388c0c881..0000000000 --- a/2020/CVE-2020-0551.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 246358905, - "name": "lvi-lfb-attack-poc", - "full_name": "bitdefender\/lvi-lfb-attack-poc", - "owner": { - "login": "bitdefender", - "id": 32452258, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32452258?v=4", - "html_url": "https:\/\/github.com\/bitdefender" - }, - "html_url": "https:\/\/github.com\/bitdefender\/lvi-lfb-attack-poc", - "description": "This repository contains the sources and documentation for the LVI-LFB Control Flow Hijacking attack PoC (CVE-2020-0551)", - "fork": false, - "created_at": "2020-03-10T17:00:01Z", - "updated_at": "2021-01-11T11:22:00Z", - "pushed_at": "2020-03-10T17:10:12Z", - "stargazers_count": 20, - "watchers_count": 20, - "forks_count": 5, - "forks": 5, - "watchers": 20, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-0601.json b/2020/CVE-2020-0601.json index 81fc969a3a..c23c625c6a 100644 --- a/2020/CVE-2020-0601.json +++ b/2020/CVE-2020-0601.json @@ -1,50 +1,4 @@ [ - { - "id": 234192123, - "name": "chainoffools", - "full_name": "kudelskisecurity\/chainoffools", - "owner": { - "login": "kudelskisecurity", - "id": 10771090, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10771090?v=4", - "html_url": "https:\/\/github.com\/kudelskisecurity" - }, - "html_url": "https:\/\/github.com\/kudelskisecurity\/chainoffools", - "description": "A PoC for CVE-2020-0601", - "fork": false, - "created_at": "2020-01-15T23:15:32Z", - "updated_at": "2021-02-02T02:53:26Z", - "pushed_at": "2020-03-22T15:14:31Z", - "stargazers_count": 337, - "watchers_count": 337, - "forks_count": 87, - "forks": 87, - "watchers": 337, - "score": 0 - }, - { - "id": 234433419, - "name": "badecparams", - "full_name": "saleemrashid\/badecparams", - "owner": { - "login": "saleemrashid", - "id": 22301423, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22301423?v=4", - "html_url": "https:\/\/github.com\/saleemrashid" - }, - "html_url": "https:\/\/github.com\/saleemrashid\/badecparams", - "description": "Proof of Concept for CVE-2020-0601", - "fork": false, - "created_at": "2020-01-16T23:44:37Z", - "updated_at": "2021-02-07T14:06:26Z", - "pushed_at": "2020-02-24T18:41:10Z", - "stargazers_count": 61, - "watchers_count": 61, - "forks_count": 14, - "forks": 14, - "watchers": 61, - "score": 0 - }, { "id": 241136874, "name": "CVE-2018-20250-WinRAR", @@ -67,97 +21,5 @@ "forks": 0, "watchers": 1, "score": 0 - }, - { - "id": 241412565, - "name": "cve-2020-0601_poc", - "full_name": "gremwell\/cve-2020-0601_poc", - "owner": { - "login": "gremwell", - "id": 633734, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/633734?v=4", - "html_url": "https:\/\/github.com\/gremwell" - }, - "html_url": "https:\/\/github.com\/gremwell\/cve-2020-0601_poc", - "description": "CVE-2020-0601 proof of concept", - "fork": false, - "created_at": "2020-02-18T16:36:49Z", - "updated_at": "2020-10-14T19:20:02Z", - "pushed_at": "2020-02-19T08:46:36Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 3, - "forks": 3, - "watchers": 2, - "score": 0 - }, - { - "id": 243353551, - "name": "meetup-2-curveball", - "full_name": "bsides-rijeka\/meetup-2-curveball", - "owner": { - "login": "bsides-rijeka", - "id": 61519397, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61519397?v=4", - "html_url": "https:\/\/github.com\/bsides-rijeka" - }, - "html_url": "https:\/\/github.com\/bsides-rijeka\/meetup-2-curveball", - "description": "Materials for the second Rijeka secuity meetup. We will be discussing Microsoft cryptoapi vulnerability dubbed CurveBall (CVE-2020-0601)", - "fork": false, - "created_at": "2020-02-26T19:59:25Z", - "updated_at": "2020-03-05T07:54:18Z", - "pushed_at": "2020-09-11T10:29:33Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 244585713, - "name": "CVE-2020-0601-spoofkey", - "full_name": "exploitblizzard\/CVE-2020-0601-spoofkey", - "owner": { - "login": "exploitblizzard", - "id": 61627070, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61627070?v=4", - "html_url": "https:\/\/github.com\/exploitblizzard" - }, - "html_url": "https:\/\/github.com\/exploitblizzard\/CVE-2020-0601-spoofkey", - "description": null, - "fork": false, - "created_at": "2020-03-03T08:49:47Z", - "updated_at": "2020-03-03T09:49:24Z", - "pushed_at": "2020-03-03T09:49:22Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 246794448, - "name": "twoplustwo", - "full_name": "ShayNehmad\/twoplustwo", - "owner": { - "login": "ShayNehmad", - "id": 48879847, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48879847?v=4", - "html_url": "https:\/\/github.com\/ShayNehmad" - }, - "html_url": "https:\/\/github.com\/ShayNehmad\/twoplustwo", - "description": "Implementing CVE-2020-0601", - "fork": false, - "created_at": "2020-03-12T09:30:19Z", - "updated_at": "2020-03-12T09:58:51Z", - "pushed_at": "2020-03-12T09:58:48Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0618.json b/2020/CVE-2020-0618.json deleted file mode 100644 index bcdcc2c5bb..0000000000 --- a/2020/CVE-2020-0618.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 241408033, - "name": "cve-2020-0618", - "full_name": "wortell\/cve-2020-0618", - "owner": { - "login": "wortell", - "id": 54625905, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54625905?v=4", - "html_url": "https:\/\/github.com\/wortell" - }, - "html_url": "https:\/\/github.com\/wortell\/cve-2020-0618", - "description": "CVE-2020-0618 Honeypot", - "fork": false, - "created_at": "2020-02-18T16:17:19Z", - "updated_at": "2021-01-07T02:04:31Z", - "pushed_at": "2020-03-03T17:21:54Z", - "stargazers_count": 22, - "watchers_count": 22, - "forks_count": 4, - "forks": 4, - "watchers": 22, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-0668.json b/2020/CVE-2020-0668.json index c7559b4f0a..86f23456cd 100644 --- a/2020/CVE-2020-0668.json +++ b/2020/CVE-2020-0668.json @@ -1,50 +1,4 @@ [ - { - "id": 214392452, - "name": "SysTracingPoc", - "full_name": "itm4n\/SysTracingPoc", - "owner": { - "login": "itm4n", - "id": 30777390, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30777390?v=4", - "html_url": "https:\/\/github.com\/itm4n" - }, - "html_url": "https:\/\/github.com\/itm4n\/SysTracingPoc", - "description": "CVE-2020-0668 - Microsoft Windows Service Tracing Arbitrary File Move Local Privilege Escalation Vulnerability", - "fork": false, - "created_at": "2019-10-11T09:08:02Z", - "updated_at": "2021-01-13T14:43:41Z", - "pushed_at": "2020-02-26T09:24:45Z", - "stargazers_count": 54, - "watchers_count": 54, - "forks_count": 20, - "forks": 20, - "watchers": 54, - "score": 0 - }, - { - "id": 241809572, - "name": "CVE-2020-0668", - "full_name": "RedCursorSecurityConsulting\/CVE-2020-0668", - "owner": { - "login": "RedCursorSecurityConsulting", - "id": 61265565, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61265565?v=4", - "html_url": "https:\/\/github.com\/RedCursorSecurityConsulting" - }, - "html_url": "https:\/\/github.com\/RedCursorSecurityConsulting\/CVE-2020-0668", - "description": "Use CVE-2020-0668 to perform an arbitrary privileged file move operation.", - "fork": false, - "created_at": "2020-02-20T06:22:40Z", - "updated_at": "2021-02-12T22:44:42Z", - "pushed_at": "2020-02-20T11:03:18Z", - "stargazers_count": 176, - "watchers_count": 176, - "forks_count": 47, - "forks": 47, - "watchers": 176, - "score": 0 - }, { "id": 243248025, "name": "CVE-2020-0668", diff --git a/2020/CVE-2020-0688.json b/2020/CVE-2020-0688.json index 733013a30e..f0ae052a3e 100644 --- a/2020/CVE-2020-0688.json +++ b/2020/CVE-2020-0688.json @@ -1,50 +1,4 @@ [ - { - "id": 243126851, - "name": "cve-2020-0688", - "full_name": "random-robbie\/cve-2020-0688", - "owner": { - "login": "random-robbie", - "id": 4902869, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", - "html_url": "https:\/\/github.com\/random-robbie" - }, - "html_url": "https:\/\/github.com\/random-robbie\/cve-2020-0688", - "description": "cve-2020-0688", - "fork": false, - "created_at": "2020-02-25T23:44:16Z", - "updated_at": "2021-01-23T16:10:33Z", - "pushed_at": "2020-02-26T00:58:39Z", - "stargazers_count": 148, - "watchers_count": 148, - "forks_count": 47, - "forks": 47, - "watchers": 148, - "score": 0 - }, - { - "id": 243257176, - "name": "CVE-2020-0688", - "full_name": "Jumbo-WJB\/CVE-2020-0688", - "owner": { - "login": "Jumbo-WJB", - "id": 7954518, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7954518?v=4", - "html_url": "https:\/\/github.com\/Jumbo-WJB" - }, - "html_url": "https:\/\/github.com\/Jumbo-WJB\/CVE-2020-0688", - "description": "CVE-2020-0688 - Exchange", - "fork": false, - "created_at": "2020-02-26T12:28:11Z", - "updated_at": "2021-02-01T07:23:40Z", - "pushed_at": "2020-02-27T03:50:07Z", - "stargazers_count": 53, - "watchers_count": 53, - "forks_count": 24, - "forks": 24, - "watchers": 53, - "score": 0 - }, { "id": 243416592, "name": "cve-2020-0688", @@ -68,29 +22,6 @@ "watchers": 261, "score": 0 }, - { - "id": 243531424, - "name": "CVE-2020-0688_EXP", - "full_name": "Yt1g3r\/CVE-2020-0688_EXP", - "owner": { - "login": "Yt1g3r", - "id": 12625147, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4", - "html_url": "https:\/\/github.com\/Yt1g3r" - }, - "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2020-0688_EXP", - "description": "CVE-2020-0688_EXP Auto trigger payload & encrypt method", - "fork": false, - "created_at": "2020-02-27T13:53:46Z", - "updated_at": "2020-12-21T21:53:51Z", - "pushed_at": "2020-02-27T15:57:53Z", - "stargazers_count": 131, - "watchers_count": 131, - "forks_count": 57, - "forks": 57, - "watchers": 131, - "score": 0 - }, { "id": 243640997, "name": "CVE-2020-0688", @@ -114,29 +45,6 @@ "watchers": 0, "score": 0 }, - { - "id": 243672879, - "name": "cve-2020-0688", - "full_name": "truongtn\/cve-2020-0688", - "owner": { - "login": "truongtn", - "id": 11813006, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11813006?v=4", - "html_url": "https:\/\/github.com\/truongtn" - }, - "html_url": "https:\/\/github.com\/truongtn\/cve-2020-0688", - "description": "I made this script for conducting CVE-2020-0688 more rapidly. It helps to improve checking the vuln, reducing hugely steps for that", - "fork": false, - "created_at": "2020-02-28T03:47:40Z", - "updated_at": "2020-02-28T09:39:14Z", - "pushed_at": "2020-02-28T04:04:54Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, { "id": 243801603, "name": "CVE-2020-0688-Scanner", @@ -160,98 +68,6 @@ "watchers": 34, "score": 0 }, - { - "id": 243813543, - "name": "CVE-2020-0688", - "full_name": "youncyb\/CVE-2020-0688", - "owner": { - "login": "youncyb", - "id": 33374470, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33374470?v=4", - "html_url": "https:\/\/github.com\/youncyb" - }, - "html_url": "https:\/\/github.com\/youncyb\/CVE-2020-0688", - "description": "CVE-2020-0688", - "fork": false, - "created_at": "2020-02-28T17:03:53Z", - "updated_at": "2020-05-18T10:43:41Z", - "pushed_at": "2020-02-28T17:07:15Z", - "stargazers_count": 7, - "watchers_count": 7, - "forks_count": 2, - "forks": 2, - "watchers": 7, - "score": 0 - }, - { - "id": 244149446, - "name": "CVE-2020-0688", - "full_name": "zcgonvh\/CVE-2020-0688", - "owner": { - "login": "zcgonvh", - "id": 25787677, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4", - "html_url": "https:\/\/github.com\/zcgonvh" - }, - "html_url": "https:\/\/github.com\/zcgonvh\/CVE-2020-0688", - "description": "Exploit and detect tools for CVE-2020-0688", - "fork": false, - "created_at": "2020-03-01T12:57:32Z", - "updated_at": "2021-02-09T13:05:58Z", - "pushed_at": "2020-03-21T05:44:48Z", - "stargazers_count": 267, - "watchers_count": 267, - "forks_count": 68, - "forks": 68, - "watchers": 267, - "score": 0 - }, - { - "id": 245013193, - "name": "PSForgot2kEyXCHANGE", - "full_name": "justin-p\/PSForgot2kEyXCHANGE", - "owner": { - "login": "justin-p", - "id": 8249280, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8249280?v=4", - "html_url": "https:\/\/github.com\/justin-p" - }, - "html_url": "https:\/\/github.com\/justin-p\/PSForgot2kEyXCHANGE", - "description": "PoC for Forgot2kEyXCHANGE (CVE-2020-0688) written in PowerShell", - "fork": false, - "created_at": "2020-03-04T22:02:30Z", - "updated_at": "2020-08-14T17:15:13Z", - "pushed_at": "2020-03-05T08:02:57Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 5, - "forks": 5, - "watchers": 3, - "score": 0 - }, - { - "id": 248554405, - "name": "CVE-2020-0688", - "full_name": "cert-lv\/CVE-2020-0688", - "owner": { - "login": "cert-lv", - "id": 22764485, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22764485?v=4", - "html_url": "https:\/\/github.com\/cert-lv" - }, - "html_url": "https:\/\/github.com\/cert-lv\/CVE-2020-0688", - "description": "Vulnerability scanner for CVE-2020-0688", - "fork": false, - "created_at": "2020-03-19T16:39:56Z", - "updated_at": "2021-01-09T11:45:35Z", - "pushed_at": "2020-03-19T16:41:39Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 0, - "forks": 0, - "watchers": 3, - "score": 0 - }, { "id": 251646716, "name": "CVE-2020-0688", diff --git a/2020/CVE-2020-0753.json b/2020/CVE-2020-0753.json index f5f570c68f..047370189b 100644 --- a/2020/CVE-2020-0753.json +++ b/2020/CVE-2020-0753.json @@ -21,28 +21,5 @@ "forks": 11, "watchers": 14, "score": 0 - }, - { - "id": 242502226, - "name": "CVE-2020-0753-and-CVE-2020-0754", - "full_name": "VikasVarshney\/CVE-2020-0753-and-CVE-2020-0754", - "owner": { - "login": "VikasVarshney", - "id": 3353731, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3353731?v=4", - "html_url": "https:\/\/github.com\/VikasVarshney" - }, - "html_url": "https:\/\/github.com\/VikasVarshney\/CVE-2020-0753-and-CVE-2020-0754", - "description": "Writeup and POC for CVE-2020-0753, CVE-2020-0754 and six unfixed Window DOS Vulnerabilities.", - "fork": false, - "created_at": "2020-02-23T11:10:49Z", - "updated_at": "2020-03-11T13:36:15Z", - "pushed_at": "2020-02-22T13:57:48Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 13, - "forks": 13, - "watchers": 3, - "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 46d0f4df49..0ebf828c83 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -45,29 +45,6 @@ "watchers": 20, "score": 0 }, - { - "id": 246467738, - "name": "DisableSMBCompression", - "full_name": "technion\/DisableSMBCompression", - "owner": { - "login": "technion", - "id": 1948596, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1948596?v=4", - "html_url": "https:\/\/github.com\/technion" - }, - "html_url": "https:\/\/github.com\/technion\/DisableSMBCompression", - "description": "CVE-2020-0796 Flaw Mitigation - Active Directory Administrative Templates", - "fork": false, - "created_at": "2020-03-11T03:43:29Z", - "updated_at": "2020-03-12T16:13:41Z", - "pushed_at": "2020-03-11T04:57:07Z", - "stargazers_count": 6, - "watchers_count": 6, - "forks_count": 1, - "forks": 1, - "watchers": 6, - "score": 0 - }, { "id": 246525183, "name": "CVE-2020-0796", @@ -114,328 +91,6 @@ "watchers": 579, "score": 0 }, - { - "id": 246621836, - "name": "CVE-2020-0796-Checker", - "full_name": "joaozietolie\/CVE-2020-0796-Checker", - "owner": { - "login": "joaozietolie", - "id": 26208666, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26208666?v=4", - "html_url": "https:\/\/github.com\/joaozietolie" - }, - "html_url": "https:\/\/github.com\/joaozietolie\/CVE-2020-0796-Checker", - "description": "Script that checks if the system is vulnerable to CVE-2020-0796 (SMB v3.1.1)", - "fork": false, - "created_at": "2020-03-11T16:23:03Z", - "updated_at": "2021-01-03T15:58:32Z", - "pushed_at": "2020-03-11T22:50:40Z", - "stargazers_count": 12, - "watchers_count": 12, - "forks_count": 9, - "forks": 9, - "watchers": 12, - "score": 0 - }, - { - "id": 246652992, - "name": "cve-2020-0796", - "full_name": "ButrintKomoni\/cve-2020-0796", - "owner": { - "login": "ButrintKomoni", - "id": 10991703, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10991703?v=4", - "html_url": "https:\/\/github.com\/ButrintKomoni" - }, - "html_url": "https:\/\/github.com\/ButrintKomoni\/cve-2020-0796", - "description": "Identifying and Mitigating the CVE-2020–0796 flaw in the fly", - "fork": false, - "created_at": "2020-03-11T18:42:32Z", - "updated_at": "2021-02-03T12:02:35Z", - "pushed_at": "2020-03-12T10:19:35Z", - "stargazers_count": 6, - "watchers_count": 6, - "forks_count": 5, - "forks": 5, - "watchers": 6, - "score": 0 - }, - { - "id": 246724151, - "name": "cve-2020-0796-scanner", - "full_name": "dickens88\/cve-2020-0796-scanner", - "owner": { - "login": "dickens88", - "id": 8390209, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8390209?v=4", - "html_url": "https:\/\/github.com\/dickens88" - }, - "html_url": "https:\/\/github.com\/dickens88\/cve-2020-0796-scanner", - "description": "This project is used for scanning cve-2020-0796 SMB vulnerability", - "fork": false, - "created_at": "2020-03-12T02:20:07Z", - "updated_at": "2021-01-18T07:54:35Z", - "pushed_at": "2020-03-12T02:49:10Z", - "stargazers_count": 10, - "watchers_count": 10, - "forks_count": 10, - "forks": 10, - "watchers": 10, - "score": 0 - }, - { - "id": 246728549, - "name": "CVE-2020-0796", - "full_name": "kn6869610\/CVE-2020-0796", - "owner": { - "login": "kn6869610", - "id": 6917744, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6917744?v=4", - "html_url": "https:\/\/github.com\/kn6869610" - }, - "html_url": "https:\/\/github.com\/kn6869610\/CVE-2020-0796", - "description": null, - "fork": false, - "created_at": "2020-03-12T02:47:49Z", - "updated_at": "2020-03-12T03:19:53Z", - "pushed_at": "2020-03-12T03:19:51Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 246795620, - "name": "eternalghosttest", - "full_name": "awareseven\/eternalghosttest", - "owner": { - "login": "awareseven", - "id": 53170037, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53170037?v=4", - "html_url": "https:\/\/github.com\/awareseven" - }, - "html_url": "https:\/\/github.com\/awareseven\/eternalghosttest", - "description": "This repository contains a test case for CVE-2020-0796", - "fork": false, - "created_at": "2020-03-12T09:35:57Z", - "updated_at": "2020-03-15T11:39:18Z", - "pushed_at": "2020-03-12T14:03:29Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 2, - "forks": 2, - "watchers": 1, - "score": 0 - }, - { - "id": 246837546, - "name": "CVE-2020-0796-PoC", - "full_name": "weidutech\/CVE-2020-0796-PoC", - "owner": { - "login": "weidutech", - "id": 30208579, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30208579?v=4", - "html_url": "https:\/\/github.com\/weidutech" - }, - "html_url": "https:\/\/github.com\/weidutech\/CVE-2020-0796-PoC", - "description": " CVE-2020-0796 - a wormable SMBv3 vulnerability. ", - "fork": false, - "created_at": "2020-03-12T13:11:02Z", - "updated_at": "2020-03-12T13:12:16Z", - "pushed_at": "2020-03-12T13:12:14Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 246870588, - "name": "CVE-2020-0796-Scanner", - "full_name": "xax007\/CVE-2020-0796-Scanner", - "owner": { - "login": "xax007", - "id": 44893059, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44893059?v=4", - "html_url": "https:\/\/github.com\/xax007" - }, - "html_url": "https:\/\/github.com\/xax007\/CVE-2020-0796-Scanner", - "description": "CVE-2020-0796 SMBv3.1.1 Compression Capability Vulnerability Scanner", - "fork": false, - "created_at": "2020-03-12T15:36:43Z", - "updated_at": "2020-03-12T15:55:21Z", - "pushed_at": "2020-03-12T15:46:06Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 246883669, - "name": "Scanners-for-CVE-2020-0796-Testing", - "full_name": "Dhoomralochana\/Scanners-for-CVE-2020-0796-Testing", - "owner": { - "login": "Dhoomralochana", - "id": 56705549, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56705549?v=4", - "html_url": "https:\/\/github.com\/Dhoomralochana" - }, - "html_url": "https:\/\/github.com\/Dhoomralochana\/Scanners-for-CVE-2020-0796-Testing", - "description": "Scanners List - Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) ", - "fork": false, - "created_at": "2020-03-12T16:39:41Z", - "updated_at": "2020-03-12T16:44:48Z", - "pushed_at": "2020-03-12T16:44:46Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 246894204, - "name": "smbee", - "full_name": "UraSecTeam\/smbee", - "owner": { - "login": "UraSecTeam", - "id": 23280827, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23280827?v=4", - "html_url": "https:\/\/github.com\/UraSecTeam" - }, - "html_url": "https:\/\/github.com\/UraSecTeam\/smbee", - "description": "Check system is vulnerable CVE-2020-0796 (SMB v3)", - "fork": false, - "created_at": "2020-03-12T17:32:56Z", - "updated_at": "2020-03-13T00:16:03Z", - "pushed_at": "2020-03-12T17:42:59Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, - "score": 0 - }, - { - "id": 246900063, - "name": "SMBGhost", - "full_name": "netscylla\/SMBGhost", - "owner": { - "login": "netscylla", - "id": 25352732, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25352732?v=4", - "html_url": "https:\/\/github.com\/netscylla" - }, - "html_url": "https:\/\/github.com\/netscylla\/SMBGhost", - "description": "SMBGhost (CVE-2020-0796) threaded scanner", - "fork": false, - "created_at": "2020-03-12T18:03:45Z", - "updated_at": "2021-01-18T21:45:07Z", - "pushed_at": "2020-03-12T22:20:11Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 1, - "forks": 1, - "watchers": 1, - "score": 0 - }, - { - "id": 246905632, - "name": "CVE-2020-0796-PoC", - "full_name": "eerykitty\/CVE-2020-0796-PoC", - "owner": { - "login": "eerykitty", - "id": 10905603, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10905603?v=4", - "html_url": "https:\/\/github.com\/eerykitty" - }, - "html_url": "https:\/\/github.com\/eerykitty\/CVE-2020-0796-PoC", - "description": "PoC for triggering buffer overflow via CVE-2020-0796", - "fork": false, - "created_at": "2020-03-12T18:34:40Z", - "updated_at": "2021-02-12T05:08:07Z", - "pushed_at": "2020-03-14T10:04:59Z", - "stargazers_count": 264, - "watchers_count": 264, - "forks_count": 109, - "forks": 109, - "watchers": 264, - "score": 0 - }, - { - "id": 246914011, - "name": "SMBCompScan", - "full_name": "wneessen\/SMBCompScan", - "owner": { - "login": "wneessen", - "id": 542696, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/542696?v=4", - "html_url": "https:\/\/github.com\/wneessen" - }, - "html_url": "https:\/\/github.com\/wneessen\/SMBCompScan", - "description": "Scanner script to identify hosts vulnerable to CVE-2020-0796", - "fork": false, - "created_at": "2020-03-12T19:22:36Z", - "updated_at": "2020-03-15T17:51:44Z", - "pushed_at": "2020-03-12T21:40:58Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 2, - "forks": 2, - "watchers": 4, - "score": 0 - }, - { - "id": 