mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-29 02:54:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/09/25 18:31:27

Browse source
This commit is contained in:
motikan2010-bot 2024-09-26 03:31:27 +09:00
parent b0578fb16d
commit 52f175727b
33 changed files with 335 additions and 94 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2017/CVE-2017-0554.json
View file

@ -13,10 +13,10 @@
"description": "Android Tethering Provisioning Check Bypass (CVE-2017-0554)",
"fork": false,
"created_at": "2017-12-24T23:18:28Z",
"updated_at": "2024-09-03T13:36:38Z",
"updated_at": "2024-09-25T13:31:14Z",
"pushed_at": "2020-09-11T04:45:20Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 14,
"watchers": 15,
"score": 0,
"subscribers_count": 4
}

8
2017/CVE-2017-12615.json
View file

@ -403,10 +403,10 @@
"description": "最新tomcat自动化漏洞扫描利用工具支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938\/CNVD-2020-10487 文件包含",
"fork": false,
"created_at": "2024-08-29T06:38:16Z",
"updated_at": "2024-09-25T03:34:55Z",
"updated_at": "2024-09-25T16:36:38Z",
"pushed_at": "2024-09-09T07:42:24Z",
"stargazers_count": 67,
"watchers_count": 67,
"stargazers_count": 68,
"watchers_count": 68,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -423,7 +423,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 67,
"watchers": 68,
"score": 0,
"subscribers_count": 2
}

4
2018/CVE-2018-17240.json
View file

@ -43,8 +43,8 @@
"description": "A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)",
"fork": false,
"created_at": "2024-01-04T21:44:21Z",
"updated_at": "2024-09-19T00:29:58Z",
"pushed_at": "2024-09-25T08:45:17Z",
"updated_at": "2024-09-25T12:59:03Z",
"pushed_at": "2024-09-25T12:59:02Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,

8
2018/CVE-2018-9468.json
View file

@ -13,10 +13,10 @@
"description": "PoC Exploiting Permission Bypass in Android's Download Provider (CVE-2018-9468)",
"fork": false,
"created_at": "2019-03-02T18:31:11Z",
"updated_at": "2024-08-12T19:46:17Z",
"updated_at": "2024-09-25T13:33:26Z",
"pushed_at": "2020-01-15T12:34:10Z",
"stargazers_count": 18,
"watchers_count": 18,
"stargazers_count": 19,
"watchers_count": 19,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 18,
"watchers": 19,
"score": 0,
"subscribers_count": 4
}

30
2019/CVE-2019-15107.json
View file

@ -1014,5 +1014,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 863082077,
"name": "CVE-2019-15107",
"full_name": "grayorwhite\/CVE-2019-15107",
"owner": {
"login": "grayorwhite",
"id": 87687276,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87687276?v=4",
"html_url": "https:\/\/github.com\/grayorwhite"
},
"html_url": "https:\/\/github.com\/grayorwhite\/CVE-2019-15107",
"description": "CVE-2019-15107 webmin 취약점에 대해서 직접 서버를 구축하고 공격 결과를 남긴 정보입니다.",
"fork": false,
"created_at": "2024-09-25T17:22:52Z",
"updated_at": "2024-09-25T17:23:28Z",
"pushed_at": "2024-09-25T17:23:15Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2019/CVE-2019-16098.json
View file

@ -73,10 +73,10 @@
"description": "This exploit rebuilds and exploit the CVE-2019-16098 which is in driver Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I\/O ports, and MSRs. Instead of hardcoded base address of Ntoskrnl.exe, I calculated it dynamically and recalulated the fields offsets",
"fork": false,
"created_at": "2024-08-05T16:55:40Z",
"updated_at": "2024-08-27T18:12:03Z",
"updated_at": "2024-09-25T13:58:39Z",
"pushed_at": "2024-08-05T18:31:16Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
}