246915801, - "name": "SMBGhost", - "full_name": "ioncodes\/SMBGhost", - "owner": { - "login": "ioncodes", - "id": 18533297, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18533297?v=4", - "html_url": "https:\/\/github.com\/ioncodes" - }, - "html_url": "https:\/\/github.com\/ioncodes\/SMBGhost", - "description": "Scanner for CVE-2020-0796 - A SMBv3.1.1 + SMB compression RCE ", - "fork": false, - "created_at": "2020-03-12T19:33:18Z", - "updated_at": "2021-02-05T18:49:00Z", - "pushed_at": "2020-03-13T07:38:43Z", - "stargazers_count": 55, - "watchers_count": 55, - "forks_count": 21, - "forks": 21, - "watchers": 55, - "score": 0 - }, - { - "id": 246918199, - "name": "CVE-2020-0796", - "full_name": "laolisafe\/CVE-2020-0796", - "owner": { - "login": "laolisafe", - "id": 45027935, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45027935?v=4", - "html_url": "https:\/\/github.com\/laolisafe" - }, - "html_url": "https:\/\/github.com\/laolisafe\/CVE-2020-0796", - "description": "SMBv3 RCE vulnerability in SMBv3", - "fork": false, - "created_at": "2020-03-12T19:46:25Z", - "updated_at": "2020-03-13T05:36:21Z", - "pushed_at": "2020-03-13T05:36:19Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, { "id": 246921709, "name": "SMBScanner", @@ -459,144 +114,6 @@ "watchers": 13, "score": 0 }, - { - "id": 246927086, - "name": "SMBGhost-WorkaroundApplier", - "full_name": "Almorabea\/SMBGhost-WorkaroundApplier", - "owner": { - "login": "Almorabea", - "id": 13198863, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13198863?v=4", - "html_url": "https:\/\/github.com\/Almorabea" - }, - "html_url": "https:\/\/github.com\/Almorabea\/SMBGhost-WorkaroundApplier", - "description": "This script will apply the workaround for the vulnerability CVE-2020-0796 for the SMBv3 unauthenticated RCE", - "fork": false, - "created_at": "2020-03-12T20:41:30Z", - "updated_at": "2020-03-13T14:52:51Z", - "pushed_at": "2020-03-13T14:52:49Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 246951836, - "name": "SMBGhosts", - "full_name": "IAreKyleW00t\/SMBGhosts", - "owner": { - "login": "IAreKyleW00t", - "id": 1072572, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1072572?v=4", - "html_url": "https:\/\/github.com\/IAreKyleW00t" - }, - "html_url": "https:\/\/github.com\/IAreKyleW00t\/SMBGhosts", - "description": "Multithreaded Scanner for CVE-2020-0796 - SMBv3 RCE", - "fork": false, - "created_at": "2020-03-12T23:55:39Z", - "updated_at": "2020-03-13T02:27:41Z", - "pushed_at": "2020-03-13T02:27:38Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 247023558, - "name": "CVE-2020-0796", - "full_name": "vysecurity\/CVE-2020-0796", - "owner": { - "login": "vysecurity", - "id": 3596242, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3596242?v=4", - "html_url": "https:\/\/github.com\/vysecurity" - }, - "html_url": "https:\/\/github.com\/vysecurity\/CVE-2020-0796", - "description": "CVE-2020-0796 - Working PoC - 20200313", - "fork": false, - "created_at": "2020-03-13T08:34:31Z", - "updated_at": "2020-03-22T18:40:58Z", - "pushed_at": "2020-03-13T08:35:03Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 1, - "forks": 1, - "watchers": 5, - "score": 0 - }, - { - "id": 247064505, - "name": "CVE-2020-0796", - "full_name": "marcinguy\/CVE-2020-0796", - "owner": { - "login": "marcinguy", - "id": 20355405, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20355405?v=4", - "html_url": "https:\/\/github.com\/marcinguy" - }, - "html_url": "https:\/\/github.com\/marcinguy\/CVE-2020-0796", - "description": "CVE-2020-0796 SMBGhost", - "fork": false, - "created_at": "2020-03-13T12:18:13Z", - "updated_at": "2020-03-13T15:21:33Z", - "pushed_at": "2020-03-13T15:21:31Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 247111415, - "name": "cve-2020-0796", - "full_name": "plorinquer\/cve-2020-0796", - "owner": { - "login": "plorinquer", - "id": 17765872, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17765872?v=4", - "html_url": "https:\/\/github.com\/plorinquer" - }, - "html_url": "https:\/\/github.com\/plorinquer\/cve-2020-0796", - "description": null, - "fork": false, - "created_at": "2020-03-13T16:08:46Z", - "updated_at": "2020-03-13T17:57:34Z", - "pushed_at": "2020-03-13T17:57:32Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 247147253, - "name": "SMBv3.1.1-scan---CVE-2020-0796", - "full_name": "BinaryShadow94\/SMBv3.1.1-scan---CVE-2020-0796", - "owner": { - "login": "BinaryShadow94", - "id": 26254187, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26254187?v=4", - "html_url": "https:\/\/github.com\/BinaryShadow94" - }, - "html_url": "https:\/\/github.com\/BinaryShadow94\/SMBv3.1.1-scan---CVE-2020-0796", - "description": "Little scanner to know if a machine is runnig SMBv3 (possible vulnerability CVE-2020-0796)", - "fork": false, - "created_at": "2020-03-13T19:27:30Z", - "updated_at": "2020-07-22T12:58:52Z", - "pushed_at": "2020-03-13T20:01:40Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 1, - "forks": 1, - "watchers": 1, - "score": 0 - }, { "id": 247195467, "name": "SMBGhost_Scanner", @@ -620,98 +137,6 @@ "watchers": 11, "score": 0 }, - { - "id": 247218948, - "name": "CVE-2020-0796", - "full_name": "wsfengfan\/CVE-2020-0796", - "owner": { - "login": "wsfengfan", - "id": 33821840, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33821840?v=4", - "html_url": "https:\/\/github.com\/wsfengfan" - }, - "html_url": "https:\/\/github.com\/wsfengfan\/CVE-2020-0796", - "description": "CVE-2020-0796 Python POC buffer overflow", - "fork": false, - "created_at": "2020-03-14T05:39:37Z", - "updated_at": "2020-03-14T05:51:50Z", - "pushed_at": "2020-03-14T05:51:48Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 247370340, - "name": "aioScan_CVE-2020-0796", - "full_name": "GuoKerS\/aioScan_CVE-2020-0796", - "owner": { - "login": "GuoKerS", - "id": 31996804, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31996804?v=4", - "html_url": "https:\/\/github.com\/GuoKerS" - }, - "html_url": "https:\/\/github.com\/GuoKerS\/aioScan_CVE-2020-0796", - "description": "基于asyncio(协程)的CVE-2020-0796 速度还是十分可观的,方便运维师傅们对内网做下快速检测。", - "fork": false, - "created_at": "2020-03-14T23:39:25Z", - "updated_at": "2020-06-14T08:47:04Z", - "pushed_at": "2020-03-18T04:48:23Z", - "stargazers_count": 16, - "watchers_count": 16, - "forks_count": 13, - "forks": 13, - "watchers": 16, - "score": 0 - }, - { - "id": 247393369, - "name": "CVE-2020-0796-Scanner", - "full_name": "jiansiting\/CVE-2020-0796-Scanner", - "owner": { - "login": "jiansiting", - "id": 28823754, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", - "html_url": "https:\/\/github.com\/jiansiting" - }, - "html_url": "https:\/\/github.com\/jiansiting\/CVE-2020-0796-Scanner", - "description": "CVE-2020-0796-Scanner", - "fork": false, - "created_at": "2020-03-15T03:17:47Z", - "updated_at": "2020-10-28T13:55:06Z", - "pushed_at": "2020-03-15T03:25:41Z", - "stargazers_count": 9, - "watchers_count": 9, - "forks_count": 3, - "forks": 3, - "watchers": 9, - "score": 0 - }, - { - "id": 247561192, - "name": "Unauthenticated-CVE-2020-0796-PoC", - "full_name": "maxpl0it\/Unauthenticated-CVE-2020-0796-PoC", - "owner": { - "login": "maxpl0it", - "id": 27973683, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27973683?v=4", - "html_url": "https:\/\/github.com\/maxpl0it" - }, - "html_url": "https:\/\/github.com\/maxpl0it\/Unauthenticated-CVE-2020-0796-PoC", - "description": "An unauthenticated PoC for CVE-2020-0796", - "fork": false, - "created_at": "2020-03-15T22:17:50Z", - "updated_at": "2020-09-25T05:07:08Z", - "pushed_at": "2020-03-15T22:20:58Z", - "stargazers_count": 21, - "watchers_count": 21, - "forks_count": 7, - "forks": 7, - "watchers": 21, - "score": 0 - }, { "id": 247578292, "name": "CVE-2020-0796", @@ -735,144 +160,6 @@ "watchers": 0, "score": 0 }, - { - "id": 247747657, - "name": "smbghost", - "full_name": "sujitawake\/smbghost", - "owner": { - "login": "sujitawake", - "id": 50439521, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50439521?v=4", - "html_url": "https:\/\/github.com\/sujitawake" - }, - "html_url": "https:\/\/github.com\/sujitawake\/smbghost", - "description": "CVE-2020-0796_CoronaBlue_SMBGhost", - "fork": false, - "created_at": "2020-03-16T15:31:52Z", - "updated_at": "2020-04-06T03:48:20Z", - "pushed_at": "2020-03-19T08:06:51Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 2, - "forks": 2, - "watchers": 1, - "score": 0 - }, - { - "id": 247749832, - "name": "CVE-2020-0796", - "full_name": "julixsalas\/CVE-2020-0796", - "owner": { - "login": "julixsalas", - "id": 7083476, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7083476?v=4", - "html_url": "https:\/\/github.com\/julixsalas" - }, - "html_url": "https:\/\/github.com\/julixsalas\/CVE-2020-0796", - "description": "Scanner for CVE-2020-0796", - "fork": false, - "created_at": "2020-03-16T15:39:22Z", - "updated_at": "2020-03-16T15:46:24Z", - "pushed_at": "2020-03-16T15:46:22Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, - "score": 0 - }, - { - "id": 248334368, - "name": "SMBGhost_Crash_Poc", - "full_name": "5l1v3r1\/SMBGhost_Crash_Poc", - "owner": { - "login": "5l1v3r1", - "id": 34143537, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", - "html_url": "https:\/\/github.com\/5l1v3r1" - }, - "html_url": "https:\/\/github.com\/5l1v3r1\/SMBGhost_Crash_Poc", - "description": "CVE-2020-0796.SMBGhost_Crash_Poc ", - "fork": false, - "created_at": "2020-03-18T20:21:01Z", - "updated_at": "2021-02-09T05:22:42Z", - "pushed_at": "2020-03-18T08:57:36Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 248334437, - "name": "CVE-2020-0796-PoC-and-Scan", - "full_name": "5l1v3r1\/CVE-2020-0796-PoC-and-Scan", - "owner": { - "login": "5l1v3r1", - "id": 34143537, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", - "html_url": "https:\/\/github.com\/5l1v3r1" - }, - "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-0796-PoC-and-Scan", - "description": "Lightweight PoC and Scanner for CVE-2020-0796 without authentication.", - "fork": false, - "created_at": "2020-03-18T20:21:25Z", - "updated_at": "2020-03-20T10:33:28Z", - "pushed_at": "2020-03-16T01:06:09Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 249034829, - "name": "CVE-2020-0796-DoS", - "full_name": "cory-zajicek\/CVE-2020-0796-DoS", - "owner": { - "login": "cory-zajicek", - "id": 62479809, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62479809?v=4", - "html_url": "https:\/\/github.com\/cory-zajicek" - }, - "html_url": "https:\/\/github.com\/cory-zajicek\/CVE-2020-0796-DoS", - "description": "DoS PoC for CVE-2020-0796 (SMBGhost)", - "fork": false, - "created_at": "2020-03-21T18:17:10Z", - "updated_at": "2020-06-06T08:14:31Z", - "pushed_at": "2020-03-24T05:52:37Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 1, - "forks": 1, - "watchers": 1, - "score": 0 - }, - { - "id": 251207693, - "name": "cve-2020-0796-vuln", - "full_name": "tripledd\/cve-2020-0796-vuln", - "owner": { - "login": "tripledd", - "id": 25425306, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25425306?v=4", - "html_url": "https:\/\/github.com\/tripledd" - }, - "html_url": "https:\/\/github.com\/tripledd\/cve-2020-0796-vuln", - "description": null, - "fork": false, - "created_at": "2020-03-30T05:13:16Z", - "updated_at": "2020-03-30T05:14:12Z", - "pushed_at": "2020-03-30T05:14:10Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 251287681, "name": "CVE-2020-0796", @@ -919,29 +206,6 @@ "watchers": 213, "score": 0 }, - { - "id": 251510910, - "name": "CVE-2020-0796-LPE", - "full_name": "TinToSer\/CVE-2020-0796-LPE", - "owner": { - "login": "TinToSer", - "id": 52107530, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52107530?v=4", - "html_url": "https:\/\/github.com\/TinToSer" - }, - "html_url": "https:\/\/github.com\/TinToSer\/CVE-2020-0796-LPE", - "description": "SMBGHOST local privilege escalation", - "fork": false, - "created_at": "2020-03-31T05:41:30Z", - "updated_at": "2020-03-31T05:47:04Z", - "pushed_at": "2020-03-31T05:45:23Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 251582597, "name": "CVE-2020-0796-LPE-EXP", diff --git a/2020/CVE-2020-0797.json b/2020/CVE-2020-0797.json deleted file mode 100644 index d71f2e6a96..0000000000 --- a/2020/CVE-2020-0797.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 247988139, - "name": "CVE-2020-0797", - "full_name": "bonesg\/CVE-2020-0797", - "owner": { - "login": "bonesg", - "id": 48800752, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48800752?v=4", - "html_url": "https:\/\/github.com\/bonesg" - }, - "html_url": "https:\/\/github.com\/bonesg\/CVE-2020-0797", - "description": "Exploiter la vulnérabilité CVE-2020-0796, Remote Code Execution du protocole SMB 3.1.1 (SMBv3).", - "fork": false, - "created_at": "2020-03-17T14:16:54Z", - "updated_at": "2020-05-27T20:02:49Z", - "pushed_at": "2020-03-17T12:31:15Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-0799.json b/2020/CVE-2020-0799.json deleted file mode 100644 index e80ca90180..0000000000 --- a/2020/CVE-2020-0799.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 248334231, - "name": "CVE-2020-0799", - "full_name": "5l1v3r1\/CVE-2020-0799", - "owner": { - "login": "5l1v3r1", - "id": 34143537, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", - "html_url": "https:\/\/github.com\/5l1v3r1" - }, - "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-0799", - "description": null, - "fork": false, - "created_at": "2020-03-18T20:20:23Z", - "updated_at": "2021-01-26T12:54:03Z", - "pushed_at": "2020-03-12T17:50:19Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-0801.json b/2020/CVE-2020-0801.json deleted file mode 100644 index 11a54bd496..0000000000 --- a/2020/CVE-2020-0801.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 248334283, - "name": "CVE-2020-0801", - "full_name": "5l1v3r1\/CVE-2020-0801", - "owner": { - "login": "5l1v3r1", - "id": 34143537, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", - "html_url": "https:\/\/github.com\/5l1v3r1" - }, - "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-0801", - "description": null, - "fork": false, - "created_at": "2020-03-18T20:20:40Z", - "updated_at": "2020-09-04T04:40:40Z", - "pushed_at": "2020-03-12T14:45:49Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-10560.json b/2020/CVE-2020-10560.json deleted file mode 100644 index 951a17aa5b..0000000000 --- a/2020/CVE-2020-10560.json +++ /dev/null @@ -1,48 +0,0 @@ -[ - { - "id": 246300718, - "name": "CVE-2020-10560-Key-Recovery", - "full_name": "LucidUnicorn\/CVE-2020-10560-Key-Recovery", - "owner": { - "login": "LucidUnicorn", - "id": 25187197, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25187197?v=4", - "html_url": "https:\/\/github.com\/LucidUnicorn" - }, - "html_url": "https:\/\/github.com\/LucidUnicorn\/CVE-2020-10560-Key-Recovery", - "description": null, - "fork": false, - "created_at": "2020-03-10T12:55:06Z", - "updated_at": "2020-05-27T08:37:16Z", - "pushed_at": "2020-03-28T23:37:03Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 0, - "forks": 0, - "watchers": 3, - "score": 0 - }, - { - "id": 250903418, - "name": "CVE-2020-10560", - "full_name": "kevthehermit\/CVE-2020-10560", - "owner": { - "login": "kevthehermit", - "id": 2545096, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2545096?v=4", - "html_url": "https:\/\/github.com\/kevthehermit" - }, - "html_url": "https:\/\/github.com\/kevthehermit\/CVE-2020-10560", - "description": "CVE-2020-10560 OSSN Arbitrary File Read", - "fork": false, - "created_at": "2020-03-28T22:09:39Z", - "updated_at": "2020-06-29T16:40:27Z", - "pushed_at": "2020-03-28T22:48:39Z", - "stargazers_count": 6, - "watchers_count": 6, - "forks_count": 2, - "forks": 2, - "watchers": 6, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-10673.json b/2020/CVE-2020-10673.json index 0eca30dd66..b3ffe7f2d4 100644 --- a/2020/CVE-2020-10673.json +++ b/2020/CVE-2020-10673.json @@ -1,27 +1,4 @@ [ - { - "id": 249383499, - "name": "CVE-2020-10673", - "full_name": "0nise\/CVE-2020-10673", - "owner": { - "login": "0nise", - "id": 18393907, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18393907?v=4", - "html_url": "https:\/\/github.com\/0nise" - }, - "html_url": "https:\/\/github.com\/0nise\/CVE-2020-10673", - "description": "CVE-2020-10673", - "fork": false, - "created_at": "2020-03-23T09:10:54Z", - "updated_at": "2020-04-17T05:51:17Z", - "pushed_at": "2020-03-24T13:22:30Z", - "stargazers_count": 14, - "watchers_count": 14, - "forks_count": 4, - "forks": 4, - "watchers": 14, - "score": 0 - }, { "id": 265876544, "name": "CVE-2020-10673", diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 2c008cd770..bd710b726b 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -1,418 +1,4 @@ [ - { - "id": 241934230, - "name": "CVE-2020-1938", - "full_name": "0nise\/CVE-2020-1938", - "owner": { - "login": "0nise", - "id": 18393907, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18393907?v=4", - "html_url": "https:\/\/github.com\/0nise" - }, - "html_url": "https:\/\/github.com\/0nise\/CVE-2020-1938", - "description": "CVE-2020-1938", - "fork": false, - "created_at": "2020-02-20T16:32:52Z", - "updated_at": "2021-01-26T08:03:16Z", - "pushed_at": "2020-02-25T02:04:16Z", - "stargazers_count": 218, - "watchers_count": 218, - "forks_count": 95, - "forks": 95, - "watchers": 218, - "score": 0 - }, - { - "id": 241940286, - "name": "CVE-2020-1938", - "full_name": "xindongzhuaizhuai\/CVE-2020-1938", - "owner": { - "login": "xindongzhuaizhuai", - "id": 18646159, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18646159?v=4", - "html_url": "https:\/\/github.com\/xindongzhuaizhuai" - }, - "html_url": "https:\/\/github.com\/xindongzhuaizhuai\/CVE-2020-1938", - "description": null, - "fork": false, - "created_at": "2020-02-20T17:00:02Z", - "updated_at": "2020-09-10T02:40:29Z", - "pushed_at": "2020-03-02T20:25:35Z", - "stargazers_count": 33, - "watchers_count": 33, - "forks_count": 24, - "forks": 24, - "watchers": 33, - "score": 0 - }, - { - "id": 241953243, - "name": "CNVD-2020-10487-Tomcat-ajp-POC", - "full_name": "nibiwodong\/CNVD-2020-10487-Tomcat-ajp-POC", - "owner": { - "login": "nibiwodong", - "id": 17465789, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17465789?v=4", - "html_url": "https:\/\/github.com\/nibiwodong" - }, - "html_url": "https:\/\/github.com\/nibiwodong\/CNVD-2020-10487-Tomcat-ajp-POC", - "description": "CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc", - "fork": false, - "created_at": "2020-02-20T17:57:54Z", - "updated_at": "2021-01-11T01:02:16Z", - "pushed_at": "2020-02-23T17:06:06Z", - "stargazers_count": 73, - "watchers_count": 73, - "forks_count": 53, - "forks": 53, - "watchers": 73, - "score": 0 - }, - { - "id": 241988804, - "name": "CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", - "full_name": "bkfish\/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", - "owner": { - "login": "bkfish", - "id": 38547290, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38547290?v=4", - "html_url": "https:\/\/github.com\/bkfish" - }, - "html_url": "https:\/\/github.com\/bkfish\/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", - "description": "Cnvd-2020-10487 \/ cve-2020-1938, scanner tool", - "fork": false, - "created_at": "2020-02-20T21:00:15Z", - "updated_at": "2021-01-25T14:53:37Z", - "pushed_at": "2020-02-24T12:06:08Z", - "stargazers_count": 208, - "watchers_count": 208, - "forks_count": 91, - "forks": 91, - "watchers": 208, - "score": 0 - }, - { - "id": 242038197, - "name": "CVE-2020-1938", - "full_name": "laolisafe\/CVE-2020-1938", - "owner": { - "login": "laolisafe", - "id": 45027935, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45027935?v=4", - "html_url": "https:\/\/github.com\/laolisafe" - }, - "html_url": "https:\/\/github.com\/laolisafe\/CVE-2020-1938", - "description": "CVE-2020-1938漏洞复现", - "fork": false, - "created_at": "2020-02-21T02:36:37Z", - "updated_at": "2020-10-18T13:38:55Z", - "pushed_at": "2020-02-21T02:49:57Z", - "stargazers_count": 35, - "watchers_count": 35, - "forks_count": 10, - "forks": 10, - "watchers": 35, - "score": 0 - }, - { - "id": 242054816, - "name": "CVE-2020-1938", - "full_name": "DaemonShao\/CVE-2020-1938", - "owner": { - "login": "DaemonShao", - "id": 24861334, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24861334?v=4", - "html_url": "https:\/\/github.com\/DaemonShao" - }, - "html_url": "https:\/\/github.com\/DaemonShao\/CVE-2020-1938", - "description": null, - "fork": false, - "created_at": "2020-02-21T04:34:40Z", - "updated_at": "2020-09-02T07:29:40Z", - "pushed_at": "2020-02-21T04:40:38Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 0, - "forks": 0, - "watchers": 3, - "score": 0 - }, - { - "id": 242083141, - "name": "CVE-2020-1938-Tomact-file_include-file_read", - "full_name": "sv3nbeast\/CVE-2020-1938-Tomact-file_include-file_read", - "owner": { - "login": "sv3nbeast", - "id": 55974091, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", - "html_url": "https:\/\/github.com\/sv3nbeast" - }, - "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-1938-Tomact-file_include-file_read", - "description": "Tomcat的文件包含及文件读取漏洞利用POC", - "fork": false, - "created_at": "2020-02-21T07:48:50Z", - "updated_at": "2021-01-14T07:05:40Z", - "pushed_at": "2020-02-21T10:19:52Z", - "stargazers_count": 23, - "watchers_count": 23, - "forks_count": 13, - "forks": 13, - "watchers": 23, - "score": 0 - }, - { - "id": 242093081, - "name": "CVE-2020-1938", - "full_name": "fairyming\/CVE-2020-1938", - "owner": { - "login": "fairyming", - "id": 44915879, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", - "html_url": "https:\/\/github.com\/fairyming" - }, - "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-1938", - "description": "在一定条件下可执行命令", - "fork": false, - "created_at": "2020-02-21T08:42:50Z", - "updated_at": "2020-07-26T11:21:58Z", - "pushed_at": "2020-02-21T08:45:51Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 8, - "forks": 8, - "watchers": 5, - "score": 0 - }, - { - "id": 242107452, - "name": "CVE-2020-1938", - "full_name": "dacade\/CVE-2020-1938", - "owner": { - "login": "dacade", - "id": 31815137, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31815137?v=4", - "html_url": "https:\/\/github.com\/dacade" - }, - "html_url": "https:\/\/github.com\/dacade\/CVE-2020-1938", - "description": null, - "fork": false, - "created_at": "2020-02-21T09:56:19Z", - "updated_at": "2021-02-07T07:27:07Z", - "pushed_at": "2020-02-28T07:08:16Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 4, - "forks": 4, - "watchers": 3, - "score": 0 - }, - { - "id": 242163769, - "name": "CVE-2020-1938TomcatAjpScanner", - "full_name": "woaiqiukui\/CVE-2020-1938TomcatAjpScanner", - "owner": { - "login": "woaiqiukui", - "id": 49117752, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49117752?v=4", - "html_url": "https:\/\/github.com\/woaiqiukui" - }, - "html_url": "https:\/\/github.com\/woaiqiukui\/CVE-2020-1938TomcatAjpScanner", - "description": "批量扫描TomcatAJP漏洞", - "fork": false, - "created_at": "2020-02-21T14:55:40Z", - "updated_at": "2021-01-26T08:06:51Z", - "pushed_at": "2020-02-22T01:58:22Z", - "stargazers_count": 10, - "watchers_count": 10, - "forks_count": 2, - "forks": 2, - "watchers": 10, - "score": 0 - }, - { - "id": 242193832, - "name": "tomcat-cve-2020-1938-check", - "full_name": "fatal0\/tomcat-cve-2020-1938-check", - "owner": { - "login": "fatal0", - "id": 6017581, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6017581?v=4", - "html_url": "https:\/\/github.com\/fatal0" - }, - "html_url": "https:\/\/github.com\/fatal0\/tomcat-cve-2020-1938-check", - "description": null, - "fork": false, - "created_at": "2020-02-21T17:24:45Z", - "updated_at": "2020-03-16T07:38:08Z", - "pushed_at": "2020-02-25T08:55:09Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 2, - "forks": 2, - "watchers": 3, - "score": 0 - }, - { - "id": 242284250, - "name": "GhostCat-LFI-exp", - "full_name": "ze0r\/GhostCat-LFI-exp", - "owner": { - "login": "ze0r", - "id": 43227253, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4", - "html_url": "https:\/\/github.com\/ze0r" - }, - "html_url": "https:\/\/github.com\/ze0r\/GhostCat-LFI-exp", - "description": "CVE-2020-1938", - "fork": false, - "created_at": "2020-02-22T05:17:09Z", - "updated_at": "2020-12-23T12:17:04Z", - "pushed_at": "2020-02-22T05:23:53Z", - "stargazers_count": 10, - "watchers_count": 10, - "forks_count": 6, - "forks": 6, - "watchers": 10, - "score": 0 - }, - { - "id": 242345920, - "name": "CNVD-2020-10487-Bulk-verification", - "full_name": "delsadan\/CNVD-2020-10487-Bulk-verification", - "owner": { - "login": "delsadan", - "id": 22538623, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22538623?v=4", - "html_url": "https:\/\/github.com\/delsadan" - }, - "html_url": "https:\/\/github.com\/delsadan\/CNVD-2020-10487-Bulk-verification", - "description": "CNVD-2020-10487 OR CVE-2020-1938 批量验证脚本,批量验证,并自动截图,方便提交及复核", - "fork": false, - "created_at": "2020-02-22T13:25:57Z", - "updated_at": "2020-07-02T17:02:39Z", - "pushed_at": "2020-02-24T08:18:02Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 3, - "forks": 3, - "watchers": 2, - "score": 0 - }, - { - "id": 242371713, - "name": "Ghostcat-CNVD-2020-10487", - "full_name": "00theway\/Ghostcat-CNVD-2020-10487", - "owner": { - "login": "00theway", - "id": 25681235, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25681235?v=4", - "html_url": "https:\/\/github.com\/00theway" - }, - "html_url": "https:\/\/github.com\/00theway\/Ghostcat-CNVD-2020-10487", - "description": "Ghostcat read file\/code execute,CNVD-2020-10487(CVE-2020-1938) ", - "fork": false, - "created_at": "2020-02-22T16:16:20Z", - "updated_at": "2021-02-08T18:07:59Z", - "pushed_at": "2020-03-09T14:51:43Z", - "stargazers_count": 173, - "watchers_count": 173, - "forks_count": 65, - "forks": 65, - "watchers": 173, - "score": 0 - }, - { - "id": 243285368, - "name": "ghostcat-verification", - "full_name": "shaunmclernon\/ghostcat-verification", - "owner": { - "login": "shaunmclernon", - "id": 54109164, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54109164?v=4", - "html_url": "https:\/\/github.com\/shaunmclernon" - }, - "html_url": "https:\/\/github.com\/shaunmclernon\/ghostcat-verification", - "description": "Learnings on how to verify if vulnerable to Ghostcat (aka CVE-2020-1938)", - "fork": false, - "created_at": "2020-02-26T14:40:12Z", - "updated_at": "2020-09-02T07:29:28Z", - "pushed_at": "2020-02-26T15:33:58Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, - { - "id": 243545601, - "name": "Ghostcat-CVE-2020-1938", - "full_name": "Zaziki1337\/Ghostcat-CVE-2020-1938", - "owner": { - "login": "Zaziki1337", - "id": 3006203, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3006203?v=4", - "html_url": "https:\/\/github.com\/Zaziki1337" - }, - "html_url": "https:\/\/github.com\/Zaziki1337\/Ghostcat-CVE-2020-1938", - "description": "Test Explo for Ghostcat CVE-2020-1938", - "fork": false, - "created_at": "2020-02-27T15:07:30Z", - "updated_at": "2020-02-27T15:12:15Z", - "pushed_at": "2020-02-27T15:12:13Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 244069452, - "name": "CVE-2020-1938-Clean-Version", - "full_name": "w4fz5uck5\/CVE-2020-1938-Clean-Version", - "owner": { - "login": "w4fz5uck5", - "id": 32375656, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32375656?v=4", - "html_url": "https:\/\/github.com\/w4fz5uck5" - }, - "html_url": "https:\/\/github.com\/w4fz5uck5\/CVE-2020-1938-Clean-Version", - "description": "CVE-2020-1938(GhostCat) clean and readable code version", - "fork": false, - "created_at": "2020-03-01T01:45:23Z", - "updated_at": "2020-09-02T07:29:16Z", - "pushed_at": "2020-03-01T02:43:03Z", - "stargazers_count": 8, - "watchers_count": 8, - "forks_count": 4, - "forks": 4, - "watchers": 8, - "score": 0 - }, - { - "id": 248716444, - "name": "CVE-2020-1938-Tool", - "full_name": "Just1ceP4rtn3r\/CVE-2020-1938-Tool", - "owner": { - "login": "Just1ceP4rtn3r", - "id": 49367740, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49367740?v=4", - "html_url": "https:\/\/github.com\/Just1ceP4rtn3r" - }, - "html_url": "https:\/\/github.com\/Just1ceP4rtn3r\/CVE-2020-1938-Tool", - "description": "批量检测幽灵猫漏洞", - "fork": false, - "created_at": "2020-03-20T09:29:18Z", - "updated_at": "2020-09-18T05:13:11Z", - "pushed_at": "2020-03-20T09:37:54Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 1, - "forks": 1, - "watchers": 2, - "score": 0 - }, { "id": 250481242, "name": "CNVD-2020-10487", diff --git a/2020/CVE-2020-1947.json b/2020/CVE-2020-1947.json index aa7144e894..eea289607a 100644 --- a/2020/CVE-2020-1947.json +++ b/2020/CVE-2020-1947.json @@ -1,96 +1,4 @@ [ - { - "id": 246425449, - "name": "CVE-2020-1947", - "full_name": "5l1v3r1\/CVE-2020-1947", - "owner": { - "login": "5l1v3r1", - "id": 34143537, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", - "html_url": "https:\/\/github.com\/5l1v3r1" - }, - "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-1947", - "description": "CVE-2020-1947 poc", - "fork": false, - "created_at": "2020-03-10T22:55:43Z", - "updated_at": "2020-10-13T11:46:58Z", - "pushed_at": "2020-03-10T12:48:10Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 15, - "forks": 15, - "watchers": 0, - "score": 0 - }, - { - "id": 246463480, - "name": "CVE-2020-1947", - "full_name": "jas502n\/CVE-2020-1947", - "owner": { - "login": "jas502n", - "id": 16593068, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", - "html_url": "https:\/\/github.com\/jas502n" - }, - "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-1947", - "description": "Apache ShardingSphere UI YAML解析远程代码执行漏洞", - "fork": false, - "created_at": "2020-03-11T03:15:25Z", - "updated_at": "2020-12-14T07:23:46Z", - "pushed_at": "2020-03-11T03:54:34Z", - "stargazers_count": 31, - "watchers_count": 31, - "forks_count": 12, - "forks": 12, - "watchers": 31, - "score": 0 - }, - { - "id": 246566519, - "name": "CVE-2020-1947", - "full_name": "wsfengfan\/CVE-2020-1947", - "owner": { - "login": "wsfengfan", - "id": 33821840, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33821840?v=4", - "html_url": "https:\/\/github.com\/wsfengfan" - }, - "html_url": "https:\/\/github.com\/wsfengfan\/CVE-2020-1947", - "description": "CVE-2020-1947 Python POC", - "fork": false, - "created_at": "2020-03-11T12:35:56Z", - "updated_at": "2020-05-08T12:45:34Z", - "pushed_at": "2020-03-11T15:06:29Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 4, - "forks": 4, - "watchers": 5, - "score": 0 - }, - { - "id": 247037641, - "name": "ShardingSphere_CVE-2020-1947", - "full_name": "shadowsock5\/ShardingSphere_CVE-2020-1947", - "owner": { - "login": "shadowsock5", - "id": 30398606, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30398606?v=4", - "html_url": "https:\/\/github.com\/shadowsock5" - }, - "html_url": "https:\/\/github.com\/shadowsock5\/ShardingSphere_CVE-2020-1947", - "description": null, - "fork": false, - "created_at": "2020-03-13T09:47:33Z", - "updated_at": "2020-03-18T03:16:05Z", - "pushed_at": "2020-03-13T09:49:25Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, { "id": 267802055, "name": "CVE-2020-1947", diff --git a/2020/CVE-2020-2555.json b/2020/CVE-2020-2555.json index 4e98cb48f2..4125c2f1c2 100644 --- a/2020/CVE-2020-2555.json +++ b/2020/CVE-2020-2555.json @@ -1,27 +1,4 @@ [ - { - "id": 245452290, - "name": "CVE-2020-2555", - "full_name": "Hu3sky\/CVE-2020-2555", - "owner": { - "login": "Hu3sky", - "id": 37403964, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37403964?v=4", - "html_url": "https:\/\/github.com\/Hu3sky" - }, - "html_url": "https:\/\/github.com\/Hu3sky\/CVE-2020-2555", - "description": null, - "fork": false, - "created_at": "2020-03-06T15:20:17Z", - "updated_at": "2020-03-06T15:43:21Z", - "pushed_at": "2020-03-06T15:29:00Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, { "id": 245462192, "name": "CVE-2020-2555", @@ -68,52 +45,6 @@ "watchers": 28, "score": 0 }, - { - "id": 245688520, - "name": "CVE-2020-2555", - "full_name": "Y4er\/CVE-2020-2555", - "owner": { - "login": "Y4er", - "id": 40487319, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", - "html_url": "https:\/\/github.com\/Y4er" - }, - "html_url": "https:\/\/github.com\/Y4er\/CVE-2020-2555", - "description": "Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE", - "fork": false, - "created_at": "2020-03-07T18:58:09Z", - "updated_at": "2021-02-01T04:39:26Z", - "pushed_at": "2020-03-09T05:25:05Z", - "stargazers_count": 143, - "watchers_count": 143, - "forks_count": 47, - "forks": 47, - "watchers": 143, - "score": 0 - }, - { - "id": 246241949, - "name": "cve-2020-2555", - "full_name": "Maskhe\/cve-2020-2555", - "owner": { - "login": "Maskhe", - "id": 30264078, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30264078?v=4", - "html_url": "https:\/\/github.com\/Maskhe" - }, - "html_url": "https:\/\/github.com\/Maskhe\/cve-2020-2555", - "description": "CVE-2020-2555", - "fork": false, - "created_at": "2020-03-10T08:06:08Z", - "updated_at": "2021-01-28T03:07:11Z", - "pushed_at": "2020-03-10T08:15:45Z", - "stargazers_count": 10, - "watchers_count": 10, - "forks_count": 9, - "forks": 9, - "watchers": 10, - "score": 0 - }, { "id": 296616953, "name": "CVE-2020-2555", diff --git a/2020/CVE-2020-36109.json b/2020/CVE-2020-36109.json index f50ddc5afe..09b04cf92e 100644 --- a/2020/CVE-2020-36109.json +++ b/2020/CVE-2020-36109.json @@ -13,8 +13,8 @@ "description": "PoC DoS CVE-2020-36109", "fork": false, "created_at": "2021-02-13T16:03:36Z", - "updated_at": "2021-02-13T20:50:41Z", - "pushed_at": "2021-02-13T20:50:39Z", + "updated_at": "2021-02-13T21:42:35Z", + "pushed_at": "2021-02-13T21:42:33Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/2020/CVE-2020-3952.json b/2020/CVE-2020-3952.json index abd7d0e1d3..ac52c9d353 100644 --- a/2020/CVE-2020-3952.json +++ b/2020/CVE-2020-3952.json @@ -59,13 +59,13 @@ "description": "Exploit for CVE-2020-3952 in vCenter 6.7", "fork": false, "created_at": "2020-04-16T07:40:51Z", - "updated_at": "2021-02-02T09:09:34Z", + "updated_at": "2021-02-14T00:10:57Z", "pushed_at": "2020-04-16T08:38:42Z", - "stargazers_count": 229, - "watchers_count": 229, + "stargazers_count": 230, + "watchers_count": 230, "forks_count": 56, "forks": 56, - "watchers": 229, + "watchers": 230, "score": 0 }, { diff --git a/2020/CVE-2020-5250.json b/2020/CVE-2020-5250.json deleted file mode 100644 index 144bc99e9c..0000000000 --- a/2020/CVE-2020-5250.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 246657341, - "name": "lblfixer_cve2020_5250", - "full_name": "drkbcn\/lblfixer_cve2020_5250", - "owner": { - "login": "drkbcn", - "id": 2090227, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2090227?v=4", - "html_url": "https:\/\/github.com\/drkbcn" - }, - "html_url": "https:\/\/github.com\/drkbcn\/lblfixer_cve2020_5250", - "description": "Labelgrup Fixer for CVE-2020-5250 vulnerability", - "fork": false, - "created_at": "2020-03-11T19:04:14Z", - "updated_at": "2020-03-21T10:29:55Z", - "pushed_at": "2020-03-21T10:29:53Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5254.json b/2020/CVE-2020-5254.json deleted file mode 100644 index eba16b4048..0000000000 --- a/2020/CVE-2020-5254.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 246165139, - "name": "CVE-2020-5254", - "full_name": "dpmdpm2\/CVE-2020-5254", - "owner": { - "login": "dpmdpm2", - "id": 60997239, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60997239?v=4", - "html_url": "https:\/\/github.com\/dpmdpm2" - }, - "html_url": "https:\/\/github.com\/dpmdpm2\/CVE-2020-5254", - "description": null, - "fork": false, - "created_at": "2020-03-09T23:40:36Z", - "updated_at": "2020-04-09T15:13:37Z", - "pushed_at": "2020-03-09T23:42:00Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5267.json b/2020/CVE-2020-5267.json deleted file mode 100644 index cca9f8871f..0000000000 --- a/2020/CVE-2020-5267.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 249481499, - "name": "legacy-rails-CVE-2020-5267-patch", - "full_name": "GUI\/legacy-rails-CVE-2020-5267-patch", - "owner": { - "login": "GUI", - "id": 12112, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12112?v=4", - "html_url": "https:\/\/github.com\/GUI" - }, - "html_url": "https:\/\/github.com\/GUI\/legacy-rails-CVE-2020-5267-patch", - "description": "Patch CVE-2020-5267 for Rails 4 and Rails 3", - "fork": false, - "created_at": "2020-03-23T16:16:39Z", - "updated_at": "2020-03-23T17:50:41Z", - "pushed_at": "2020-03-23T17:50:39Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-6418.json b/2020/CVE-2020-6418.json index b5e4305e40..abdc7fc05b 100644 --- a/2020/CVE-2020-6418.json +++ b/2020/CVE-2020-6418.json @@ -1,27 +1,4 @@ [ - { - "id": 243467005, - "name": "CVE-2020-6418", - "full_name": "ChoKyuWon\/CVE-2020-6418", - "owner": { - "login": "ChoKyuWon", - "id": 11254910, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11254910?v=4", - "html_url": "https:\/\/github.com\/ChoKyuWon" - }, - "html_url": "https:\/\/github.com\/ChoKyuWon\/CVE-2020-6418", - "description": "PoC of CVE", - "fork": false, - "created_at": "2020-02-27T08:18:56Z", - "updated_at": "2020-12-22T07:51:17Z", - "pushed_at": "2020-03-08T05:53:47Z", - "stargazers_count": 22, - "watchers_count": 22, - "forks_count": 10, - "forks": 10, - "watchers": 22, - "score": 0 - }, { "id": 271962450, "name": "CVE-2020-6418-PoC", diff --git a/2020/CVE-2020-6650.json b/2020/CVE-2020-6650.json deleted file mode 100644 index 7575aa5ced..0000000000 --- a/2020/CVE-2020-6650.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 217626903, - "name": "Eaton-UPS-Companion-Exploit", - "full_name": "RavSS\/Eaton-UPS-Companion-Exploit", - "owner": { - "login": "RavSS", - "id": 31635233, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31635233?v=4", - "html_url": "https:\/\/github.com\/RavSS" - }, - "html_url": "https:\/\/github.com\/RavSS\/Eaton-UPS-Companion-Exploit", - "description": "This repository details CVE-2020-6650, a vulnerability I discovered within Eaton's UPS Companion. All users should upgrade to v1.06 immediately or else they risk remote administrator access to their system.", - "fork": false, - "created_at": "2019-10-25T23:06:20Z", - "updated_at": "2020-03-20T12:55:05Z", - "pushed_at": "2020-03-20T12:45:27Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-7246.json b/2020/CVE-2020-7246.json deleted file mode 100644 index 267d7e19db..0000000000 --- a/2020/CVE-2020-7246.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 243797206, - "name": "CVE-2020-7246", - "full_name": "lnxcrew\/CVE-2020-7246", - "owner": { - "login": "lnxcrew", - "id": 61081854, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61081854?v=4", - "html_url": "https:\/\/github.com\/lnxcrew" - }, - "html_url": "https:\/\/github.com\/lnxcrew\/CVE-2020-7246", - "description": "[qdPM < 9.1 - Remote Code Execution](https:\/\/www.exploit-db.com\/exploits\/48146)", - "fork": false, - "created_at": "2020-02-28T15:44:53Z", - "updated_at": "2020-02-28T15:46:20Z", - "pushed_at": "2020-02-28T15:46:19Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-7247.json b/2020/CVE-2020-7247.json index f81510caca..e9b6e555f0 100644 --- a/2020/CVE-2020-7247.json +++ b/2020/CVE-2020-7247.json @@ -1,27 +1,4 @@ [ - { - "id": 237289178, - "name": "cve-2020-7247-exploit", - "full_name": "FiroSolutions\/cve-2020-7247-exploit", - "owner": { - "login": "FiroSolutions", - "id": 43434507, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43434507?v=4", - "html_url": "https:\/\/github.com\/FiroSolutions" - }, - "html_url": "https:\/\/github.com\/FiroSolutions\/cve-2020-7247-exploit", - "description": "Python exploit of cve-2020-7247", - "fork": false, - "created_at": "2020-01-30T19:29:27Z", - "updated_at": "2021-02-07T16:45:48Z", - "pushed_at": "2020-02-19T10:55:15Z", - "stargazers_count": 24, - "watchers_count": 24, - "forks_count": 15, - "forks": 15, - "watchers": 24, - "score": 0 - }, { "id": 334951447, "name": "CVE-2020-7247", diff --git a/2020/CVE-2020-7471.json b/2020/CVE-2020-7471.json index a4724e7a50..63d66c45e8 100644 --- a/2020/CVE-2020-7471.json +++ b/2020/CVE-2020-7471.json @@ -22,29 +22,6 @@ "watchers": 0, "score": 0 }, - { - "id": 242260909, - "name": "CVE-2020-7471", - "full_name": "SNCKER\/CVE-2020-7471", - "owner": { - "login": "SNCKER", - "id": 49559334, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49559334?v=4", - "html_url": "https:\/\/github.com\/SNCKER" - }, - "html_url": "https:\/\/github.com\/SNCKER\/CVE-2020-7471", - "description": "CVE-2020-7471 Potential SQL injection via StringAgg(delimiter)", - "fork": false, - "created_at": "2020-02-22T01:32:40Z", - "updated_at": "2020-12-07T13:52:27Z", - "pushed_at": "2020-02-22T01:42:22Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, { "id": 289502738, "name": "cve-2020-7471-Time_Blind_SQLi-", diff --git a/2020/CVE-2020-7799.json b/2020/CVE-2020-7799.json deleted file mode 100644 index 551b46cc76..0000000000 --- a/2020/CVE-2020-7799.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 241617298, - "name": "CVE-2020-7799", - "full_name": "ianxtianxt\/CVE-2020-7799", - "owner": { - "login": "ianxtianxt", - "id": 45796484, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", - "html_url": "https:\/\/github.com\/ianxtianxt" - }, - "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2020-7799", - "description": null, - "fork": false, - "created_at": "2020-02-19T12:33:24Z", - "updated_at": "2020-07-03T03:51:28Z", - "pushed_at": "2020-02-19T12:33:57Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 2, - "forks": 2, - "watchers": 4, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-7931.json b/2020/CVE-2020-7931.json deleted file mode 100644 index 14d1b713f5..0000000000 --- a/2020/CVE-2020-7931.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 246585568, - "name": "CVE-2020-7931", - "full_name": "gquere\/CVE-2020-7931", - "owner": { - "login": "gquere", - "id": 1585000, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1585000?v=4", - "html_url": "https:\/\/github.com\/gquere" - }, - "html_url": "https:\/\/github.com\/gquere\/CVE-2020-7931", - "description": "Hacking Artifactory with server side template injection", - "fork": false, - "created_at": "2020-03-11T13:56:43Z", - "updated_at": "2021-01-22T02:06:59Z", - "pushed_at": "2020-03-12T06:55:39Z", - "stargazers_count": 40, - "watchers_count": 40, - "forks_count": 12, - "forks": 12, - "watchers": 40, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8012.json b/2020/CVE-2020-8012.json deleted file mode 100644 index bd64ebb9aa..0000000000 --- a/2020/CVE-2020-8012.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 89426502, - "name": "Exploit-Development", - "full_name": "wetw0rk\/Exploit-Development", - "owner": { - "login": "wetw0rk", - "id": 20763546, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20763546?v=4", - "html_url": "https:\/\/github.com\/wetw0rk" - }, - "html_url": "https:\/\/github.com\/wetw0rk\/Exploit-Development", - "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", - "fork": false, - "created_at": "2017-04-26T02:03:43Z", - "updated_at": "2021-01-27T00:03:57Z", - "pushed_at": "2020-02-29T21:27:15Z", - "stargazers_count": 51, - "watchers_count": 51, - "forks_count": 30, - "forks": 30, - "watchers": 51, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8165.json b/2020/CVE-2020-8165.json index 71e38af4d9..f1774f280f 100644 --- a/2020/CVE-2020-8165.json +++ b/2020/CVE-2020-8165.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-05-20T04:27:52Z", - "updated_at": "2021-02-09T17:41:30Z", + "updated_at": "2021-02-13T21:52:44Z", "pushed_at": "2020-11-02T00:58:32Z", - "stargazers_count": 32, - "watchers_count": 32, + "stargazers_count": 33, + "watchers_count": 33, "forks_count": 15, "forks": 15, - "watchers": 32, + "watchers": 33, "score": 0 }, { diff --git a/2020/CVE-2020-8515.json b/2020/CVE-2020-8515.json deleted file mode 100644 index c7cf88ad89..0000000000 --- a/2020/CVE-2020-8515.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 251192169, - "name": "CVE-2020-8515-PoC", - "full_name": "imjdl\/CVE-2020-8515-PoC", - "owner": { - "login": "imjdl", - "id": 31382943, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31382943?v=4", - "html_url": "https:\/\/github.com\/imjdl" - }, - "html_url": "https:\/\/github.com\/imjdl\/CVE-2020-8515-PoC", - "description": "CVE-2020-8515-PoC", - "fork": false, - "created_at": "2020-03-30T03:31:26Z", - "updated_at": "2020-12-27T14:45:17Z", - "pushed_at": "2020-03-30T03:33:37Z", - "stargazers_count": 13, - "watchers_count": 13, - "forks_count": 10, - "forks": 10, - "watchers": 13, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8597.json b/2020/CVE-2020-8597.json index 11198953a1..22886bd891 100644 --- a/2020/CVE-2020-8597.json +++ b/2020/CVE-2020-8597.json @@ -1,50 +1,4 @@ [ - { - "id": 242685090, - "name": "CVE-2020-8597", - "full_name": "marcinguy\/CVE-2020-8597", - "owner": { - "login": "marcinguy", - "id": 20355405, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20355405?v=4", - "html_url": "https:\/\/github.com\/marcinguy" - }, - "html_url": "https:\/\/github.com\/marcinguy\/CVE-2020-8597", - "description": "CVE-2020-8597", - "fork": false, - "created_at": "2020-02-24T08:37:50Z", - "updated_at": "2021-02-11T17:06:42Z", - "pushed_at": "2020-03-10T19:01:21Z", - "stargazers_count": 63, - "watchers_count": 63, - "forks_count": 24, - "forks": 24, - "watchers": 63, - "score": 0 - }, - { - "id": 245688871, - "name": "CVE-2020-8597", - "full_name": "WinMin\/CVE-2020-8597", - "owner": { - "login": "WinMin", - "id": 18380453, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18380453?v=4", - "html_url": "https:\/\/github.com\/WinMin" - }, - "html_url": "https:\/\/github.com\/WinMin\/CVE-2020-8597", - "description": "CVE-2020-8597 pppd buffer overflow poc", - "fork": false, - "created_at": "2020-03-07T19:00:46Z", - "updated_at": "2020-12-19T15:39:36Z", - "pushed_at": "2020-03-12T11:10:31Z", - "stargazers_count": 37, - "watchers_count": 37, - "forks_count": 5, - "forks": 5, - "watchers": 37, - "score": 0 - }, { "id": 263383108, "name": "Point-to-Point-Protocol-Daemon-RCE-Vulnerability-CVE-2020-8597-", diff --git a/2020/CVE-2020-8809.json b/2020/CVE-2020-8809.json deleted file mode 100644 index c82e5b2a5c..0000000000 --- a/2020/CVE-2020-8809.