8
2020/CVE-2020-1938.json
View file

@ -919,10 +919,10 @@
"description": "最新tomcat自动化漏洞扫描利用工具支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938\/CNVD-2020-10487 文件包含",
"fork": false,
"created_at": "2024-08-29T06:38:16Z",
"updated_at": "2024-09-25T03:34:55Z",
"updated_at": "2024-09-25T16:36:38Z",
"pushed_at": "2024-09-09T07:42:24Z",
"stargazers_count": 67,
"watchers_count": 67,
"stargazers_count": 68,
"watchers_count": 68,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -939,7 +939,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 67,
"watchers": 68,
"score": 0,
"subscribers_count": 2
}

8
2020/CVE-2020-27950.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2020-27950 exploit",
"fork": false,
"created_at": "2020-12-01T15:49:07Z",
"updated_at": "2022-11-09T18:10:19Z",
"updated_at": "2024-09-25T12:27:29Z",
"pushed_at": "2020-12-01T15:50:45Z",
"stargazers_count": 30,
"watchers_count": 30,
"stargazers_count": 31,
"watchers_count": 31,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 30,
"watchers": 31,
"score": 0,
"subscribers_count": 5
},

8
2020/CVE-2020-35489.json
View file

@ -150,10 +150,10 @@
"description": "Harnessing AI to hack the limits of possibility",
"fork": false,
"created_at": "2024-09-20T01:10:48Z",
"updated_at": "2024-09-24T00:56:47Z",
"updated_at": "2024-09-25T13:21:13Z",
"pushed_at": "2024-09-20T23:17:48Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -169,7 +169,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 3
}

30
2020/CVE-2020-9484.json
View file

@ -491,5 +491,35 @@
"watchers": 9,
"score": 0,
"subscribers_count": 1
},
{
"id": 863005801,
"name": "CVE-2020-9484",
"full_name": "Disturbante\/CVE-2020-9484",
"owner": {
"login": "Disturbante",
"id": 126893851,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126893851?v=4",
"html_url": "https:\/\/github.com\/Disturbante"
},
"html_url": "https:\/\/github.com\/Disturbante\/CVE-2020-9484",
"description": "Bash POC for CVE-2020-9484 that i used in tryhackme challenge",
"fork": false,
"created_at": "2024-09-25T14:55:51Z",
"updated_at": "2024-09-25T14:56:44Z",
"pushed_at": "2024-09-25T14:56:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2021/CVE-2021-4034.json
View file

@ -936,10 +936,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2024-09-22T10:38:54Z",
"updated_at": "2024-09-25T18:08:04Z",
"pushed_at": "2022-06-21T14:52:05Z",
"stargazers_count": 1051,
"watchers_count": 1051,
"stargazers_count": 1052,
"watchers_count": 1052,
"has_discussions": false,
"forks_count": 185,
"allow_forking": true,
@ -950,7 +950,7 @@
],
"visibility": "public",
"forks": 185,
"watchers": 1051,
"watchers": 1052,
"score": 0,
"subscribers_count": 13
},

12
2021/CVE-2021-44228.json
View file

@ -5140,10 +5140,10 @@
"description": "PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs",
"fork": false,
"created_at": "2021-12-13T21:39:51Z",
"updated_at": "2024-06-02T17:22:11Z",
"updated_at": "2024-09-25T12:27:40Z",
"pushed_at": "2021-12-21T01:24:46Z",
"stargazers_count": 293,
"watchers_count": 293,
"stargazers_count": 292,
"watchers_count": 292,
"has_discussions": false,
"forks_count": 32,
"allow_forking": true,
@ -5152,7 +5152,7 @@
"topics": [],
"visibility": "public",
"forks": 32,
"watchers": 293,
"watchers": 292,
"score": 0,
"subscribers_count": 12
},
@ -9118,13 +9118,13 @@
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 0

8
2022/CVE-2022-0847.json
View file

@ -553,10 +553,10 @@
"description": "Bash script to check for CVE-2022-0847 \"Dirty Pipe\"",
"fork": false,
"created_at": "2022-03-08T17:13:24Z",
"updated_at": "2024-08-12T20:21:23Z",
"updated_at": "2024-09-25T14:11:47Z",
"pushed_at": "2023-06-14T23:25:46Z",
"stargazers_count": 63,
"watchers_count": 63,
"stargazers_count": 62,
"watchers_count": 62,
"has_discussions": false,
"forks_count": 27,
"allow_forking": true,
@ -565,7 +565,7 @@
"topics": [],
"visibility": "public",
"forks": 27,
"watchers": 63,
"watchers": 62,
"score": 0,
"subscribers_count": 1
},