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 242745604, - "name": "gxdlmsdirector-cve", - "full_name": "seqred-s-a\/gxdlmsdirector-cve", - "owner": { - "login": "seqred-s-a", - "id": 49437606, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49437606?v=4", - "html_url": "https:\/\/github.com\/seqred-s-a" - }, - "html_url": "https:\/\/github.com\/seqred-s-a\/gxdlmsdirector-cve", - "description": "CVE-2020-8809 and CVE-2020-8810", - "fork": false, - "created_at": "2020-02-24T13:38:35Z", - "updated_at": "2020-02-24T14:09:07Z", - "pushed_at": "2020-02-24T14:09:05Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8813.json b/2020/CVE-2020-8813.json deleted file mode 100644 index b804c737ed..0000000000 --- a/2020/CVE-2020-8813.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 242373353, - "name": "CVE-2020-8813", - "full_name": "mhaskar\/CVE-2020-8813", - "owner": { - "login": "mhaskar", - "id": 6861215, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", - "html_url": "https:\/\/github.com\/mhaskar" - }, - "html_url": "https:\/\/github.com\/mhaskar\/CVE-2020-8813", - "description": "The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813", - "fork": false, - "created_at": "2020-02-22T16:27:41Z", - "updated_at": "2020-08-29T14:05:25Z", - "pushed_at": "2020-02-22T16:33:31Z", - "stargazers_count": 64, - "watchers_count": 64, - "forks_count": 18, - "forks": 18, - "watchers": 64, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8825.json b/2020/CVE-2020-8825.json deleted file mode 100644 index fcfbd15122..0000000000 --- a/2020/CVE-2020-8825.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 239451773, - "name": "CVE-2020-8825", - "full_name": "hacky1997\/CVE-2020-8825", - "owner": { - "login": "hacky1997", - "id": 35650583, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35650583?v=4", - "html_url": "https:\/\/github.com\/hacky1997" - }, - "html_url": "https:\/\/github.com\/hacky1997\/CVE-2020-8825", - "description": "VanillaForum 2.6.3 allows stored XSS.", - "fork": false, - "created_at": "2020-02-10T07:24:37Z", - "updated_at": "2020-02-24T13:31:37Z", - "pushed_at": "2020-03-09T14:06:25Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 3, - "forks": 3, - "watchers": 2, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8840.json b/2020/CVE-2020-8840.json index c3d1cf29e8..b151a8dd61 100644 --- a/2020/CVE-2020-8840.json +++ b/2020/CVE-2020-8840.json @@ -1,27 +1,4 @@ [ - { - "id": 242176659, - "name": "jackson-CVE-2020-8840", - "full_name": "jas502n\/jackson-CVE-2020-8840", - "owner": { - "login": "jas502n", - "id": 16593068, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", - "html_url": "https:\/\/github.com\/jas502n" - }, - "html_url": "https:\/\/github.com\/jas502n\/jackson-CVE-2020-8840", - "description": "FasterXML\/jackson-databind 远程代码执行漏洞", - "fork": false, - "created_at": "2020-02-21T15:58:25Z", - "updated_at": "2021-01-06T03:46:09Z", - "pushed_at": "2020-02-21T16:03:28Z", - "stargazers_count": 72, - "watchers_count": 72, - "forks_count": 16, - "forks": 16, - "watchers": 72, - "score": 0 - }, { "id": 242452403, "name": "FastJson1.2.62-RCE", @@ -45,52 +22,6 @@ "watchers": 11, "score": 0 }, - { - "id": 242675357, - "name": "CVE-2020-8840", - "full_name": "fairyming\/CVE-2020-8840", - "owner": { - "login": "fairyming", - "id": 44915879, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", - "html_url": "https:\/\/github.com\/fairyming" - }, - "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-8840", - "description": "CVE-2020-8840:FasterXML\/jackson-databind 远程代码执行漏洞", - "fork": false, - "created_at": "2020-02-24T07:43:12Z", - "updated_at": "2021-01-14T09:13:19Z", - "pushed_at": "2020-02-24T07:45:37Z", - "stargazers_count": 22, - "watchers_count": 22, - "forks_count": 8, - "forks": 8, - "watchers": 22, - "score": 0 - }, - { - "id": 242758333, - "name": "CVE-2020-8840", - "full_name": "0nise\/CVE-2020-8840", - "owner": { - "login": "0nise", - "id": 18393907, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18393907?v=4", - "html_url": "https:\/\/github.com\/0nise" - }, - "html_url": "https:\/\/github.com\/0nise\/CVE-2020-8840", - "description": "CVE-2020-8840", - "fork": false, - "created_at": "2020-02-24T14:32:24Z", - "updated_at": "2020-05-31T05:18:22Z", - "pushed_at": "2020-02-28T09:12:59Z", - "stargazers_count": 12, - "watchers_count": 12, - "forks_count": 1, - "forks": 1, - "watchers": 12, - "score": 0 - }, { "id": 269508362, "name": "CVE-2020-8840", diff --git a/2020/CVE-2020-9038.json b/2020/CVE-2020-9038.json deleted file mode 100644 index d475c729d0..0000000000 --- a/2020/CVE-2020-9038.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 243498604, - "name": "CVE-2020-9038", - "full_name": "JavierOlmedo\/CVE-2020-9038", - "owner": { - "login": "JavierOlmedo", - "id": 15904748, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15904748?v=4", - "html_url": "https:\/\/github.com\/JavierOlmedo" - }, - "html_url": "https:\/\/github.com\/JavierOlmedo\/CVE-2020-9038", - "description": "Disclosure report of CVE-2020-9038", - "fork": false, - "created_at": "2020-02-27T11:02:16Z", - "updated_at": "2020-05-14T13:42:12Z", - "pushed_at": "2020-02-27T11:38:30Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 0, - "forks": 0, - "watchers": 3, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-9375.json b/2020/CVE-2020-9375.json deleted file mode 100644 index 25e7bf35a1..0000000000 --- a/2020/CVE-2020-9375.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 250056587, - "name": "cve-2020-9375", - "full_name": "thewhiteh4t\/cve-2020-9375", - "owner": { - "login": "thewhiteh4t", - "id": 36354846, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36354846?v=4", - "html_url": "https:\/\/github.com\/thewhiteh4t" - }, - "html_url": "https:\/\/github.com\/thewhiteh4t\/cve-2020-9375", - "description": "TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.", - "fork": false, - "created_at": "2020-03-25T18:18:15Z", - "updated_at": "2020-11-27T12:39:10Z", - "pushed_at": "2020-03-29T20:32:16Z", - "stargazers_count": 11, - "watchers_count": 11, - "forks_count": 3, - "forks": 3, - "watchers": 11, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-9380.json b/2020/CVE-2020-9380.json deleted file mode 100644 index feb976c96b..0000000000 --- a/2020/CVE-2020-9380.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 241514668, - "name": "CVE-2020-9380", - "full_name": "migueltarga\/CVE-2020-9380", - "owner": { - "login": "migueltarga", - "id": 1177629, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1177629?v=4", - "html_url": "https:\/\/github.com\/migueltarga" - }, - "html_url": "https:\/\/github.com\/migueltarga\/CVE-2020-9380", - "description": "https:\/\/medium.com\/@anderson_pablo\/iptv-smarters-exploit-cve-2020-9380-22d4b21f5da7", - "fork": false, - "created_at": "2020-02-19T02:29:14Z", - "updated_at": "2020-09-05T12:32:37Z", - "pushed_at": "2020-03-12T02:25:31Z", - "stargazers_count": 12, - "watchers_count": 12, - "forks_count": 12, - "forks": 12, - "watchers": 12, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-9442.json b/2020/CVE-2020-9442.json deleted file mode 100644 index eb55eef576..0000000000 --- a/2020/CVE-2020-9442.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 243652977, - "name": "CVE-2020-9442", - "full_name": "hessandrew\/CVE-2020-9442", - "owner": { - "login": "hessandrew", - "id": 45692132, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", - "html_url": "https:\/\/github.com\/hessandrew" - }, - "html_url": "https:\/\/github.com\/hessandrew\/CVE-2020-9442", - "description": "OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation", - "fork": false, - "created_at": "2020-02-28T01:27:08Z", - "updated_at": "2020-08-23T22:22:47Z", - "pushed_at": "2020-02-28T02:22:03Z", - "stargazers_count": 25, - "watchers_count": 25, - "forks_count": 5, - "forks": 5, - "watchers": 25, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-9547.json b/2020/CVE-2020-9547.json deleted file mode 100644 index 9d04dfe5d9..0000000000 --- a/2020/CVE-2020-9547.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 244379753, - "name": "CVE-2020-9547", - "full_name": "fairyming\/CVE-2020-9547", - "owner": { - "login": "fairyming", - "id": 44915879, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", - "html_url": "https:\/\/github.com\/fairyming" - }, - "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-9547", - "description": "CVE-2020-9547:FasterXML\/jackson-databind 远程代码执行漏洞", - "fork": false, - "created_at": "2020-03-02T13:37:21Z", - "updated_at": "2020-12-13T17:16:07Z", - "pushed_at": "2020-03-02T14:18:24Z", - "stargazers_count": 18, - "watchers_count": 18, - "forks_count": 5, - "forks": 5, - "watchers": 18, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-9548.json b/2020/CVE-2020-9548.json deleted file mode 100644 index 2a88b15c39..0000000000 --- a/2020/CVE-2020-9548.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 244381163, - "name": "CVE-2020-9548", - "full_name": "fairyming\/CVE-2020-9548", - "owner": { - "login": "fairyming", - "id": 44915879, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", - "html_url": "https:\/\/github.com\/fairyming" - }, - "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-9548", - "description": "CVE-2020-9548:FasterXML\/jackson-databind 远程代码执行漏洞", - "fork": false, - "created_at": "2020-03-02T13:43:47Z", - "updated_at": "2021-01-12T23:06:26Z", - "pushed_at": "2020-03-02T14:18:48Z", - "stargazers_count": 19, - "watchers_count": 19, - "forks_count": 10, - "forks": 10, - "watchers": 19, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-9758.json b/2020/CVE-2020-9758.json deleted file mode 100644 index 94db6d07af..0000000000 --- a/2020/CVE-2020-9758.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 245618403, - "name": "CVE-2020-9758", - "full_name": "ari034\/CVE-2020-9758", - "owner": { - "login": "ari034", - "id": 61799666, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61799666?v=4", - "html_url": "https:\/\/github.com\/ari034" - }, - "html_url": "https:\/\/github.com\/ari034\/CVE-2020-9758", - "description": "Form submission for vulnerability in livezilla", - "fork": false, - "created_at": "2020-03-07T11:13:49Z", - "updated_at": "2020-03-10T10:02:13Z", - "pushed_at": "2020-03-07T11:19:22Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-9768.json b/2020/CVE-2020-9768.json deleted file mode 100644 index 2d4d2d5a6d..0000000000 --- a/2020/CVE-2020-9768.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 298576538, - "name": "CVE-2020-9768", - "full_name": "XorgX304\/CVE-2020-9768", - "owner": { - "login": "XorgX304", - "id": 46254011, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46254011?v=4", - "html_url": "https:\/\/github.com\/XorgX304" - }, - "html_url": "https:\/\/github.com\/XorgX304\/CVE-2020-9768", - "description": "AppleJPEGDriverUserClient : mach port use-after-free\/type-confusion via race condition", - "fork": false, - "created_at": "2020-09-25T13:12:04Z", - "updated_at": "2021-02-09T09:03:25Z", - "pushed_at": "2020-03-26T22:29:53Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-9781.json b/2020/CVE-2020-9781.json deleted file mode 100644 index 3880130566..0000000000 --- a/2020/CVE-2020-9781.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 249063832, - "name": "Safari-Video-Permission-Spoof-CVE-2020-9781", - "full_name": "c0d3G33k\/Safari-Video-Permission-Spoof-CVE-2020-9781", - "owner": { - "login": "c0d3G33k", - "id": 16446505, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16446505?v=4", - "html_url": "https:\/\/github.com\/c0d3G33k" - }, - "html_url": "https:\/\/github.com\/c0d3G33k\/Safari-Video-Permission-Spoof-CVE-2020-9781", - "description": null, - "fork": false, - "created_at": "2020-03-21T21:26:50Z", - "updated_at": "2020-05-18T10:43:45Z", - "pushed_at": "2020-03-25T05:54:31Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2021/CVE-2021-26121.json b/2021/CVE-2021-26121.json index 4523be1228..bb444bb7d7 100644 --- a/2021/CVE-2021-26121.json +++ b/2021/CVE-2021-26121.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2021-02-12T18:53:37Z", - "updated_at": "2021-02-13T11:44:37Z", + "updated_at": "2021-02-14T02:34:10Z", "pushed_at": "2021-02-13T16:04:17Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "forks_count": 1, "forks": 1, - "watchers": 2, + "watchers": 3, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index 0aea2ffe19..9c990d5a74 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -703,13 +703,13 @@ "description": "CVE-2021-3156漏洞复现", "fork": false, "created_at": "2021-02-07T11:09:51Z", - "updated_at": "2021-02-07T11:10:05Z", + "updated_at": "2021-02-13T21:29:26Z", "pushed_at": "2021-02-07T11:10:01Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "forks_count": 0, "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 }, { @@ -795,13 +795,13 @@ "description": "CVE-2021-3156非交互式执行命令", "fork": false, "created_at": "2021-02-09T19:25:18Z", - "updated_at": "2021-02-13T15:13:29Z", + "updated_at": "2021-02-14T02:43:41Z", "pushed_at": "2021-02-09T19:31:33Z", - "stargazers_count": 88, - "watchers_count": 88, + "stargazers_count": 89, + "watchers_count": 89, "forks_count": 9, "forks": 9, - "watchers": 88, + "watchers": 89, "score": 0 }, { diff --git a/README.md b/README.md index d55a524805..40c42ea46b 100644 --- a/README.md +++ b/README.md @@ -266,9 +266,6 @@ In the ioctl handlers of the Mediatek Command Queue driver, there is a possible - [R0rt1z2/AutomatedRoot](https://github.com/R0rt1z2/AutomatedRoot) -- [TheRealJunior/mtk-su-reverse-cve-2020-0069](https://github.com/TheRealJunior/mtk-su-reverse-cve-2020-0069) -- [yanglingxi1993/CVE-2020-0069](https://github.com/yanglingxi1993/CVE-2020-0069) -- [quarkslab/CVE-2020-0069_poc](https://github.com/quarkslab/CVE-2020-0069_poc) ### CVE-2020-0096 (2020-05-14) @@ -312,14 +309,6 @@ In updateUidProcState of AppOpsService.java, there is a possible permission bypa - [mooneee/CVE-2020-0121](https://github.com/mooneee/CVE-2020-0121) -### CVE-2020-0551 (2020-03-12) - - -Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html - - -- [bitdefender/lvi-lfb-attack-poc](https://github.com/bitdefender/lvi-lfb-attack-poc) - ### CVE-2020-0557 (2020-04-15) @@ -342,13 +331,7 @@ Race condition in the Intel(R) Driver and Support Assistant before version 20.1. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. -- [kudelskisecurity/chainoffools](https://github.com/kudelskisecurity/chainoffools) -- [saleemrashid/badecparams](https://github.com/saleemrashid/badecparams) - [eastmountyxz/CVE-2018-20250-WinRAR](https://github.com/eastmountyxz/CVE-2018-20250-WinRAR) -- [gremwell/cve-2020-0601_poc](https://github.com/gremwell/cve-2020-0601_poc) -- [bsides-rijeka/meetup-2-curveball](https://github.com/bsides-rijeka/meetup-2-curveball) -- [exploitblizzard/CVE-2020-0601-spoofkey](https://github.com/exploitblizzard/CVE-2020-0601-spoofkey) -- [ShayNehmad/twoplustwo](https://github.com/ShayNehmad/twoplustwo) ### CVE-2020-0609 (2020-01-14) @@ -358,14 +341,6 @@ A remote code execution vulnerability exists in Windows Remote Desktop Gateway ( - [2d4d/rdg_scanner_cve-2020-0609](https://github.com/2d4d/rdg_scanner_cve-2020-0609) -### CVE-2020-0618 (2020-02-11) - - -A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. - - -- [wortell/cve-2020-0618](https://github.com/wortell/cve-2020-0618) - ### CVE-2020-0624 (2020-01-14) @@ -380,8 +355,6 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672. -- [itm4n/SysTracingPoc](https://github.com/itm4n/SysTracingPoc) -- [RedCursorSecurityConsulting/CVE-2020-0668](https://github.com/RedCursorSecurityConsulting/CVE-2020-0668) - [Nan3r/CVE-2020-0668](https://github.com/Nan3r/CVE-2020-0668) ### CVE-2020-0674 (2020-02-11) @@ -399,17 +372,9 @@ A remote code execution vulnerability exists in the way that the scripting engin A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. -- [random-robbie/cve-2020-0688](https://github.com/random-robbie/cve-2020-0688) -- [Jumbo-WJB/CVE-2020-0688](https://github.com/Jumbo-WJB/CVE-2020-0688) - [Ridter/cve-2020-0688](https://github.com/Ridter/cve-2020-0688) -- [Yt1g3r/CVE-2020-0688_EXP](https://github.com/Yt1g3r/CVE-2020-0688_EXP) - [righter83/CVE-2020-0688](https://github.com/righter83/CVE-2020-0688) -- [truongtn/cve-2020-0688](https://github.com/truongtn/cve-2020-0688) - [onSec-fr/CVE-2020-0688-Scanner](https://github.com/onSec-fr/CVE-2020-0688-Scanner) -- [youncyb/CVE-2020-0688](https://github.com/youncyb/CVE-2020-0688) -- [zcgonvh/CVE-2020-0688](https://github.com/zcgonvh/CVE-2020-0688) -- [justin-p/PSForgot2kEyXCHANGE](https://github.com/justin-p/PSForgot2kEyXCHANGE) -- [cert-lv/CVE-2020-0688](https://github.com/cert-lv/CVE-2020-0688) - [ravinacademy/CVE-2020-0688](https://github.com/ravinacademy/CVE-2020-0688) - [ktpdpro/CVE-2020-0688](https://github.com/ktpdpro/CVE-2020-0688) - [w4fz5uck5/cve-2020-0688-webshell-upload-technique](https://github.com/w4fz5uck5/cve-2020-0688-webshell-upload-technique) @@ -433,7 +398,6 @@ An elevation of privilege vulnerability exists in Windows Error Reporting (WER) - [afang5472/CVE-2020-0753-and-CVE-2020-0754](https://github.com/afang5472/CVE-2020-0753-and-CVE-2020-0754) -- [VikasVarshney/CVE-2020-0753-and-CVE-2020-0754](https://github.com/VikasVarshney/CVE-2020-0753-and-CVE-2020-0754) ### CVE-2020-0787 (2020-03-12) @@ -453,45 +417,13 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - [k8gege/PyLadon](https://github.com/k8gege/PyLadon) - [Aekras1a/CVE-2020-0796-PoC](https://github.com/Aekras1a/CVE-2020-0796-PoC) -- [technion/DisableSMBCompression](https://github.com/technion/DisableSMBCompression) - [T13nn3s/CVE-2020-0796](https://github.com/T13nn3s/CVE-2020-0796) - [ollypwn/SMBGhost](https://github.com/ollypwn/SMBGhost) -- [joaozietolie/CVE-2020-0796-Checker](https://github.com/joaozietolie/CVE-2020-0796-Checker) -- [ButrintKomoni/cve-2020-0796](https://github.com/ButrintKomoni/cve-2020-0796) -- [dickens88/cve-2020-0796-scanner](https://github.com/dickens88/cve-2020-0796-scanner) -- [kn6869610/CVE-2020-0796](https://github.com/kn6869610/CVE-2020-0796) -- [awareseven/eternalghosttest](https://github.com/awareseven/eternalghosttest) -- [weidutech/CVE-2020-0796-PoC](https://github.com/weidutech/CVE-2020-0796-PoC) -- [xax007/CVE-2020-0796-Scanner](https://github.com/xax007/CVE-2020-0796-Scanner) -- [Dhoomralochana/Scanners-for-CVE-2020-0796-Testing](https://github.com/Dhoomralochana/Scanners-for-CVE-2020-0796-Testing) -- [UraSecTeam/smbee](https://github.com/UraSecTeam/smbee) -- [netscylla/SMBGhost](https://github.com/netscylla/SMBGhost) -- [eerykitty/CVE-2020-0796-PoC](https://github.com/eerykitty/CVE-2020-0796-PoC) -- [wneessen/SMBCompScan](https://github.com/wneessen/SMBCompScan) -- [ioncodes/SMBGhost](https://github.com/ioncodes/SMBGhost) -- [laolisafe/CVE-2020-0796](https://github.com/laolisafe/CVE-2020-0796) - [gabimarti/SMBScanner](https://github.com/gabimarti/SMBScanner) -- [Almorabea/SMBGhost-WorkaroundApplier](https://github.com/Almorabea/SMBGhost-WorkaroundApplier) -- [IAreKyleW00t/SMBGhosts](https://github.com/IAreKyleW00t/SMBGhosts) -- [vysecurity/CVE-2020-0796](https://github.com/vysecurity/CVE-2020-0796) -- [marcinguy/CVE-2020-0796](https://github.com/marcinguy/CVE-2020-0796) -- [plorinquer/cve-2020-0796](https://github.com/plorinquer/cve-2020-0796) -- [BinaryShadow94/SMBv3.1.1-scan---CVE-2020-0796](https://github.com/BinaryShadow94/SMBv3.1.1-scan---CVE-2020-0796) - [w1ld3r/SMBGhost_Scanner](https://github.com/w1ld3r/SMBGhost_Scanner) -- [wsfengfan/CVE-2020-0796](https://github.com/wsfengfan/CVE-2020-0796) -- [GuoKerS/aioScan_CVE-2020-0796](https://github.com/GuoKerS/aioScan_CVE-2020-0796) -- [jiansiting/CVE-2020-0796-Scanner](https://github.com/jiansiting/CVE-2020-0796-Scanner) -- [maxpl0it/Unauthenticated-CVE-2020-0796-PoC](https://github.com/maxpl0it/Unauthenticated-CVE-2020-0796-PoC) - [ran-sama/CVE-2020-0796](https://github.com/ran-sama/CVE-2020-0796) -- [sujitawake/smbghost](https://github.com/sujitawake/smbghost) -- [julixsalas/CVE-2020-0796](https://github.com/julixsalas/CVE-2020-0796) -- [5l1v3r1/SMBGhost_Crash_Poc](https://github.com/5l1v3r1/SMBGhost_Crash_Poc) -- [5l1v3r1/CVE-2020-0796-PoC-and-Scan](https://github.com/5l1v3r1/CVE-2020-0796-PoC-and-Scan) -- [cory-zajicek/CVE-2020-0796-DoS](https://github.com/cory-zajicek/CVE-2020-0796-DoS) -- [tripledd/cve-2020-0796-vuln](https://github.com/tripledd/cve-2020-0796-vuln) - [danigargu/CVE-2020-0796](https://github.com/danigargu/CVE-2020-0796) - [ZecOps/CVE-2020-0796-LPE-POC](https://github.com/ZecOps/CVE-2020-0796-LPE-POC) -- [TinToSer/CVE-2020-0796-LPE](https://github.com/TinToSer/CVE-2020-0796-LPE) - [f1tz/CVE-2020-0796-LPE-EXP](https://github.com/f1tz/CVE-2020-0796-LPE-EXP) - [tango-j/CVE-2020-0796](https://github.com/tango-j/CVE-2020-0796) - [jiansiting/CVE-2020-0796](https://github.com/jiansiting/CVE-2020-0796) @@ -520,30 +452,6 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - [MasterSploit/LPE---CVE-2020-0796](https://github.com/MasterSploit/LPE---CVE-2020-0796) - [alexa872/CVE-2020-0796](https://github.com/alexa872/CVE-2020-0796) -### CVE-2020-0797 (2020-03-12) - - -An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897. - - -- [bonesg/CVE-2020-0797](https://github.com/bonesg/CVE-2020-0797) - -### CVE-2020-0799 (2020-03-12) - - -An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka 'Windows Kernel Elevation of Privilege Vulnerability'. - - -- [5l1v3r1/CVE-2020-0799](https://github.com/5l1v3r1/CVE-2020-0799) - -### CVE-2020-0801 (2020-03-12) - - -A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0807, CVE-2020-0809, CVE-2020-0869. - - -- [5l1v3r1/CVE-2020-0801](https://github.com/5l1v3r1/CVE-2020-0801) - ### CVE-2020-0890 (2020-09-11) @@ -791,24 +699,6 @@ Kylin has some restful apis which will concatenate SQLs with the user input stri When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations. -- [0nise/CVE-2020-1938](https://github.com/0nise/CVE-2020-1938) -- [xindongzhuaizhuai/CVE-2020-1938](https://github.com/xindongzhuaizhuai/CVE-2020-1938) -- [nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC](https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC) -- [bkfish/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner](https://github.com/bkfish/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner) -- [laolisafe/CVE-2020-1938](https://github.com/laolisafe/CVE-2020-1938) -- [DaemonShao/CVE-2020-1938](https://github.com/DaemonShao/CVE-2020-1938) -- [sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read](https://github.com/sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read) -- [fairyming/CVE-2020-1938](https://github.com/fairyming/CVE-2020-1938) -- [dacade/CVE-2020-1938](https://github.com/dacade/CVE-2020-1938) -- [woaiqiukui/CVE-2020-1938TomcatAjpScanner](https://github.com/woaiqiukui/CVE-2020-1938TomcatAjpScanner) -- [fatal0/tomcat-cve-2020-1938-check](https://github.com/fatal0/tomcat-cve-2020-1938-check) -- [ze0r/GhostCat-LFI-exp](https://github.com/ze0r/GhostCat-LFI-exp) -- [delsadan/CNVD-2020-10487-Bulk-verification](https://github.com/delsadan/CNVD-2020-10487-Bulk-verification) -- [00theway/Ghostcat-CNVD-2020-10487](https://github.com/00theway/Ghostcat-CNVD-2020-10487) -- [shaunmclernon/ghostcat-verification](https://github.com/shaunmclernon/ghostcat-verification) -- [Zaziki1337/Ghostcat-CVE-2020-1938](https://github.com/Zaziki1337/Ghostcat-CVE-2020-1938) -- [w4fz5uck5/CVE-2020-1938-Clean-Version](https://github.com/w4fz5uck5/CVE-2020-1938-Clean-Version) -- [Just1ceP4rtn3r/CVE-2020-1938-Tool](https://github.com/Just1ceP4rtn3r/CVE-2020-1938-Tool) - [ZhengHaoCHeng/CNVD-2020-10487](https://github.com/ZhengHaoCHeng/CNVD-2020-10487) - [I-Runtime-Error/CVE-2020-1938](https://github.com/I-Runtime-Error/CVE-2020-1938) - [Umesh2807/Ghostcat](https://github.com/Umesh2807/Ghostcat) @@ -822,10 +712,6 @@ When using the Apache JServ Protocol (AJP), care must be taken when trusting inc In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal data to a Java type By using the YAML tag. Unmarshalling untrusted data can lead to security flaws of RCE. -- [5l1v3r1/CVE-2020-1947](https://github.com/5l1v3r1/CVE-2020-1947) -- [jas502n/CVE-2020-1947](https://github.com/jas502n/CVE-2020-1947) -- [wsfengfan/CVE-2020-1947](https://github.com/wsfengfan/CVE-2020-1947) -- [shadowsock5/ShardingSphere_CVE-2020-1947](https://github.com/shadowsock5/ShardingSphere_CVE-2020-1947) - [HexChristmas/CVE-2020-1947](https://github.com/HexChristmas/CVE-2020-1947) ### CVE-2020-1948 (2020-07-14) @@ -902,11 +788,8 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). -- [Hu3sky/CVE-2020-2555](https://github.com/Hu3sky/CVE-2020-2555) - [wsfengfan/CVE-2020-2555](https://github.com/wsfengfan/CVE-2020-2555) - [0nise/CVE-2020-2555](https://github.com/0nise/CVE-2020-2555) -- [Y4er/CVE-2020-2555](https://github.com/Y4er/CVE-2020-2555) -- [Maskhe/cve-2020-2555](https://github.com/Maskhe/cve-2020-2555) - [Uvemode/CVE-2020-2555](https://github.com/Uvemode/CVE-2020-2555) ### CVE-2020-2883 (2020-04-15) @@ -1058,22 +941,6 @@ GLPI before before version 9.4.6 has a vulnerability involving a default encrypt - [indevi0us/CVE-2020-5248](https://github.com/indevi0us/CVE-2020-5248) -### CVE-2020-5250 (2020-03-05) - - -In PrestaShop before version 1.7.6.4, when a customer edits their address, they can freely change the id_address in the form, and thus steal someone else's address. It is the same with CustomerForm, you are able to change the id_customer and change all information of all accounts. The problem is patched in version 1.7.6.4. - - -- [drkbcn/lblfixer_cve2020_5250](https://github.com/drkbcn/lblfixer_cve2020_5250) - -### CVE-2020-5254 (2020-03-10) - - -In NetHack before 3.6.6, some out-of-bound values for the hilite_status option can be exploited. NetHack 3.6.6 resolves this issue. - - -- [dpmdpm2/CVE-2020-5254](https://github.com/dpmdpm2/CVE-2020-5254) - ### CVE-2020-5260 (2020-04-14) @@ -1084,14 +951,6 @@ Affected versions of Git have a vulnerability whereby Git can be tricked into se - [Asgavar/CVE-2020-5260](https://github.com/Asgavar/CVE-2020-5260) - [sv3nbeast/CVE-2020-5260](https://github.com/sv3nbeast/CVE-2020-5260) -### CVE-2020-5267 (2020-03-19) - - -In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2. - - -- [GUI/legacy-rails-CVE-2020-5267-patch](https://github.com/GUI/legacy-rails-CVE-2020-5267-patch) - ### CVE-2020-5410 (2020-06-02) @@ -1236,7 +1095,6 @@ SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410 Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. -- [ChoKyuWon/CVE-2020-6418](https://github.com/ChoKyuWon/CVE-2020-6418) - [Goyotan/CVE-2020-6418-PoC](https://github.com/Goyotan/CVE-2020-6418-PoC) ### CVE-2020-6468 (2020-05-20) @@ -1263,14 +1121,6 @@ Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote att - [PerimeterX/CVE-2020-6519](https://github.com/PerimeterX/CVE-2020-6519) -### CVE-2020-6650 (2020-03-23) - - -UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates available. This results in arbitrary code execution on the machine where software is installed. - - -- [RavSS/Eaton-UPS-Companion-Exploit](https://github.com/RavSS/Eaton-UPS-Companion-Exploit) - ### CVE-2020-6861 (2020-05-06) @@ -1306,21 +1156,12 @@ LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is re - [cwinfosec/CVE-2020-7209](https://github.com/cwinfosec/CVE-2020-7209) -### CVE-2020-7246 (2020-01-21) - - -A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884. - - -- [lnxcrew/CVE-2020-7246](https://github.com/lnxcrew/CVE-2020-7246) - ### CVE-2020-7247 (2020-01-29) smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation. -- [FiroSolutions/cve-2020-7247-exploit](https://github.com/FiroSolutions/cve-2020-7247-exploit) - [jopraveen/CVE-2020-7247](https://github.com/jopraveen/CVE-2020-7247) - [QTranspose/CVE-2020-7247-exploit](https://github.com/QTranspose/CVE-2020-7247-exploit) @@ -1347,7 +1188,6 @@ Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL I - [secoba/DjVul_StringAgg](https://github.com/secoba/DjVul_StringAgg) -- [SNCKER/CVE-2020-7471](https://github.com/SNCKER/CVE-2020-7471) - [victomteng1997/cve-2020-7471-Time_Blind_SQLi-](https://github.com/victomteng1997/cve-2020-7471-Time_Blind_SQLi-) ### CVE-2020-7473 (2020-05-07) @@ -1374,25 +1214,9 @@ Incorrect handling of Upgrade header with the value websocket leads in crashing - [andsnw/sockjs-dos-py](https://github.com/andsnw/sockjs-dos-py) -### CVE-2020-7799 (2020-01-28) - - -An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -> Settings -> Email Templates) or themes (Home -> Settings -> Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates. - - -- [ianxtianxt/CVE-2020-7799](https://github.com/ianxtianxt/CVE-2020-7799) - ### CVE-2020-7897 - [mooneee/cve-2020-7897](https://github.com/mooneee/cve-2020-7897) -### CVE-2020-7931 (2020-01-23) - - -In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certain Java functions accessible to a template. - - -- [gquere/CVE-2020-7931](https://github.com/gquere/CVE-2020-7931) - ### CVE-2020-7934 (2020-01-28) @@ -1423,14 +1247,6 @@ STMicroelectronics STM32F1 devices have Incorrect Access Control. - [wuxx/CVE-2020-8004](https://github.com/wuxx/CVE-2020-8004) -### CVE-2020-8012 (2020-02-17) - - -CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code. - - -- [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development) - ### CVE-2020-8103 (2020-06-05) @@ -1556,14 +1372,6 @@ The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparse - [guywhataguy/uTorrent-CVE-2020-8437](https://github.com/guywhataguy/uTorrent-CVE-2020-8437) -### CVE-2020-8515 (2020-02-01) - - -DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1. - - -- [imjdl/CVE-2020-8515-PoC](https://github.com/imjdl/CVE-2020-8515-PoC) - ### CVE-2020-8554 (2021-01-21) @@ -1600,8 +1408,6 @@ The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.1 eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. -- [marcinguy/CVE-2020-8597](https://github.com/marcinguy/CVE-2020-8597) -- [WinMin/CVE-2020-8597](https://github.com/WinMin/CVE-2020-8597) - [Dilan-Diaz/Point-to-Point-Protocol-Daemon-RCE-Vulnerability-CVE-2020-8597-](https://github.com/Dilan-Diaz/Point-to-Point-Protocol-Daemon-RCE-Vulnerability-CVE-2020-8597-) - [lakwsh/CVE-2020-8597](https://github.com/lakwsh/CVE-2020-8597) @@ -1622,22 +1428,6 @@ Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions o - [Al1ex/CVE-2020-8635](https://github.com/Al1ex/CVE-2020-8635) -### CVE-2020-8809 (2020-02-25) - - -Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker can modify the contents of downloaded files. In the case of add-ins (if the user is using those), this will lead to code execution. In case of OBIS codes (which the user is always using as they are needed to communicate with the energy meters), this can lead to code execution when combined with CVE-2020-8810. - - -- [seqred-s-a/gxdlmsdirector-cve](https://github.com/seqred-s-a/gxdlmsdirector-cve) - -### CVE-2020-8813 (2020-02-21) - - -graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. - - -- [mhaskar/CVE-2020-8813](https://github.com/mhaskar/CVE-2020-8813) - ### CVE-2020-8816 (2020-05-29) @@ -1649,14 +1439,6 @@ Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged das - [cybervaca/CVE-2020-8816](https://github.com/cybervaca/CVE-2020-8816) - [team0se7en/CVE-2020-8816](https://github.com/team0se7en/CVE-2020-8816) -### CVE-2020-8825 (2020-02-10) - - -index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS. - - -- [hacky1997/CVE-2020-8825](https://github.com/hacky1997/CVE-2020-8825) - ### CVE-2020-8835 (2020-04-02) @@ -1674,10 +1456,7 @@ In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) di FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. -- [jas502n/jackson-CVE-2020-8840](https://github.com/jas502n/jackson-CVE-2020-8840) - [Wfzsec/FastJson1.2.62-RCE](https://github.com/Wfzsec/FastJson1.2.62-RCE) -- [fairyming/CVE-2020-8840](https://github.com/fairyming/CVE-2020-8840) -- [0nise/CVE-2020-8840](https://github.com/0nise/CVE-2020-8840) - [Blyth0He/CVE-2020-8840](https://github.com/Blyth0He/CVE-2020-8840) - [Veraxy00/CVE-2020-8840](https://github.com/Veraxy00/CVE-2020-8840) - [dpredrag/CVE-2020-8840](https://github.com/dpredrag/CVE-2020-8840) @@ -1717,14 +1496,6 @@ Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v - [kyletimmermans/blackboard-xss](https://github.com/kyletimmermans/blackboard-xss) -### CVE-2020-9038 (2020-02-17) - - -Joplin through 1.0.184 allows Arbitrary File Read via XSS. - - -- [JavierOlmedo/CVE-2020-9038](https://github.com/JavierOlmedo/CVE-2020-9038) - ### CVE-2020-9047 (2020-06-26) @@ -1757,14 +1528,6 @@ ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19 allows pri - [Sentinel-One/CVE-2020-9332](https://github.com/Sentinel-One/CVE-2020-9332) -### CVE-2020-9375 (2020-03-25) - - -TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field. - - -- [thewhiteh4t/cve-2020-9375](https://github.com/thewhiteh4t/cve-2020-9375) - ### CVE-2020-9376 (2020-07-09) @@ -1773,22 +1536,6 @@ TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attac - [renatoalencar/dlink-dir610-exploits](https://github.com/renatoalencar/dlink-dir610-exploits) -### CVE-2020-9380 (2020-03-05) - - -IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading a script. - - -- [migueltarga/CVE-2020-9380](https://github.com/migueltarga/CVE-2020-9380) - -### CVE-2020-9442 (2020-02-28) - - -OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. - - -- [hessandrew/CVE-2020-9442](https://github.com/hessandrew/CVE-2020-9442) - ### CVE-2020-9460 (2020-04-14) @@ -1856,30 +1603,6 @@ XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scriptin - [dwisiswant0/CVE-2020-9496](https://github.com/dwisiswant0/CVE-2020-9496) -### CVE-2020-9547 (2020-03-01) - - -FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). - - -- [fairyming/CVE-2020-9547](https://github.com/fairyming/CVE-2020-9547) - -### CVE-2020-9548 (2020-03-01) - - -FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). - - -- [fairyming/CVE-2020-9548](https://github.com/fairyming/CVE-2020-9548) - -### CVE-2020-9758 (2020-03-09) - - -An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (Helpdesk). A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from unauthenticated to user-level access, leading to full account takeover. The attack fetches multiple credentials because they are stored in the database (stored XSS). This affects the mobile/chat URI via the lgn and psswrd parameters. - - -- [ari034/CVE-2020-9758](https://github.com/ari034/CVE-2020-9758) - ### CVE-2020-9767 (2020-08-14) @@ -1888,22 +1611,6 @@ A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom - [shubham0d/Zoom-dll-hijacking](https://github.com/shubham0d/Zoom-dll-hijacking) -### CVE-2020-9768 (2020-04-01) - - -A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges. - - -- [XorgX304/CVE-2020-9768](https://github.com/XorgX304/CVE-2020-9768) - -### CVE-2020-9781 (2020-04-01) - - -The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn't intend to. - - -- [c0d3G33k/Safari-Video-Permission-Spoof-CVE-2020-9781](https://github.com/c0d3G33k/Safari-Video-Permission-Spoof-CVE-2020-9781) - ### CVE-2020-9934 (2020-10-16) @@ -1993,15 +1700,6 @@ The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 - [nuzzl/CVE-2020-10558](https://github.com/nuzzl/CVE-2020-10558) -### CVE-2020-10560 (2020-03-30) - - -An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php. - - -- [LucidUnicorn/CVE-2020-10560-Key-Recovery](https://github.com/LucidUnicorn/CVE-2020-10560-Key-Recovery) -- [kevthehermit/CVE-2020-10560](https://github.com/kevthehermit/CVE-2020-10560) - ### CVE-2020-10663 (2020-04-28) @@ -2024,7 +1722,6 @@ Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). -- [0nise/CVE-2020-10673](https://github.com/0nise/CVE-2020-10673) - [Al1ex/CVE-2020-10673](https://github.com/Al1ex/CVE-2020-10673) ### CVE-2020-10713 (2020-07-30) @@ -7603,6 +7300,15 @@ Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impa ## 2018 +### CVE-2018-0101 (2018-01-29) + + +A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618. + + +- [1337g/CVE-2018-0101-DOS-POC](https://github.com/1337g/CVE-2018-0101-DOS-POC) +- [Cymmetria/ciscoasa_honeypot](https://github.com/Cymmetria/ciscoasa_honeypot) + ### CVE-2018-0114 (2018-01-04) @@ -7637,7 +7343,9 @@ A vulnerability in the web-based management interface of the (cloud based) Cisco A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. +- [milo2012/CVE-2018-0296](https://github.com/milo2012/CVE-2018-0296) - [yassineaboukir/CVE-2018-0296](https://github.com/yassineaboukir/CVE-2018-0296) +- [bhenner1/CVE-2018-0296](https://github.com/bhenner1/CVE-2018-0296) - [qiantu88/CVE-2018-0296](https://github.com/qiantu88/CVE-2018-0296) ### CVE-2018-0708 (2018-07-16) @@ -7654,8 +7362,20 @@ Command injection vulnerability in networking of QNAP Q'center Virtual Appliance Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. +- [zldww2011/CVE-2018-0802_POC](https://github.com/zldww2011/CVE-2018-0802_POC) +- [rxwx/CVE-2018-0802](https://github.com/rxwx/CVE-2018-0802) +- [Ridter/RTF_11882_0802](https://github.com/Ridter/RTF_11882_0802) +- [likescam/CVE-2018-0802_CVE-2017-11882](https://github.com/likescam/CVE-2018-0802_CVE-2017-11882) - [dcsync/rtfkit](https://github.com/dcsync/rtfkit) +### CVE-2018-0824 (2018-05-09) + + +A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [codewhitesec/UnmarshalPwn](https://github.com/codewhitesec/UnmarshalPwn) + ### CVE-2018-0886 (2018-03-14) @@ -7664,6 +7384,41 @@ The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows - [preempt/credssp](https://github.com/preempt/credssp) +### CVE-2018-0952 (2018-08-15) + + +An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers. + + +- [atredispartners/CVE-2018-0952-SystemCollector](https://github.com/atredispartners/CVE-2018-0952-SystemCollector) + +### CVE-2018-14 +- [lckJack/legacySymfony](https://github.com/lckJack/legacySymfony) + +### CVE-2018-1010 (2018-04-11) + + +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016. + + +- [ymgh96/Detecting-the-patch-of-CVE-2018-1010](https://github.com/ymgh96/Detecting-the-patch-of-CVE-2018-1010) + +### CVE-2018-1026 (2018-04-11) + + +A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030. + + +- [ymgh96/Detecting-the-CVE-2018-1026-and-its-patch](https://github.com/ymgh96/Detecting-the-CVE-2018-1026-and-its-patch) + +### CVE-2018-1056 (2018-07-27) + + +An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files. + + +- [rotemkama/Gpon-Routers](https://github.com/rotemkama/Gpon-Routers) + ### CVE-2018-1088 (2018-04-18) @@ -7678,6 +7433,8 @@ A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any glu DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. +- [knqyf263/CVE-2018-1111](https://github.com/knqyf263/CVE-2018-1111) +- [kkirsche/CVE-2018-1111](https://github.com/kkirsche/CVE-2018-1111) - [baldassarreFe/FEP3370-advanced-ethical-hacking](https://github.com/baldassarreFe/FEP3370-advanced-ethical-hacking) ### CVE-2018-1133 (2018-05-25) @@ -7705,12 +7462,23 @@ Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions - [AbsoZed/CVE-2018-1235](https://github.com/AbsoZed/CVE-2018-1235) +### CVE-2018-1259 (2018-05-11) + + +Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion. An unauthenticated remote malicious user can supply specially crafted request parameters against Spring Data's projection-based request payload binding to access arbitrary files on the system. + + +- [tafamace/CVE-2018-1259](https://github.com/tafamace/CVE-2018-1259) + ### CVE-2018-1270 (2018-04-06) Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. +- [CaledoniaProject/CVE-2018-1270](https://github.com/CaledoniaProject/CVE-2018-1270) +- [genxor/CVE-2018-1270_EXP](https://github.com/genxor/CVE-2018-1270_EXP) +- [tafamace/CVE-2018-1270](https://github.com/tafamace/CVE-2018-1270) - [Venscor/CVE-2018-1270](https://github.com/Venscor/CVE-2018-1270) - [mprunet/owasp-formation-cve-2018-1270](https://github.com/mprunet/owasp-formation-cve-2018-1270) @@ -7720,6 +7488,9 @@ Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 a Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack. +- [knqyf263/CVE-2018-1273](https://github.com/knqyf263/CVE-2018-1273) +- [wearearima/poc-cve-2018-1273](https://github.com/wearearima/poc-cve-2018-1273) +- [webr0ck/poc-cve-2018-1273](https://github.com/webr0ck/poc-cve-2018-1273) - [cved-sources/cve-2018-1273](https://github.com/cved-sources/cve-2018-1273) - [jas502n/cve-2018-1273](https://github.com/jas502n/cve-2018-1273) @@ -7740,6 +7511,23 @@ When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an - [xDro1d/CVE-2018-1297](https://github.com/xDro1d/CVE-2018-1297) - [Al1ex/CVE-2018-1297](https://github.com/Al1ex/CVE-2018-1297) +### CVE-2018-1304 (2018-02-28) + + +The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. + + +- [knqyf263/CVE-2018-1304](https://github.com/knqyf263/CVE-2018-1304) +- [thariyarox/tomcat_CVE-2018-1304_testing](https://github.com/thariyarox/tomcat_CVE-2018-1304_testing) + +### CVE-2018-1305 (2018-02-23) + + +Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. + + +- [Pa55w0rd/CVE-2018-1305](https://github.com/Pa55w0rd/CVE-2018-1305) + ### CVE-2018-1306 (2018-06-27) @@ -7748,6 +7536,22 @@ The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pl - [JJSO12/Apache-Pluto-3.0.0--CVE-2018-1306](https://github.com/JJSO12/Apache-Pluto-3.0.0--CVE-2018-1306) +### CVE-2018-1313 (2018-05-07) + + +In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. If the Derby Network Server is not running with a Java Security Manager policy file, the attack is successful. If the server is using a policy file, the policy file must permit the database location to be read for the attack to work. The default Derby Network Server policy file distributed with the affected releases includes a permissive policy as the default Network Server policy, which allows the attack to work. + + +- [tafamace/CVE-2018-1313](https://github.com/tafamace/CVE-2018-1313) + +### CVE-2018-1324 (2018-03-16) + + +A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. + + +- [tafamace/CVE-2018-1324](https://github.com/tafamace/CVE-2018-1324) + ### CVE-2018-1335 (2018-04-25) @@ -7766,6 +7570,14 @@ IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to a XML Ext - [attakercyebr/hack4lx_CVE-2018-2019](https://github.com/attakercyebr/hack4lx_CVE-2018-2019) +### CVE-2018-2380 (2018-03-01) + + +SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs. + + +- [erpscanteam/CVE-2018-2380](https://github.com/erpscanteam/CVE-2018-2380) + ### CVE-2018-2392 (2018-02-14) @@ -7780,17 +7592,52 @@ Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [forlin/CVE-2018-2628](https://github.com/forlin/CVE-2018-2628) +- [shengqi158/CVE-2018-2628](https://github.com/shengqi158/CVE-2018-2628) +- [skydarker/CVE-2018-2628](https://github.com/skydarker/CVE-2018-2628) +- [jiansiting/weblogic-cve-2018-2628](https://github.com/jiansiting/weblogic-cve-2018-2628) +- [zjxzjx/CVE-2018-2628-detect](https://github.com/zjxzjx/CVE-2018-2628-detect) +- [aedoo/CVE-2018-2628-MultiThreading](https://github.com/aedoo/CVE-2018-2628-MultiThreading) +- [hawk-520/CVE-2018-2628](https://github.com/hawk-520/CVE-2018-2628) +- [9uest/CVE-2018-2628](https://github.com/9uest/CVE-2018-2628) +- [Shadowshusky/CVE-2018-2628all](https://github.com/Shadowshusky/CVE-2018-2628all) +- [shaoshore/CVE-2018-2628](https://github.com/shaoshore/CVE-2018-2628) +- [tdy218/ysoserial-cve-2018-2628](https://github.com/tdy218/ysoserial-cve-2018-2628) +- [s0wr0b1ndef/CVE-2018-2628](https://github.com/s0wr0b1ndef/CVE-2018-2628) +- [wrysunny/cve-2018-2628](https://github.com/wrysunny/cve-2018-2628) - [jas502n/CVE-2018-2628](https://github.com/jas502n/CVE-2018-2628) +- [stevenlinfeng/CVE-2018-2628](https://github.com/stevenlinfeng/CVE-2018-2628) +- [likescam/CVE-2018-2628](https://github.com/likescam/CVE-2018-2628) +- [Nervous/WebLogic-RCE-exploit](https://github.com/Nervous/WebLogic-RCE-exploit) +- [Lighird/CVE-2018-2628](https://github.com/Lighird/CVE-2018-2628) - [0xMJ/CVE-2018-2628](https://github.com/0xMJ/CVE-2018-2628) - [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) - [seethen/cve-2018-2628](https://github.com/seethen/cve-2018-2628) +### CVE-2018-2636 (2018-01-17) + + +Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [erpscanteam/CVE-2018-2636](https://github.com/erpscanteam/CVE-2018-2636) +- [Cymmetria/micros_honeypot](https://github.com/Cymmetria/micros_honeypot) + +### CVE-2018-2844 (2018-04-18) + + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [renorobert/virtualbox-cve-2018-2844](https://github.com/renorobert/virtualbox-cve-2018-2844) + ### CVE-2018-2879 (2018-04-18) Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. While the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. Note: Please refer to Doc ID <a href="http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=2386496.1">My Oracle Support Note 2386496.1 for instructions on how to address this issue. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H). +- [MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit](https://github.com/MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit) - [AymanElSherif/oracle-oam-authentication-bypas-exploit](https://github.com/AymanElSherif/oracle-oam-authentication-bypas-exploit) - [redtimmy/OAMBuster](https://github.com/redtimmy/OAMBuster) @@ -7800,6 +7647,12 @@ Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [sry309/CVE-2018-2893](https://github.com/sry309/CVE-2018-2893) +- [ryanInf/CVE-2018-2893](https://github.com/ryanInf/CVE-2018-2893) +- [bigsizeme/CVE-2018-2893](https://github.com/bigsizeme/CVE-2018-2893) +- [pyn3rd/CVE-2018-2893](https://github.com/pyn3rd/CVE-2018-2893) +- [qianl0ng/CVE-2018-2893](https://github.com/qianl0ng/CVE-2018-2893) +- [jas502n/CVE-2018-2893](https://github.com/jas502n/CVE-2018-2893) - [ianxtianxt/CVE-2018-2893](https://github.com/ianxtianxt/CVE-2018-2893) ### CVE-2018-2894 (2018-07-18) @@ -7808,18 +7661,44 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [111ddea/cve-2018-2894](https://github.com/111ddea/cve-2018-2894) +- [LandGrey/CVE-2018-2894](https://github.com/LandGrey/CVE-2018-2894) - [jas502n/CVE-2018-2894](https://github.com/jas502n/CVE-2018-2894) - [k8gege/PyLadon](https://github.com/k8gege/PyLadon) - [changpin666com/CVE-2018-2894-Weblogic-](https://github.com/changpin666com/CVE-2018-2894-Weblogic-) +### CVE-2018-3191 (2018-10-16) + + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [arongmh/CVE-2018-3191](https://github.com/arongmh/CVE-2018-3191) +- [pyn3rd/CVE-2018-3191](https://github.com/pyn3rd/CVE-2018-3191) +- [Libraggbond/CVE-2018-3191](https://github.com/Libraggbond/CVE-2018-3191) +- [jas502n/CVE-2018-3191](https://github.com/jas502n/CVE-2018-3191) +- [mackleadmire/CVE-2018-3191-Rce-Exploit](https://github.com/mackleadmire/CVE-2018-3191-Rce-Exploit) + ### CVE-2018-3245 (2018-10-16) Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [pyn3rd/CVE-2018-3245](https://github.com/pyn3rd/CVE-2018-3245) +- [jas502n/CVE-2018-3245](https://github.com/jas502n/CVE-2018-3245) - [ianxtianxt/CVE-2018-3245](https://github.com/ianxtianxt/CVE-2018-3245) +### CVE-2018-3252 (2018-10-16) + + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [jas502n/CVE-2018-3252](https://github.com/jas502n/CVE-2018-3252) +- [b1ueb0y/CVE-2018-3252](https://github.com/b1ueb0y/CVE-2018-3252) +- [pyn3rd/CVE-2018-3252](https://github.com/pyn3rd/CVE-2018-3252) + ### CVE-2018-3260 - [ionescu007/SpecuCheck](https://github.com/ionescu007/SpecuCheck) @@ -7831,12 +7710,22 @@ Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (su - [ndureiss/e1000_vulnerability_exploit](https://github.com/ndureiss/e1000_vulnerability_exploit) +### CVE-2018-3608 (2018-07-06) + + +A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. + + +- [ZhiyuanWang-Chengdu-Qihoo360/Trend_Micro_POC](https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Trend_Micro_POC) + ### CVE-2018-3639 (2018-05-22) Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. +- [tyhicks/ssbd-tools](https://github.com/tyhicks/ssbd-tools) +- [malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate](https://github.com/malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate) - [mmxsrup/CVE-2018-3639](https://github.com/mmxsrup/CVE-2018-3639) - [Shuiliusheng/CVE-2018-3639-specter-v4-](https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4-) @@ -7871,6 +7760,7 @@ A command injection vulnerability in egg-scripts <v2.8.1 allows arbitrary she Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code. +- [lucad93/CVE-2018-3810](https://github.com/lucad93/CVE-2018-3810) - [cved-sources/cve-2018-3810](https://github.com/cved-sources/cve-2018-3810) ### CVE-2018-3811 (2018-01-01) @@ -7881,6 +7771,15 @@ SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin befo - [cved-sources/cve-2018-3811](https://github.com/cved-sources/cve-2018-3811) +### CVE-2018-4013 (2018-10-19) + + +An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. + + +- [DoubleMice/cve-2018-4013](https://github.com/DoubleMice/cve-2018-4013) +- [r3dxpl0it/RTSPServer-Code-Execution-Vulnerability](https://github.com/r3dxpl0it/RTSPServer-Code-Execution-Vulnerability) + ### CVE-2018-4087 (2018-04-03) @@ -7888,6 +7787,26 @@ An issue was discovered in certain Apple products. iOS before 11.2.5 is affected - [rani-i/bluetoothdPoC](https://github.com/rani-i/bluetoothdPoC) +- [MTJailed/UnjailMe](https://github.com/MTJailed/UnjailMe) +- [joedaguy/Exploit11.2](https://github.com/joedaguy/Exploit11.2) + +### CVE-2018-4110 (2018-04-03) + + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence. + + +- [bencompton/ios11-cookie-set-expire-issue](https://github.com/bencompton/ios11-cookie-set-expire-issue) + +### CVE-2018-4121 (2018-04-03) + + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [FSecureLABS/CVE-2018-4121](https://github.com/FSecureLABS/CVE-2018-4121) +- [likescam/CVE-2018-4121](https://github.com/likescam/CVE-2018-4121) +- [jezzus/CVE-2018-4121](https://github.com/jezzus/CVE-2018-4121) ### CVE-2018-4124 (2018-04-03) @@ -7897,6 +7816,24 @@ An issue was discovered in certain Apple products. iOS before 11.2.6 is affected - [ZecOps/TELUGU_CVE-2018-4124_POC](https://github.com/ZecOps/TELUGU_CVE-2018-4124_POC) +### CVE-2018-4150 (2018-04-03) + + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [Jailbreaks/CVE-2018-4150](https://github.com/Jailbreaks/CVE-2018-4150) +- [RPwnage/LovelySn0w](https://github.com/RPwnage/LovelySn0w) +- [littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-](https://github.com/littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-) + +### CVE-2018-4185 (2019-01-11) + + +In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. + + +- [bazad/x18-leak](https://github.com/bazad/x18-leak) + ### CVE-2018-4193 (2018-06-08) @@ -7905,14 +7842,105 @@ An issue was discovered in certain Apple products. macOS before 10.13.5 is affec - [Synacktiv-contrib/CVE-2018-4193](https://github.com/Synacktiv-contrib/CVE-2018-4193) +### CVE-2018-4233 (2018-06-08) + + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [saelo/cve-2018-4233](https://github.com/saelo/cve-2018-4233) + +### CVE-2018-4241 (2018-06-08) + + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app. + + +- [0neday/multi_path](https://github.com/0neday/multi_path) + +### CVE-2018-4242 (2018-06-08) + + +An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-](https://github.com/yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-) + +### CVE-2018-4243 (2018-06-08) + + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app. + + +- [Jailbreaks/empty_list](https://github.com/Jailbreaks/empty_list) + +### CVE-2018-4248 (2019-04-03) + + +An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. + + +- [bazad/xpc-string-leak](https://github.com/bazad/xpc-string-leak) + +### CVE-2018-4280 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. + + +- [bazad/launchd-portrep](https://github.com/bazad/launchd-portrep) +- [bazad/blanket](https://github.com/bazad/blanket) + +### CVE-2018-4327 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1. + + +- [omerporze/brokentooth](https://github.com/omerporze/brokentooth) +- [harryanon/POC-CVE-2018-4327-and-CVE-2018-4330](https://github.com/harryanon/POC-CVE-2018-4327-and-CVE-2018-4330) + +### CVE-2018-4330 (2019-01-11) + + +In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling. + + +- [omerporze/toothfairy](https://github.com/omerporze/toothfairy) + +### CVE-2018-4331 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. + + +- [bazad/gsscred-race](https://github.com/bazad/gsscred-race) + +### CVE-2018-4343 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. + + +- [bazad/gsscred-move-uaf](https://github.com/bazad/gsscred-move-uaf) + ### CVE-2018-4407 (2019-04-03) A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. +- [Pa55w0rd/check_icmp_dos](https://github.com/Pa55w0rd/check_icmp_dos) +- [unixpickle/cve-2018-4407](https://github.com/unixpickle/cve-2018-4407) +- [s2339956/check_icmp_dos-CVE-2018-4407-](https://github.com/s2339956/check_icmp_dos-CVE-2018-4407-) +- [farisv/AppleDOS](https://github.com/farisv/AppleDOS) - [WyAtu/CVE-2018-4407](https://github.com/WyAtu/CVE-2018-4407) +- [zteeed/CVE-2018-4407-IOS](https://github.com/zteeed/CVE-2018-4407-IOS) +- [SamDecrock/node-cve-2018-4407](https://github.com/SamDecrock/node-cve-2018-4407) +- [r3dxpl0it/CVE-2018-4407](https://github.com/r3dxpl0it/CVE-2018-4407) +- [lucagiovagnoli/CVE-2018-4407](https://github.com/lucagiovagnoli/CVE-2018-4407) - [anonymouz4/Apple-Remote-Crash-Tool-CVE-2018-4407](https://github.com/anonymouz4/Apple-Remote-Crash-Tool-CVE-2018-4407) +- [soccercab/wifi](https://github.com/soccercab/wifi) - [zeng9t/CVE-2018-4407-iOS-exploit](https://github.com/zeng9t/CVE-2018-4407-iOS-exploit) - [5431/CVE-2018-4407](https://github.com/5431/CVE-2018-4407) - [pwnhacker0x18/iOS-Kernel-Crash](https://github.com/pwnhacker0x18/iOS-Kernel-Crash) @@ -7926,6 +7954,14 @@ A memory corruption issue was addressed with improved input validation. This iss - [lilang-wu/POC-CVE-2018-4411](https://github.com/lilang-wu/POC-CVE-2018-4411) +### CVE-2018-4415 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1. + + +- [T1V0h/CVE-2018-4415](https://github.com/T1V0h/CVE-2018-4415) + ### CVE-2018-4431 (2019-04-03) @@ -7948,9 +7984,41 @@ A memory corruption issue was addressed with improved memory handling. This issu A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018. +- [ydl555/CVE-2018-4878-](https://github.com/ydl555/CVE-2018-4878-) +- [mdsecactivebreach/CVE-2018-4878](https://github.com/mdsecactivebreach/CVE-2018-4878) +- [hybridious/CVE-2018-4878](https://github.com/hybridious/CVE-2018-4878) +- [vysecurity/CVE-2018-4878](https://github.com/vysecurity/CVE-2018-4878) +- [KathodeN/CVE-2018-4878](https://github.com/KathodeN/CVE-2018-4878) +- [SyFi/CVE-2018-4878](https://github.com/SyFi/CVE-2018-4878) +- [ydl555/CVE-2018-4878](https://github.com/ydl555/CVE-2018-4878) +- [B0fH/CVE-2018-4878](https://github.com/B0fH/CVE-2018-4878) - [Yable/CVE-2018-4878](https://github.com/Yable/CVE-2018-4878) - [HuanWoWeiLan/SoftwareSystemSecurity-2019](https://github.com/HuanWoWeiLan/SoftwareSystemSecurity-2019) +### CVE-2018-4879 (2018-02-27) + + +An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that processes Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. + + +- [H3llozy/CVE-2018-4879](https://github.com/H3llozy/CVE-2018-4879) + +### CVE-2018-4901 (2018-02-27) + + +An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the document identity representation. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. + + +- [bigric3/CVE-2018-4901](https://github.com/bigric3/CVE-2018-4901) + +### CVE-2018-5234 (2018-04-30) + + +The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software. + + +- [embedi/ble_norton_core](https://github.com/embedi/ble_norton_core) + ### CVE-2018-5353 (2020-09-29) @@ -7967,6 +8035,15 @@ The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 al - [missing0x00/CVE-2018-5354](https://github.com/missing0x00/CVE-2018-5354) +### CVE-2018-5711 (2018-01-16) + + +gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. + + +- [huzhenghui/Test-7-2-0-PHP-CVE-2018-5711](https://github.com/huzhenghui/Test-7-2-0-PHP-CVE-2018-5711) +- [huzhenghui/Test-7-2-1-PHP-CVE-2018-5711](https://github.com/huzhenghui/Test-7-2-1-PHP-CVE-2018-5711) + ### CVE-2018-5724 (2018-01-16) @@ -7983,12 +8060,29 @@ Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potenti - [ezelf/seatel_terminals](https://github.com/ezelf/seatel_terminals) +### CVE-2018-5740 (2019-01-16) + + +"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. + + +- [sischkg/cve-2018-5740](https://github.com/sischkg/cve-2018-5740) + +### CVE-2018-5951 (2020-03-02) + + +An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack. + + +- [Nat-Lab/CVE-2018-5951](https://github.com/Nat-Lab/CVE-2018-5951) + ### CVE-2018-5955 (2018-01-21) An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI. +- [cisp/GitStackRCE](https://github.com/cisp/GitStackRCE) - [YagamiiLight/Cerberus](https://github.com/YagamiiLight/Cerberus) ### CVE-2018-6242 (2018-05-01) @@ -7997,29 +8091,102 @@ An issue was discovered in GitStack through 2.3.10. User controlled input is not Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code. +- [DavidBuchanan314/NXLoader](https://github.com/DavidBuchanan314/NXLoader) +- [reswitched/rcm-modchips](https://github.com/reswitched/rcm-modchips) - [switchjs/fusho](https://github.com/switchjs/fusho) - [ChrisFigura/react-tegra-payload-launcher](https://github.com/ChrisFigura/react-tegra-payload-launcher) - [austinhartzheim/fusee-gelee](https://github.com/austinhartzheim/fusee-gelee) +### CVE-2018-6376 (2018-01-30) + + +In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message. + + +- [knqyf263/CVE-2018-6376](https://github.com/knqyf263/CVE-2018-6376) + ### CVE-2018-6389 (2018-02-06) In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. +- [yolabingo/wordpress-fix-cve-2018-6389](https://github.com/yolabingo/wordpress-fix-cve-2018-6389) +- [WazeHell/CVE-2018-6389](https://github.com/WazeHell/CVE-2018-6389) +- [rastating/modsecurity-cve-2018-6389](https://github.com/rastating/modsecurity-cve-2018-6389) +- [knqyf263/CVE-2018-6389](https://github.com/knqyf263/CVE-2018-6389) +- [JulienGadanho/cve-2018-6389-php-patcher](https://github.com/JulienGadanho/cve-2018-6389-php-patcher) +- [dsfau/wordpress-CVE-2018-6389](https://github.com/dsfau/wordpress-CVE-2018-6389) +- [Jetserver/CVE-2018-6389-FIX](https://github.com/Jetserver/CVE-2018-6389-FIX) +- [thechrono13/PoC---CVE-2018-6389](https://github.com/thechrono13/PoC---CVE-2018-6389) +- [BlackRouter/cve-2018-6389](https://github.com/BlackRouter/cve-2018-6389) - [alessiogilardi/PoC---CVE-2018-6389](https://github.com/alessiogilardi/PoC---CVE-2018-6389) +- [JavierOlmedo/wordpress-cve-2018-6389](https://github.com/JavierOlmedo/wordpress-cve-2018-6389) +- [m3ssap0/wordpress_cve-2018-6389](https://github.com/m3ssap0/wordpress_cve-2018-6389) - [s0md3v/Shiva](https://github.com/s0md3v/Shiva) +- [mudhappy/Wordpress-Hack-CVE-2018-6389](https://github.com/mudhappy/Wordpress-Hack-CVE-2018-6389) +- [armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389](https://github.com/armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389) +- [ItinerisLtd/trellis-cve-2018-6389](https://github.com/ItinerisLtd/trellis-cve-2018-6389) +- [Zazzzles/Wordpress-DOS](https://github.com/Zazzzles/Wordpress-DOS) - [fakedob/tvsz](https://github.com/fakedob/tvsz) - [heisenberg-official/Wordpress-DOS-Attack-CVE-2018-6389](https://github.com/heisenberg-official/Wordpress-DOS-Attack-CVE-2018-6389) - [ianxtianxt/CVE-2018-6389](https://github.com/ianxtianxt/CVE-2018-6389) - [Elsfa7-110/CVE-2018-6389](https://github.com/Elsfa7-110/CVE-2018-6389) +### CVE-2018-6396 (2018-02-17) + + +SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action. + + +- [JavierOlmedo/joomla-cve-2018-6396](https://github.com/JavierOlmedo/joomla-cve-2018-6396) + +### CVE-2018-6407 (2018-01-30) + + +An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device. + + +- [dreadlocked/ConceptronicIPCam_MultipleVulnerabilities](https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities) + +### CVE-2018-6479 (2018-01-31) + + +An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI. + + +- [dreadlocked/netwave-dosvulnerability](https://github.com/dreadlocked/netwave-dosvulnerability) + +### CVE-2018-6518 (2018-04-26) + + +Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php. + + +- [faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS](https://github.com/faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS) + +### CVE-2018-6546 (2018-04-13) + + +plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user. + + +- [securifera/CVE-2018-6546-Exploit](https://github.com/securifera/CVE-2018-6546-Exploit) +- [YanZiShuang/CVE-2018-6546](https://github.com/YanZiShuang/CVE-2018-6546) + ### CVE-2018-6574 (2018-02-07) Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked. +- [acole76/cve-2018-6574](https://github.com/acole76/cve-2018-6574) +- [neargle/CVE-2018-6574-POC](https://github.com/neargle/CVE-2018-6574-POC) +- [willbo4r/go-get-rce](https://github.com/willbo4r/go-get-rce) +- [ahmetmanga/go-get-rce](https://github.com/ahmetmanga/go-get-rce) +- [ahmetmanga/cve-2018-6574](https://github.com/ahmetmanga/cve-2018-6574) +- [kenprice/cve-2018-6574](https://github.com/kenprice/cve-2018-6574) +- [redirected/cve-2018-6574](https://github.com/redirected/cve-2018-6574) - [20matan/CVE-2018-6574-POC](https://github.com/20matan/CVE-2018-6574-POC) - [zur250/Zur-Go-GET-RCE-Solution](https://github.com/zur250/Zur-Go-GET-RCE-Solution) - [mekhalleh/cve-2018-6574](https://github.com/mekhalleh/cve-2018-6574) @@ -8072,24 +8239,59 @@ An issue was discovered that affects all producers of BIOS firmware who make a c - [kkamagui/napper-for-tpm](https://github.com/kkamagui/napper-for-tpm) +### CVE-2018-6643 (2018-08-28) + + +Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. + + +- [undefinedmode/CVE-2018-6643](https://github.com/undefinedmode/CVE-2018-6643) + ### CVE-2018-6789 (2018-02-08) An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. +- [c0llision/exim-vuln-poc](https://github.com/c0llision/exim-vuln-poc) - [beraphin/CVE-2018-6789](https://github.com/beraphin/CVE-2018-6789) - [synacktiv/Exim-CVE-2018-6789](https://github.com/synacktiv/Exim-CVE-2018-6789) - [martinclauss/exim-rce-cve-2018-6789](https://github.com/martinclauss/exim-rce-cve-2018-6789) +### CVE-2018-6791 (2018-02-06) + + +An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder. + + +- [rarar0/KDE_Vuln](https://github.com/rarar0/KDE_Vuln) + +### CVE-2018-6890 (2018-02-22) + + +Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3. + + +- [pradeepjairamani/WolfCMS-XSS-POC](https://github.com/pradeepjairamani/WolfCMS-XSS-POC) + ### CVE-2018-6892 (2018-02-11) An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution. +- [manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass](https://github.com/manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass) +- [manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass](https://github.com/manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass) - [latortuga71/CVE-2018-6892-Golang](https://github.com/latortuga71/CVE-2018-6892-Golang) +### CVE-2018-6905 (2018-04-08) + + +The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process. + + +- [pradeepjairamani/TYPO3-XSS-POC](https://github.com/pradeepjairamani/TYPO3-XSS-POC) + ### CVE-2018-6961 (2018-06-11) @@ -8107,6 +8309,46 @@ VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650 - [heaphopopotamus/vmxnet3Hunter](https://github.com/heaphopopotamus/vmxnet3Hunter) +### CVE-2018-7171 (2018-03-30) + + +Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all. + + +- [mechanico/sharingIsCaring](https://github.com/mechanico/sharingIsCaring) + +### CVE-2018-7197 (2018-02-17) + + +An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL. + + +- [Alyssa-o-Herrera/CVE-2018-7197](https://github.com/Alyssa-o-Herrera/CVE-2018-7197) + +### CVE-2018-7211 (2018-02-17) + + +An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak obfuscation library, allowing man-in-the-middle attackers to discover credentials. + + +- [c3r34lk1ll3r/CVE-2018-7211-PoC](https://github.com/c3r34lk1ll3r/CVE-2018-7211-PoC) + +### CVE-2018-7249 (2018-02-26) + + +An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel. + + +- [Elvin9/NotSecDrv](https://github.com/Elvin9/NotSecDrv) + +### CVE-2018-7250 (2018-02-26) + + +An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of uninitialized kernel PagedPool data. + + +- [Elvin9/SecDrvPoolLeak](https://github.com/Elvin9/SecDrvPoolLeak) + ### CVE-2018-7284 (2018-02-21) @@ -8115,14 +8357,46 @@ A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through - [Rodrigo-D/astDoS](https://github.com/Rodrigo-D/astDoS) +### CVE-2018-7422 (2018-03-19) + + +A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal. + + +- [0x00-0x00/CVE-2018-7422](https://github.com/0x00-0x00/CVE-2018-7422) + +### CVE-2018-7489 (2018-02-26) + + +FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath. + + +- [tafamace/CVE-2018-7489](https://github.com/tafamace/CVE-2018-7489) + ### CVE-2018-7600 (2018-03-29) Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. +- [g0rx/CVE-2018-7600-Drupal-RCE](https://github.com/g0rx/CVE-2018-7600-Drupal-RCE) - [a2u/CVE-2018-7600](https://github.com/a2u/CVE-2018-7600) - [dreadlocked/Drupalgeddon2](https://github.com/dreadlocked/Drupalgeddon2) +- [knqyf263/CVE-2018-7600](https://github.com/knqyf263/CVE-2018-7600) +- [dr-iman/CVE-2018-7600-Drupal-0day-RCE](https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE) +- [jirojo2/drupalgeddon2](https://github.com/jirojo2/drupalgeddon2) +- [dwisiswant0/CVE-2018-7600](https://github.com/dwisiswant0/CVE-2018-7600) +- [thehappydinoa/CVE-2018-7600](https://github.com/thehappydinoa/CVE-2018-7600) +- [sl4cky/CVE-2018-7600](https://github.com/sl4cky/CVE-2018-7600) +- [sl4cky/CVE-2018-7600-Masschecker](https://github.com/sl4cky/CVE-2018-7600-Masschecker) +- [FireFart/CVE-2018-7600](https://github.com/FireFart/CVE-2018-7600) +- [pimps/CVE-2018-7600](https://github.com/pimps/CVE-2018-7600) +- [lorddemon/drupalgeddon2](https://github.com/lorddemon/drupalgeddon2) +- [Hestat/drupal-check](https://github.com/Hestat/drupal-check) +- [fyraiga/CVE-2018-7600-drupalgeddon2-scanner](https://github.com/fyraiga/CVE-2018-7600-drupalgeddon2-scanner) +- [Damian972/drupalgeddon-2](https://github.com/Damian972/drupalgeddon-2) +- [Jyozi/CVE-2018-7600](https://github.com/Jyozi/CVE-2018-7600) +- [happynote3966/CVE-2018-7600](https://github.com/happynote3966/CVE-2018-7600) - [shellord/CVE-2018-7600-Drupal-RCE](https://github.com/shellord/CVE-2018-7600-Drupal-RCE) - [r3dxpl0it/CVE-2018-7600](https://github.com/r3dxpl0it/CVE-2018-7600) - [cved-sources/cve-2018-7600](https://github.com/cved-sources/cve-2018-7600) @@ -8141,6 +8415,8 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. +- [1337g/Drupalgedon3](https://github.com/1337g/Drupalgedon3) +- [happynote3966/CVE-2018-7602](https://github.com/happynote3966/CVE-2018-7602) - [kastellanos/CVE-2018-7602](https://github.com/kastellanos/CVE-2018-7602) - [cyberharsh/DrupalCVE-2018-7602](https://github.com/cyberharsh/DrupalCVE-2018-7602) @@ -8168,6 +8444,22 @@ A potential Remote Unauthorized Access in Micro Focus Fortify Software Security - [alt3kx/CVE-2018-7691](https://github.com/alt3kx/CVE-2018-7691) +### CVE-2018-7747 (2018-04-20) + + +Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form. + + +- [mindpr00f/CVE-2018-7747](https://github.com/mindpr00f/CVE-2018-7747) + +### CVE-2018-7750 (2018-03-13) + + +transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. + + +- [jm33-m0/CVE-2018-7750](https://github.com/jm33-m0/CVE-2018-7750) + ### CVE-2018-7935 - [lawrenceamer/CVE-2018-7935](https://github.com/lawrenceamer/CVE-2018-7935) @@ -8179,6 +8471,14 @@ There are multiple HTTP smuggling and cache poisoning issues when clients making - [mosesrenegade/CVE-2018-8004](https://github.com/mosesrenegade/CVE-2018-8004) +### CVE-2018-8021 (2018-11-07) + + +Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation. + + +- [r3dxpl0it/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021](https://github.com/r3dxpl0it/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021) + ### CVE-2018-8032 (2018-08-02) @@ -8187,6 +8487,22 @@ Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting - [cairuojin/CVE-2018-8032](https://github.com/cairuojin/CVE-2018-8032) +### CVE-2018-8038 (2018-07-05) + + +Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters. + + +- [tafamace/CVE-2018-8038](https://github.com/tafamace/CVE-2018-8038) + +### CVE-2018-8039 (2018-07-02) + + +It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks. + + +- [tafamace/CVE-2018-8039](https://github.com/tafamace/CVE-2018-8039) + ### CVE-2018-8045 (2018-03-14) @@ -8195,6 +8511,46 @@ In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL - [luckybool1020/CVE-2018-8045](https://github.com/luckybool1020/CVE-2018-8045) +### CVE-2018-8060 (2018-05-09) + + +HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. This affects IOCTLs higher than 0x85FE2600 with the HWiNFO32 symbolic device name. + + +- [otavioarj/SIOCtl](https://github.com/otavioarj/SIOCtl) + +### CVE-2018-8065 (2018-03-12) + + +An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory region that can be triggered by rapidly sending a variety of HTTP requests with long HTTP header values or long URIs. + + +- [EgeBalci/CVE-2018-8065](https://github.com/EgeBalci/CVE-2018-8065) + +### CVE-2018-8078 (2018-03-13) + + +YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html. + + +- [AlwaysHereFight/YZMCMSxss](https://github.com/AlwaysHereFight/YZMCMSxss) + +### CVE-2018-8090 (2018-07-25) + + +Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading. + + +- [kernelm0de/CVE-2018-8090](https://github.com/kernelm0de/CVE-2018-8090) + +### CVE-2018-8108 (2018-03-14) + + +The select component in bui through 2018-03-13 has XSS because it performs an escape operation on already-escaped text, as demonstrated by workGroupList text. + + +- [zlgxzswjy/BUI-select-xss](https://github.com/zlgxzswjy/BUI-select-xss) + ### CVE-2018-8115 (2018-05-02) @@ -8209,23 +8565,60 @@ A remote code execution vulnerability exists when the Windows Host Compute Servi An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166. +- [bigric3/cve-2018-8120](https://github.com/bigric3/cve-2018-8120) +- [unamer/CVE-2018-8120](https://github.com/unamer/CVE-2018-8120) +- [ne1llee/cve-2018-8120](https://github.com/ne1llee/cve-2018-8120) +- [alpha1ab/CVE-2018-8120](https://github.com/alpha1ab/CVE-2018-8120) +- [areuu/CVE-2018-8120](https://github.com/areuu/CVE-2018-8120) +- [EVOL4/CVE-2018-8120](https://github.com/EVOL4/CVE-2018-8120) +- [ozkanbilge/CVE-2018-8120](https://github.com/ozkanbilge/CVE-2018-8120) - [qiantu88/CVE-2018-8120](https://github.com/qiantu88/CVE-2018-8120) - [Y0n0Y/cve-2018-8120-exp](https://github.com/Y0n0Y/cve-2018-8120-exp) - [DreamoneOnly/CVE-2018-8120](https://github.com/DreamoneOnly/CVE-2018-8120) - [StartZYP/CVE-2018-8120](https://github.com/StartZYP/CVE-2018-8120) - [wikiZ/cve-2018-8120](https://github.com/wikiZ/cve-2018-8120) +### CVE-2018-8172 (2018-07-10) + + +A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4. + + +- [SyFi/CVE-2018-8172](https://github.com/SyFi/CVE-2018-8172) + ### CVE-2018-8174 (2018-05-09) A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. +- [0x09AL/CVE-2018-8174-msf](https://github.com/0x09AL/CVE-2018-8174-msf) +- [Yt1g3r/CVE-2018-8174_EXP](https://github.com/Yt1g3r/CVE-2018-8174_EXP) +- [SyFi/CVE-2018-8174](https://github.com/SyFi/CVE-2018-8174) +- [orf53975/Rig-Exploit-for-CVE-2018-8174](https://github.com/orf53975/Rig-Exploit-for-CVE-2018-8174) +- [piotrflorczyk/cve-2018-8174_analysis](https://github.com/piotrflorczyk/cve-2018-8174_analysis) +- [likescam/CVE-2018-8174-msf](https://github.com/likescam/CVE-2018-8174-msf) - [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit) - [ericisnotrealname/CVE-2018-8174_EXP](https://github.com/ericisnotrealname/CVE-2018-8174_EXP) - [www201001/https-github.com-iBearcat-CVE-2018-8174_EXP](https://github.com/www201001/https-github.com-iBearcat-CVE-2018-8174_EXP) - [www201001/https-github.com-iBearcat-CVE-2018-8174_EXP.git-](https://github.com/www201001/https-github.com-iBearcat-CVE-2018-8174_EXP.git-) +### CVE-2018-8208 (2018-06-14) + + +An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214. + + +- [kaisaryousuf/CVE-2018-8208](https://github.com/kaisaryousuf/CVE-2018-8208) + +### CVE-2018-8214 (2018-06-14) + + +An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208. + + +- [guwudoor/CVE-2018-8214](https://github.com/guwudoor/CVE-2018-8214) + ### CVE-2018-8284 (2018-07-10) @@ -8234,6 +8627,14 @@ A remote code execution vulnerability exists when the Microsoft .NET Framework f - [quantiti/CVE-2018-8284-Sharepoint-RCE](https://github.com/quantiti/CVE-2018-8284-Sharepoint-RCE) +### CVE-2018-8353 (2018-08-15) + + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. + + +- [whereisr0da/CVE-2018-8353-POC](https://github.com/whereisr0da/CVE-2018-8353-POC) + ### CVE-2018-8389 (2018-08-15) @@ -8250,6 +8651,22 @@ A remote code execution vulnerability exists when the Windows Shell does not pro - [whereisr0da/CVE-2018-8414-POC](https://github.com/whereisr0da/CVE-2018-8414-POC) +### CVE-2018-8420 (2018-09-12) + + +A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [idkwim/CVE-2018-8420](https://github.com/idkwim/CVE-2018-8420) + +### CVE-2018-8440 (2018-09-12) + + +An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [sourceincite/CVE-2018-8440](https://github.com/sourceincite/CVE-2018-8440) + ### CVE-2018-8453 (2018-10-10) @@ -8260,6 +8677,14 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - [ze0r/cve-2018-8453-exp](https://github.com/ze0r/cve-2018-8453-exp) - [thepwnrip/leHACK-Analysis-of-CVE-2018-8453](https://github.com/thepwnrip/leHACK-Analysis-of-CVE-2018-8453) +### CVE-2018-8495 (2018-10-10) + + +A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. + + +- [whereisr0da/CVE-2018-8495-POC](https://github.com/whereisr0da/CVE-2018-8495-POC) + ### CVE-2018-8581 (2018-11-13) @@ -8287,6 +8712,41 @@ Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Je - [GeunSam2/CVE-2018-8718](https://github.com/GeunSam2/CVE-2018-8718) +### CVE-2018-8733 (2018-04-17) + + +Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability. + + +- [xfer0/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed](https://github.com/xfer0/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed) + +### CVE-2018-8820 (2018-03-28) + + +An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials. + + +- [hateshape/frevvomapexec](https://github.com/hateshape/frevvomapexec) + +### CVE-2018-8897 (2018-05-08) + + +A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. + + +- [nmulasmajic/CVE-2018-8897](https://github.com/nmulasmajic/CVE-2018-8897) +- [jiazhang0/pop-mov-ss-exploit](https://github.com/jiazhang0/pop-mov-ss-exploit) +- [can1357/CVE-2018-8897](https://github.com/can1357/CVE-2018-8897) +- [nmulasmajic/syscall_exploit_CVE-2018-8897](https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897) + +### CVE-2018-8941 (2018-04-03) + + +Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi. + + +- [SECFORCE/CVE-2018-8941](https://github.com/SECFORCE/CVE-2018-8941) + ### CVE-2018-8943 (2018-03-22) @@ -8295,12 +8755,46 @@ There is a SQL injection in the PHPSHE 1.6 userbank parameter. - [coolboy0816/CVE-2018-8943](https://github.com/coolboy0816/CVE-2018-8943) +### CVE-2018-8970 (2018-03-24) + + +The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not. + + +- [tiran/CVE-2018-8970](https://github.com/tiran/CVE-2018-8970) + +### CVE-2018-9059 (2018-04-20) + + +Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791. + + +- [manojcode/easy-file-share-7.2-exploit-CVE-2018-9059](https://github.com/manojcode/easy-file-share-7.2-exploit-CVE-2018-9059) + +### CVE-2018-9075 (2018-09-28) + + +For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "``" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter. + + +- [beverlymiller818/cve-2018-9075](https://github.com/beverlymiller818/cve-2018-9075) + +### CVE-2018-9160 (2018-03-31) + + +SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses. + + +- [mechanico/sickrageWTF](https://github.com/mechanico/sickrageWTF) + ### CVE-2018-9206 (2018-10-11) Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0 +- [Den1al/CVE-2018-9206](https://github.com/Den1al/CVE-2018-9206) +- [Stahlz/JQShell](https://github.com/Stahlz/JQShell) - [cved-sources/cve-2018-9206](https://github.com/cved-sources/cve-2018-9206) ### CVE-2018-9207 (2018-11-19) @@ -8331,6 +8825,9 @@ An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who ### CVE-2018-9375 - [IOActive/AOSP-ExploitUserDictionary](https://github.com/IOActive/AOSP-ExploitUserDictionary) +### CVE-2018-9411 +- [tamirzb/CVE-2018-9411](https://github.com/tamirzb/CVE-2018-9411) + ### CVE-2018-9468 - [IOActive/AOSP-DownloadProviderHijacker](https://github.com/IOActive/AOSP-DownloadProviderHijacker) @@ -8342,9 +8839,26 @@ In the content provider of the download manager, there is a possible SQL injecti - [IOActive/AOSP-DownloadProviderDbDumper](https://github.com/IOActive/AOSP-DownloadProviderDbDumper) +### CVE-2018-9539 (2018-11-14) + + +In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-113027383 + + +- [tamirzb/CVE-2018-9539](https://github.com/tamirzb/CVE-2018-9539) + ### CVE-2018-9546 - [IOActive/AOSP-DownloadProviderHeadersDumper](https://github.com/IOActive/AOSP-DownloadProviderHeadersDumper) +### CVE-2018-9948 (2018-05-17) + + +This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5380. + + +- [manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958](https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958) +- [orangepirate/cve-2018-9948-9958-exp](https://github.com/orangepirate/cve-2018-9948-9958-exp) + ### CVE-2018-9950 (2018-05-17) @@ -8361,6 +8875,14 @@ This vulnerability allows remote attackers to execute arbitrary code on vulnerab - [sharmasandeepkr/cve-2018-9951](https://github.com/sharmasandeepkr/cve-2018-9951) +### CVE-2018-9958 (2018-05-17) + + +This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620. + + +- [t3rabyt3-zz/CVE-2018-9958--Exploit](https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit) + ### CVE-2018-9995 (2018-04-10) @@ -8368,6 +8890,11 @@ TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in - [ezelf/CVE-2018-9995_dvr_credentials](https://github.com/ezelf/CVE-2018-9995_dvr_credentials) +- [zzh217/CVE-2018-9995_Batch_scanning_exp](https://github.com/zzh217/CVE-2018-9995_Batch_scanning_exp) +- [Huangkey/CVE-2018-9995_check](https://github.com/Huangkey/CVE-2018-9995_check) +- [gwolfs/CVE-2018-9995-ModifiedByGwolfs](https://github.com/gwolfs/CVE-2018-9995-ModifiedByGwolfs) +- [shacojx/cve-2018-9995](https://github.com/shacojx/cve-2018-9995) +- [Cyb0r9/DVR-Exploiter](https://github.com/Cyb0r9/DVR-Exploiter) - [codeholic2k18/CVE-2018-9995](https://github.com/codeholic2k18/CVE-2018-9995) - [TateYdq/CVE-2018-9995-ModifiedByGwolfs](https://github.com/TateYdq/CVE-2018-9995-ModifiedByGwolfs) - [ABIZCHI/CVE-2018-9995_dvr_credentials](https://github.com/ABIZCHI/CVE-2018-9995_dvr_credentials) @@ -8386,6 +8913,14 @@ Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page scree - [GeunSam2/CVE-2018-10118](https://github.com/GeunSam2/CVE-2018-10118) +### CVE-2018-10299 (2018-04-23) + + +An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two _receivers arguments in conjunction with a large _value argument, as exploited in the wild in April 2018, aka the "batchOverflow" issue. + + +- [phzietsman/batchOverflow](https://github.com/phzietsman/batchOverflow) + ### CVE-2018-10388 (2019-12-23) @@ -8394,6 +8929,45 @@ Format string vulnerability in the logMess function in TFTP Server SP 1.66 and e - [0xddaa/CVE-2018-10388](https://github.com/0xddaa/CVE-2018-10388) +### CVE-2018-10467 +- [alt3kx/CVE-2018-10467](https://github.com/alt3kx/CVE-2018-10467) + +### CVE-2018-10517 (2018-04-27) + + +In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element. + + +- [0x00-0x00/CVE-2018-10517](https://github.com/0x00-0x00/CVE-2018-10517) + +### CVE-2018-10546 (2018-04-29) + + +An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. + + +- [dsfau/CVE-2018-10546](https://github.com/dsfau/CVE-2018-10546) + +### CVE-2018-10562 (2018-05-03) + + +An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output. + + +- [f3d0x0/GPON](https://github.com/f3d0x0/GPON) +- [649/Pingpon-Exploit](https://github.com/649/Pingpon-Exploit) +- [Choudai/GPON-LOADER](https://github.com/Choudai/GPON-LOADER) +- [c0ld1/GPON_RCE](https://github.com/c0ld1/GPON_RCE) +- [ATpiu/CVE-2018-10562](https://github.com/ATpiu/CVE-2018-10562) + +### CVE-2018-10583 (2018-05-01) + + +An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. + + +- [TaharAmine/CVE-2018-10583](https://github.com/TaharAmine/CVE-2018-10583) + ### CVE-2018-10678 (2018-05-13) @@ -8402,6 +8976,25 @@ MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank& - [hbranco/CVE-2018-10678](https://github.com/hbranco/CVE-2018-10678) +### CVE-2018-10715 +- [alt3kx/CVE-2018-10715](https://github.com/alt3kx/CVE-2018-10715) + +### CVE-2018-10732 (2018-05-28) + + +The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information (i.e., determine if a username is valid) because of profile pictures visibility. + + +- [alt3kx/CVE-2018-10732](https://github.com/alt3kx/CVE-2018-10732) + +### CVE-2018-10821 (2018-06-14) + + +Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel. + + +- [BalvinderSingh23/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3](https://github.com/BalvinderSingh23/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3) + ### CVE-2018-10920 (2018-08-02) @@ -8416,8 +9009,30 @@ Improper input validation bug in DNS resolver component of Knot Resolver before A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access. +- [SoledaD208/CVE-2018-10933](https://github.com/SoledaD208/CVE-2018-10933) - [blacknbunny/CVE-2018-10933](https://github.com/blacknbunny/CVE-2018-10933) +- [hook-s3c/CVE-2018-10933](https://github.com/hook-s3c/CVE-2018-10933) +- [kn6869610/CVE-2018-10933](https://github.com/kn6869610/CVE-2018-10933) +- [leapsecurity/libssh-scanner](https://github.com/leapsecurity/libssh-scanner) +- [likescam/CVE-2018-10933_ssh](https://github.com/likescam/CVE-2018-10933_ssh) +- [trbpnd/bpnd-libssh](https://github.com/trbpnd/bpnd-libssh) +- [likescam/CVE-2018-10933-libSSH-Authentication-Bypass](https://github.com/likescam/CVE-2018-10933-libSSH-Authentication-Bypass) +- [marco-lancini/hunt-for-cve-2018-10933](https://github.com/marco-lancini/hunt-for-cve-2018-10933) +- [hackerhouse-opensource/cve-2018-10933](https://github.com/hackerhouse-opensource/cve-2018-10933) +- [cve-2018/cve-2018-10933](https://github.com/cve-2018/cve-2018-10933) +- [jas502n/CVE-2018-10933](https://github.com/jas502n/CVE-2018-10933) +- [ninp0/cve-2018-10933_poc](https://github.com/ninp0/cve-2018-10933_poc) +- [pghook/CVE-2018-10933_Scanner](https://github.com/pghook/CVE-2018-10933_Scanner) +- [Virgula0/POC-CVE-2018-10933](https://github.com/Virgula0/POC-CVE-2018-10933) +- [shifa123/pythonprojects-CVE-2018-10933](https://github.com/shifa123/pythonprojects-CVE-2018-10933) - [xFreed0m/CVE-2018-10933](https://github.com/xFreed0m/CVE-2018-10933) +- [Bifrozt/CVE-2018-10933](https://github.com/Bifrozt/CVE-2018-10933) +- [r3dxpl0it/CVE-2018-10933](https://github.com/r3dxpl0it/CVE-2018-10933) +- [ivanacostarubio/libssh-scanner](https://github.com/ivanacostarubio/libssh-scanner) +- [throwawayaccount12312312/precompiled-CVE-2018-10933](https://github.com/throwawayaccount12312312/precompiled-CVE-2018-10933) +- [ensimag-security/CVE-2018-10933](https://github.com/ensimag-security/CVE-2018-10933) +- [Ad1bDaw/libSSH-bypass](https://github.com/Ad1bDaw/libSSH-bypass) +- [sambiyal/CVE-2018-10933-POC](https://github.com/sambiyal/CVE-2018-10933-POC) - [nikhil1232/LibSSH-Authentication-Bypass](https://github.com/nikhil1232/LibSSH-Authentication-Bypass) - [Kurlee/LibSSH-exploit](https://github.com/Kurlee/LibSSH-exploit) - [crispy-peppers/Libssh-server-CVE-2018-10933](https://github.com/crispy-peppers/Libssh-server-CVE-2018-10933) @@ -8427,6 +9042,22 @@ A vulnerability was found in libssh's server-side state machine before versions - [JoSecMx/CVE-2018-10933_Scanner](https://github.com/JoSecMx/CVE-2018-10933_Scanner) - [cyberharsh/Libssh-server-CVE-2018-10933](https://github.com/cyberharsh/Libssh-server-CVE-2018-10933) +### CVE-2018-10936 (2018-08-30) + + +A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate for the wrong host, as long as it was signed by a trusted CA. + + +- [tafamace/CVE-2018-10936](https://github.com/tafamace/CVE-2018-10936) + +### CVE-2018-10949 (2018-05-09) + + +mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors. + + +- [0x00-0x00/CVE-2018-10949](https://github.com/0x00-0x00/CVE-2018-10949) + ### CVE-2018-11235 (2018-05-30) @@ -8434,6 +9065,12 @@ In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before - [Rogdham/CVE-2018-11235](https://github.com/Rogdham/CVE-2018-11235) +- [vmotos/CVE-2018-11235](https://github.com/vmotos/CVE-2018-11235) +- [Choihosu/cve-2018-11235](https://github.com/Choihosu/cve-2018-11235) +- [CHYbeta/CVE-2018-11235-DEMO](https://github.com/CHYbeta/CVE-2018-11235-DEMO) +- [Kiss-sh0t/CVE-2018-11235-poc](https://github.com/Kiss-sh0t/CVE-2018-11235-poc) +- [H0K5/clone_and_pwn](https://github.com/H0K5/clone_and_pwn) +- [knqyf263/CVE-2018-11235](https://github.com/knqyf263/CVE-2018-11235) - [ygouzerh/CVE-2018-11235](https://github.com/ygouzerh/CVE-2018-11235) - [qweraqq/CVE-2018-11235-Git-Submodule-CE](https://github.com/qweraqq/CVE-2018-11235-Git-Submodule-CE) - [jhswartz/CVE-2018-11235](https://github.com/jhswartz/CVE-2018-11235) @@ -8452,8 +9089,41 @@ In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. +- [evilmiracle/CVE-2018-11236](https://github.com/evilmiracle/CVE-2018-11236) - [rockysec/CVE-2018-11236](https://github.com/rockysec/CVE-2018-11236) +### CVE-2018-11311 (2018-05-20) + + +A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials. + + +- [EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password](https://github.com/EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password) + +### CVE-2018-11450 (2018-07-09) + + +A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). If a user visits the login portal through the URL crafted by the attacker, the attacker can insert html/javascript and thus alter/rewrite the login portal page. Siemens PLM Software TEAMCENTER V9.1.3 and newer are not affected. + + +- [LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability](https://github.com/LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability) + +### CVE-2018-11510 (2018-06-28) + + +The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter. + + +- [mefulton/CVE-2018-11510](https://github.com/mefulton/CVE-2018-11510) + +### CVE-2018-11517 (2018-05-28) + + +mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010. + + +- [EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure](https://github.com/EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure) + ### CVE-2018-11564 (2018-06-01) @@ -8462,6 +9132,14 @@ Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malici - [GeunSam2/CVE-2018-11564](https://github.com/GeunSam2/CVE-2018-11564) +### CVE-2018-11631 (2018-05-31) + + +Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic. + + +- [xMagass/bandexploit](https://github.com/xMagass/bandexploit) + ### CVE-2018-11686 (2019-07-03) @@ -8476,6 +9154,7 @@ The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote c The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing the application via the reverse proxy. It was also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical. +- [immunIT/CVE-2018-11759](https://github.com/immunIT/CVE-2018-11759) - [Jul10l1r4/Identificador-CVE-2018-11759](https://github.com/Jul10l1r4/Identificador-CVE-2018-11759) ### CVE-2018-11761 (2018-09-19) @@ -8500,7 +9179,18 @@ From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API f Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace. +- [trbpnd/CVE-2018-11776](https://github.com/trbpnd/CVE-2018-11776) - [xfox64x/CVE-2018-11776](https://github.com/xfox64x/CVE-2018-11776) +- [jiguangin/CVE-2018-11776](https://github.com/jiguangin/CVE-2018-11776) +- [hook-s3c/CVE-2018-11776-Python-PoC](https://github.com/hook-s3c/CVE-2018-11776-Python-PoC) +- [mazen160/struts-pwn_CVE-2018-11776](https://github.com/mazen160/struts-pwn_CVE-2018-11776) +- [bhdresh/CVE-2018-11776](https://github.com/bhdresh/CVE-2018-11776) +- [knqyf263/CVE-2018-11776](https://github.com/knqyf263/CVE-2018-11776) +- [Ekultek/Strutter](https://github.com/Ekultek/Strutter) +- [tuxotron/cve-2018-11776-docker](https://github.com/tuxotron/cve-2018-11776-docker) +- [brianwrf/S2-057-CVE-2018-11776](https://github.com/brianwrf/S2-057-CVE-2018-11776) +- [649/Apache-Struts-Shodan-Exploit](https://github.com/649/Apache-Struts-Shodan-Exploit) +- [jezzus/CVE-2018-11776-Python-PoC](https://github.com/jezzus/CVE-2018-11776-Python-PoC) - [cved-sources/cve-2018-11776](https://github.com/cved-sources/cve-2018-11776) - [OzNetNerd/apche-struts-vuln-demo-cve-2018-11776](https://github.com/OzNetNerd/apche-struts-vuln-demo-cve-2018-11776) - [cucadili/CVE-2018-11776](https://github.com/cucadili/CVE-2018-11776) @@ -8523,6 +9213,30 @@ Incorrect bound check can lead to potential buffer overwrite in WLAN controller - [jguard01/cve-2018-11882](https://github.com/jguard01/cve-2018-11882) +### CVE-2018-12018 (2018-07-04) + + +The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue. + + +- [k3v142/CVE-2018-12018](https://github.com/k3v142/CVE-2018-12018) + +### CVE-2018-12031 (2018-06-07) + + +Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action. + + +- [EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion](https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion) + +### CVE-2018-12038 (2018-11-20) + + +An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key. + + +- [gdraperi/remote-bitlocker-encryption-report](https://github.com/gdraperi/remote-bitlocker-encryption-report) + ### CVE-2018-12086 (2018-09-14) @@ -8540,6 +9254,14 @@ A vulnerability in register allocation in JavaScript can lead to type confusion, - [Hydra3evil/cve-2018-12386](https://github.com/Hydra3evil/cve-2018-12386) - [0xLyte/cve-2018-12386](https://github.com/0xLyte/cve-2018-12386) +### CVE-2018-12418 (2018-06-14) + + +Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files. + + +- [tafamace/CVE-2018-12418](https://github.com/tafamace/CVE-2018-12418) + ### CVE-2018-12421 (2018-06-14) @@ -8548,6 +9270,14 @@ LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a us - [ReverseBrain/CVE-2018-12421](https://github.com/ReverseBrain/CVE-2018-12421) +### CVE-2018-12463 (2018-07-12) + + +An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. + + +- [alt3kx/CVE-2018-12463](https://github.com/alt3kx/CVE-2018-12463) + ### CVE-2018-12533 (2018-06-18) @@ -8556,12 +9286,43 @@ JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to i - [TheKalin/CVE-2018-12533](https://github.com/TheKalin/CVE-2018-12533) +### CVE-2018-12537 (2018-08-14) + + +In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response. + + +- [tafamace/CVE-2018-12537](https://github.com/tafamace/CVE-2018-12537) + +### CVE-2018-12540 (2018-07-12) + + +In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet. + + +- [tafamace/CVE-2018-12540](https://github.com/tafamace/CVE-2018-12540) + +### CVE-2018-12596 (2018-10-10) + + +Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins). + + +- [alt3kx/CVE-2018-12596](https://github.com/alt3kx/CVE-2018-12596) + +### CVE-2018-12597 +- [alt3kx/CVE-2018-12597](https://github.com/alt3kx/CVE-2018-12597) + +### CVE-2018-12598 +- [alt3kx/CVE-2018-12598](https://github.com/alt3kx/CVE-2018-12598) + ### CVE-2018-12613 (2018-06-21) An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication). +- [0x00-0x00/CVE-2018-12613](https://github.com/0x00-0x00/CVE-2018-12613) - [ivanitlearning/CVE-2018-12613](https://github.com/ivanitlearning/CVE-2018-12613) - [eastmountyxz/CVE-2018-12613-phpMyAdmin](https://github.com/eastmountyxz/CVE-2018-12613-phpMyAdmin) @@ -8573,6 +9334,14 @@ Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, - [sharmasandeepkr/cve-2018-12798](https://github.com/sharmasandeepkr/cve-2018-12798) +### CVE-2018-12895 (2018-06-26) + + +WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges. + + +- [bloom-ux/cve-2018-12895-hotfix](https://github.com/bloom-ux/cve-2018-12895-hotfix) + ### CVE-2018-13257 (2019-11-18) @@ -8621,6 +9390,14 @@ An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6. - [shinecome/zip](https://github.com/shinecome/zip) +### CVE-2018-13784 (2018-07-09) + + +PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php. + + +- [ambionics/prestashop-exploits](https://github.com/ambionics/prestashop-exploits) + ### CVE-2018-13797 (2018-07-10) @@ -8629,6 +9406,22 @@ The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command - [dsp-testing/CVE-2018-13797](https://github.com/dsp-testing/CVE-2018-13797) +### CVE-2018-13864 (2018-07-17) + + +A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. It allows a remote attacker to download arbitrary files from the target server via specially crafted HTTP requests. + + +- [tafamace/CVE-2018-13864](https://github.com/tafamace/CVE-2018-13864) + +### CVE-2018-14083 (2018-07-25) + + +LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash. + + +- [pudding2/CVE-2018-14083](https://github.com/pudding2/CVE-2018-14083) + ### CVE-2018-14442 (2018-07-20) @@ -8638,12 +9431,21 @@ Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that lea - [payatu/CVE-2018-14442](https://github.com/payatu/CVE-2018-14442) - [sharmasandeepkr/PS-2018-002---CVE-2018-14442](https://github.com/sharmasandeepkr/PS-2018-002---CVE-2018-14442) +### CVE-2018-14634 (2018-09-25) + + +An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. + + +- [luan0ap/cve-2018-14634](https://github.com/luan0ap/cve-2018-14634) + ### CVE-2018-14665 (2018-10-25) A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. +- [jas502n/CVE-2018-14665](https://github.com/jas502n/CVE-2018-14665) - [bolonobolo/CVE-2018-14665](https://github.com/bolonobolo/CVE-2018-14665) - [samueldustin/cve-2018-14665](https://github.com/samueldustin/cve-2018-14665) @@ -8653,6 +9455,10 @@ A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData. +- [nareshmail/cve-2018-14667](https://github.com/nareshmail/cve-2018-14667) +- [zeroto01/CVE-2018-14667](https://github.com/zeroto01/CVE-2018-14667) +- [r00t4dm/CVE-2018-14667](https://github.com/r00t4dm/CVE-2018-14667) +- [syriusbughunt/CVE-2018-14667](https://github.com/syriusbughunt/CVE-2018-14667) - [quandqn/cve-2018-14667](https://github.com/quandqn/cve-2018-14667) - [Venscor/CVE-2018-14667-poc](https://github.com/Venscor/CVE-2018-14667-poc) @@ -8672,6 +9478,14 @@ The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2 - [FoolMitAh/CVE-2018-14729](https://github.com/FoolMitAh/CVE-2018-14729) +### CVE-2018-14772 (2018-10-16) + + +Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution vulnerability in which an attacker with administrator access to the web application can execute arbitrary code on the underlying system via Command Injection. + + +- [spencerdodd/CVE-2018-14772](https://github.com/spencerdodd/CVE-2018-14772) + ### CVE-2018-14847 (2018-08-02) @@ -8679,18 +9493,29 @@ MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read a - [BasuCert/WinboxPoC](https://github.com/BasuCert/WinboxPoC) +- [msterusky/WinboxExploit](https://github.com/msterusky/WinboxExploit) +- [syrex1013/MikroRoot](https://github.com/syrex1013/MikroRoot) - [jas502n/CVE-2018-14847](https://github.com/jas502n/CVE-2018-14847) - [th3f3n1x87/winboxPOC](https://github.com/th3f3n1x87/winboxPOC) - [mahmoodsabir/mikrotik-beast](https://github.com/mahmoodsabir/mikrotik-beast) - [sinichi449/Python-MikrotikLoginExploit](https://github.com/sinichi449/Python-MikrotikLoginExploit) - [yukar1z0e/CVE-2018-14847](https://github.com/yukar1z0e/CVE-2018-14847) +### CVE-2018-15131 (2019-05-30) + + +An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests. + + +- [0x00-0x00/CVE-2018-15131](https://github.com/0x00-0x00/CVE-2018-15131) + ### CVE-2018-15133 (2018-08-09) In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack. +- [kozmic/laravel-poc-CVE-2018-15133](https://github.com/kozmic/laravel-poc-CVE-2018-15133) - [Bilelxdz/Laravel-CVE-2018-15133](https://github.com/Bilelxdz/Laravel-CVE-2018-15133) - [Prabesh01/Laravel-PHP-Unit-RCE-Auto-shell-uploader](https://github.com/Prabesh01/Laravel-PHP-Unit-RCE-Auto-shell-uploader) - [iansangaji/laravel-rce-cve-2018-15133](https://github.com/iansangaji/laravel-rce-cve-2018-15133) @@ -8699,6 +9524,14 @@ In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execut - [PwnedShell/Larascript](https://github.com/PwnedShell/Larascript) - [AzhariKun/CVE-2018-15133](https://github.com/AzhariKun/CVE-2018-15133) +### CVE-2018-15365 (2018-09-28) + + +A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability. + + +- [nixwizard/CVE-2018-15365](https://github.com/nixwizard/CVE-2018-15365) + ### CVE-2018-15473 (2018-08-17) @@ -8706,10 +9539,13 @@ OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not dela - [trimstray/massh-enum](https://github.com/trimstray/massh-enum) +- [gbonacini/opensshenum](https://github.com/gbonacini/opensshenum) - [Rhynorater/CVE-2018-15473-Exploit](https://github.com/Rhynorater/CVE-2018-15473-Exploit) - [epi052/cve-2018-15473](https://github.com/epi052/cve-2018-15473) - [pyperanger/CVE-2018-15473_exploit](https://github.com/pyperanger/CVE-2018-15473_exploit) - [r3dxpl0it/CVE-2018-15473](https://github.com/r3dxpl0it/CVE-2018-15473) +- [JoeBlackSecurity/CrappyCode](https://github.com/JoeBlackSecurity/CrappyCode) +- [JoeBlackSecurity/SSHUsernameBruter-SSHUB](https://github.com/JoeBlackSecurity/SSHUsernameBruter-SSHUB) - [cved-sources/cve-2018-15473](https://github.com/cved-sources/cve-2018-15473) - [LINYIKAI/CVE-2018-15473-exp](https://github.com/LINYIKAI/CVE-2018-15473-exp) - [secmode/enumpossible](https://github.com/secmode/enumpossible) @@ -8724,6 +9560,14 @@ OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not dela - [Sait-Nuri/CVE-2018-15473](https://github.com/Sait-Nuri/CVE-2018-15473) - [WildfootW/CVE-2018-15473_OpenSSH_7.7](https://github.com/WildfootW/CVE-2018-15473_OpenSSH_7.7) +### CVE-2018-15499 (2018-08-24) + + +GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine. + + +- [DownWithUp/CVE-2018-15499](https://github.com/DownWithUp/CVE-2018-15499) + ### CVE-2018-15686 (2018-10-26) @@ -8732,6 +9576,22 @@ A vulnerability in unit_deserialize of systemd allows an attacker to supply arbi - [hpcprofessional/remediate_cesa_2019_2091](https://github.com/hpcprofessional/remediate_cesa_2019_2091) +### CVE-2018-15727 (2018-08-29) + + +Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. + + +- [u238/grafana-CVE-2018-15727](https://github.com/u238/grafana-CVE-2018-15727) + +### CVE-2018-15832 (2018-09-20) + + +upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. + + +- [JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0](https://github.com/JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0) + ### CVE-2018-15835 (2018-11-30) @@ -8748,12 +9608,21 @@ The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerabl - [cved-sources/cve-2018-15877](https://github.com/cved-sources/cve-2018-15877) +### CVE-2018-15912 (2018-08-29) + + +An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A local attacker can install or remove arbitrary packages and package repositories potentially containing hooks with arbitrary code, which will automatically be run as root, or remove packages vital to the system. + + +- [coderobe/CVE-2018-15912-PoC](https://github.com/coderobe/CVE-2018-15912-PoC) + ### CVE-2018-15961 (2018-09-25) Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. +- [vah13/CVE-2018-15961](https://github.com/vah13/CVE-2018-15961) - [cved-sources/cve-2018-15961](https://github.com/cved-sources/cve-2018-15961) ### CVE-2018-15968 (2018-10-12) @@ -8770,9 +9639,11 @@ Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. +- [FlatL1neAPT/CVE-2018-15982](https://github.com/FlatL1neAPT/CVE-2018-15982) - [AirEvan/CVE-2018-15982_PoC](https://github.com/AirEvan/CVE-2018-15982_PoC) - [Ridter/CVE-2018-15982_EXP](https://github.com/Ridter/CVE-2018-15982_EXP) - [kphongagsorn/adobe-flash-cve2018-15982](https://github.com/kphongagsorn/adobe-flash-cve2018-15982) +- [jas502n/CVE-2018-15982_EXP_IE](https://github.com/jas502n/CVE-2018-15982_EXP_IE) - [scanfsec/CVE-2018-15982](https://github.com/scanfsec/CVE-2018-15982) - [SyFi/CVE-2018-15982](https://github.com/SyFi/CVE-2018-15982) - [create12138/CVE-2018-15982](https://github.com/create12138/CVE-2018-15982) @@ -8788,6 +9659,14 @@ Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Ve ### CVE-2018-16135 - [c0d3G33k/CVE-2018-16135](https://github.com/c0d3G33k/CVE-2018-16135) +### CVE-2018-16156 (2019-05-17) + + +In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkic_Fjicube_32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes an exported function named ChangeUninstallString. The default install does not contain this library and therefore if any DLL with that name exists in any directory listed in the PATH variable, it can be used to escalate to SYSTEM level privilege. + + +- [securifera/CVE-2018-16156-Exploit](https://github.com/securifera/CVE-2018-16156-Exploit) + ### CVE-2018-16283 (2018-09-24) @@ -8807,6 +9686,22 @@ ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitial ### CVE-2018-16341 - [mpgn/CVE-2018-16341](https://github.com/mpgn/CVE-2018-16341) +### CVE-2018-16370 (2018-09-02) + + +In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. + + +- [snappyJack/CVE-2018-16370](https://github.com/snappyJack/CVE-2018-16370) + +### CVE-2018-16373 (2018-09-02) + + +Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. + + +- [snappyJack/CVE-2018-16373](https://github.com/snappyJack/CVE-2018-16373) + ### CVE-2018-16492 (2019-02-01) @@ -8821,6 +9716,7 @@ A prototype pollution vulnerability was found in module extend <2.0.2, ~<3 An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. +- [farisv/PIL-RCE-Ghostscript-CVE-2018-16509](https://github.com/farisv/PIL-RCE-Ghostscript-CVE-2018-16509) - [knqyf263/CVE-2018-16509](https://github.com/knqyf263/CVE-2018-16509) - [cved-sources/cve-2018-16509](https://github.com/cved-sources/cve-2018-16509) - [rhpco/CVE-2018-16509](https://github.com/rhpco/CVE-2018-16509) @@ -8833,6 +9729,30 @@ LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a - [Nurdilin/CVE-2018-16706](https://github.com/Nurdilin/CVE-2018-16706) +### CVE-2018-16711 (2018-09-26) + + +IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input. + + +- [DownWithUp/CVE-2018-16711](https://github.com/DownWithUp/CVE-2018-16711) + +### CVE-2018-16712 (2018-09-26) + + +IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory. + + +- [DownWithUp/CVE-2018-16712](https://github.com/DownWithUp/CVE-2018-16712) + +### CVE-2018-16713 (2018-09-26) + + +IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction. + + +- [DownWithUp/CVE-2018-16713](https://github.com/DownWithUp/CVE-2018-16713) + ### CVE-2018-16763 (2018-09-09) @@ -8886,6 +9806,14 @@ libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out - [zjw88282740/CVE-2018-16890](https://github.com/zjw88282740/CVE-2018-16890) +### CVE-2018-16987 (2018-09-13) + + +Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code. + + +- [gquere/CVE-2018-16987](https://github.com/gquere/CVE-2018-16987) + ### CVE-2018-17081 (2018-09-26) @@ -8894,6 +9822,25 @@ e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&action=inline&a - [himanshurahi/e107_2.1.9_CSRF_POC](https://github.com/himanshurahi/e107_2.1.9_CSRF_POC) +### CVE-2018-17144 (2018-09-19) + + +Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash. + + +- [iioch/ban-exploitable-bitcoin-nodes](https://github.com/iioch/ban-exploitable-bitcoin-nodes) +- [hikame/CVE-2018-17144_POC](https://github.com/hikame/CVE-2018-17144_POC) + +### CVE-2018-17182 (2018-09-19) + + +An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. + + +- [jas502n/CVE-2018-17182](https://github.com/jas502n/CVE-2018-17182) +- [likescam/CVE-2018-17182](https://github.com/likescam/CVE-2018-17182) +- [likescam/vmacache_CVE-2018-17182](https://github.com/likescam/vmacache_CVE-2018-17182) + ### CVE-2018-17207 (2018-09-19) @@ -8910,6 +9857,14 @@ Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw - [mpgn/CVE-2018-17246](https://github.com/mpgn/CVE-2018-17246) +### CVE-2018-17418 (2019-03-07) + + +Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the forbidden_types variable. + + +- [AlwaysHereFight/monstra_cms-3.0.4--getshell](https://github.com/AlwaysHereFight/monstra_cms-3.0.4--getshell) + ### CVE-2018-17431 (2019-01-29) @@ -8924,6 +9879,8 @@ Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execu Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. +- [shpik-kr/CVE-2018-17456](https://github.com/shpik-kr/CVE-2018-17456) +- [matlink/CVE-2018-17456](https://github.com/matlink/CVE-2018-17456) - [799600966/CVE-2018-17456](https://github.com/799600966/CVE-2018-17456) - [AnonymKing/CVE-2018-17456](https://github.com/AnonymKing/CVE-2018-17456) @@ -8935,6 +9892,22 @@ An incorrect access control vulnerability in the FTP configuration of WiFiRanger - [Luct0r/CVE-2018-17873](https://github.com/Luct0r/CVE-2018-17873) +### CVE-2018-17961 (2018-10-15) + + +Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. + + +- [matlink/CVE-2018-17961](https://github.com/matlink/CVE-2018-17961) + +### CVE-2018-18026 (2018-10-19) + + +IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution attack. + + +- [DownWithUp/CVE-2018-18026](https://github.com/DownWithUp/CVE-2018-18026) + ### CVE-2018-18368 (2019-11-15) @@ -8943,6 +9916,14 @@ Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptib - [DimopoulosElias/SEPM-EoP](https://github.com/DimopoulosElias/SEPM-EoP) +### CVE-2018-18387 (2018-10-29) + + +playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse. + + +- [TheeBlind/CVE-2018-18387](https://github.com/TheeBlind/CVE-2018-18387) + ### CVE-2018-18500 (2019-02-05) @@ -8959,6 +9940,14 @@ An issue was discovered in the wiki API in GitLab Community and Enterprise Editi - [Snowming04/CVE-2018-18649](https://github.com/Snowming04/CVE-2018-18649) +### CVE-2018-18714 (2018-11-01) + + +RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E010. This can lead to denial of service (DoS) or code execution with root privileges. + + +- [DownWithUp/CVE-2018-18714](https://github.com/DownWithUp/CVE-2018-18714) + ### CVE-2018-18778 (2018-10-28) @@ -8976,12 +9965,37 @@ Cerio DT-300N 1.1.6 through 1.1.12 devices allow OS command injection because of - [hook-s3c/CVE-2018-18852](https://github.com/hook-s3c/CVE-2018-18852) - [andripwn/CVE-2018-18852](https://github.com/andripwn/CVE-2018-18852) +### CVE-2018-19126 (2018-11-09) + + +PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload. + + +- [farisv/PrestaShop-CVE-2018-19126](https://github.com/farisv/PrestaShop-CVE-2018-19126) + +### CVE-2018-19127 (2018-11-09) + + +A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_template/*.tpl.php file along with a "<?php function " substring. + + +- [ab1gale/phpcms-2008-CVE-2018-19127](https://github.com/ab1gale/phpcms-2008-CVE-2018-19127) + +### CVE-2018-19131 (2018-11-09) + + +Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors. + + +- [JonathanWilbur/CVE-2018-19131](https://github.com/JonathanWilbur/CVE-2018-19131) + ### CVE-2018-19207 (2018-11-12) The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018. +- [aeroot/WP-GDPR-Compliance-Plugin-Exploit](https://github.com/aeroot/WP-GDPR-Compliance-Plugin-Exploit) - [cved-sources/cve-2018-19207](https://github.com/cved-sources/cve-2018-19207) ### CVE-2018-19276 (2019-03-17) @@ -9024,6 +10038,14 @@ University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in P - [ensimag-security/CVE-2018-19518](https://github.com/ensimag-security/CVE-2018-19518) +### CVE-2018-19537 (2018-11-25) + + +TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases. + + +- [JackDoan/TP-Link-ArcherC5-RCE](https://github.com/JackDoan/TP-Link-ArcherC5-RCE) + ### CVE-2018-19571 (2019-07-10) @@ -9046,6 +10068,8 @@ The "CLink4Service" service is installed with Corsair Link 4.9.7.35 wi A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command. +- [AbsoZed/CVE-2018-19788](https://github.com/AbsoZed/CVE-2018-19788) +- [d4gh0s7/CVE-2018-19788](https://github.com/d4gh0s7/CVE-2018-19788) - [Ekultek/PoC](https://github.com/Ekultek/PoC) - [jhlongjr/CVE-2018-19788](https://github.com/jhlongjr/CVE-2018-19788) @@ -9065,6 +10089,14 @@ NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attack - [pwnhacker0x18/CVE-2018-19864](https://github.com/pwnhacker0x18/CVE-2018-19864) +### CVE-2018-19911 (2018-12-06) + + +FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF. Alternatively, the default password of works for the freeswitch account can sometimes be used. + + +- [iSafeBlue/freeswitch_rce](https://github.com/iSafeBlue/freeswitch_rce) + ### CVE-2018-19987 (2019-05-13) @@ -9184,6 +10216,22 @@ The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Product - [parzel/CVE-2018-20966](https://github.com/parzel/CVE-2018-20966) +### CVE-2018-1000001 (2018-01-31) + + +In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. + + +- [0x00-0x00/CVE-2018-1000001](https://github.com/0x00-0x00/CVE-2018-1000001) + +### CVE-2018-1000006 (2018-01-24) + + +GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16. + + +- [CHYbeta/CVE-2018-1000006-DEMO](https://github.com/CHYbeta/CVE-2018-1000006-DEMO) + ### CVE-2018-1000030 (2018-02-08) @@ -9200,6 +10248,22 @@ Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerabili - [SECFORCE/CVE-2018-1000082-exploit](https://github.com/SECFORCE/CVE-2018-1000082-exploit) +### CVE-2018-1000117 (2018-03-07) + + +Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5. + + +- [u0pattern/CVE-2018-1000117-Exploit](https://github.com/u0pattern/CVE-2018-1000117-Exploit) + +### CVE-2018-1000134 (2018-03-16) + + +UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. commit with applied fix https://github.com/pingidentity/ldapsdk/commit/8471904a02438c03965d21367890276bc25fa5a6#diff-f6cb23b459be1ec17df1da33760087fd that can result in Ability to impersonate any valid user. This attack appear to be exploitable via Providing valid username and empty password against servers that do not do additional validation as per https://tools.ietf.org/html/rfc4513#section-5.1.1. This vulnerability appears to have been fixed in after commit 8471904a02438c03965d21367890276bc25fa5a6. + + +- [dragotime/cve-2018-1000134](https://github.com/dragotime/cve-2018-1000134) + ### CVE-2018-1000140 (2018-03-23) @@ -9209,6 +10273,14 @@ rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerabil - [s0/rsyslog-librelp-CVE-2018-1000140](https://github.com/s0/rsyslog-librelp-CVE-2018-1000140) - [s0/rsyslog-librelp-CVE-2018-1000140-fixed](https://github.com/s0/rsyslog-librelp-CVE-2018-1000140-fixed) +### CVE-2018-1000199 (2018-05-24) + + +The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. + + +- [dsfau/CVE-2018-1000199](https://github.com/dsfau/CVE-2018-1000199) + ### CVE-2018-1000224 (2018-08-20) @@ -9217,6 +10289,14 @@ Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0. - [zann1x/ITS](https://github.com/zann1x/ITS) +### CVE-2018-1000529 (2018-06-26) + + +Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8. + + +- [martinfrancois/CVE-2018-1000529](https://github.com/martinfrancois/CVE-2018-1000529) + ### CVE-2018-1000542 (2018-06-26) @@ -9225,6 +10305,14 @@ netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vul - [forse01/CVE-2018-1000542-NetBeans](https://github.com/forse01/CVE-2018-1000542-NetBeans) +### CVE-2018-1000802 (2018-09-18) + + +Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace. + + +- [tna0y/CVE-2018-1000802-PoC](https://github.com/tna0y/CVE-2018-1000802-PoC) + ### CVE-2018-1000861 (2018-12-10)