8
2022/CVE-2022-22947.json
View file

@ -1584,10 +1584,10 @@
"description": "CVE-2022-22947注入哥斯拉内存马",
"fork": false,
"created_at": "2023-02-07T01:59:01Z",
"updated_at": "2024-07-08T07:55:28Z",
"updated_at": "2024-09-25T15:34:03Z",
"pushed_at": "2023-06-21T15:43:11Z",
"stargazers_count": 24,
"watchers_count": 24,
"stargazers_count": 25,
"watchers_count": 25,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1596,7 +1596,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 24,
"watchers": 25,
"score": 0,
"subscribers_count": 1
},

8
2022/CVE-2022-2602.json
View file

@ -43,10 +43,10 @@
"description": null,
"fork": false,
"created_at": "2022-12-20T12:16:38Z",
"updated_at": "2024-08-12T20:28:57Z",
"updated_at": "2024-09-25T15:06:42Z",
"pushed_at": "2023-01-09T11:28:00Z",
"stargazers_count": 85,
"watchers_count": 85,
"stargazers_count": 86,
"watchers_count": 86,
"has_discussions": false,
"forks_count": 28,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 28,
"watchers": 85,
"watchers": 86,
"score": 0,
"subscribers_count": 3
},

8
2023/CVE-2023-30253.json
View file

@ -13,10 +13,10 @@
"description": "Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.",
"fork": false,
"created_at": "2024-05-26T15:43:08Z",
"updated_at": "2024-08-29T13:10:34Z",
"updated_at": "2024-09-25T13:12:28Z",
"pushed_at": "2024-05-26T23:50:40Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
},

4
2023/CVE-2023-52709.json
View file

@ -13,8 +13,8 @@
"description": "PoC for 2023-52709 - TI Bluetooth stack can fail to generate a resolvable Random Private Address (RPA) leading to DoS for already bonded peer devices. ",
"fork": false,
"created_at": "2024-07-08T16:48:29Z",
"updated_at": "2024-09-25T01:46:17Z",
"pushed_at": "2024-09-25T01:46:13Z",
"updated_at": "2024-09-25T18:24:31Z",
"pushed_at": "2024-09-25T18:24:27Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,

32
2024/CVE-2024-1380.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 863002188,
"name": "CVE-2024-1380",
"full_name": "RandomRobbieBF\/CVE-2024-1380",
"owner": {
"login": "RandomRobbieBF",
"id": 51722811,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4",
"html_url": "https:\/\/github.com\/RandomRobbieBF"
},
"html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-1380",
"description": "Relevanssi A Better Search <= 4.22.0 - Missing Authorization to Unauthenticated Query Log Export",
"fork": false,
"created_at": "2024-09-25T14:49:00Z",
"updated_at": "2024-09-25T14:50:58Z",
"pushed_at": "2024-09-25T14:50:55Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-1512.json
View file

@ -13,10 +13,10 @@
"description": "PoC for CVE-2024-1512 in MasterStudy LMS WordPress Plugin.",
"fork": false,
"created_at": "2024-03-01T11:08:37Z",
"updated_at": "2024-04-02T03:27:23Z",
"updated_at": "2024-09-25T18:00:24Z",
"pushed_at": "2024-03-01T11:18:20Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

12
2024/CVE-2024-20017.json
View file

@ -13,19 +13,19 @@
"description": "exploits for CVE-2024-20017",
"fork": false,
"created_at": "2024-08-30T05:54:36Z",
"updated_at": "2024-09-25T10:01:43Z",
"updated_at": "2024-09-25T16:12:22Z",
"pushed_at": "2024-09-07T10:11:22Z",
"stargazers_count": 85,
"watchers_count": 85,
"stargazers_count": 88,
"watchers_count": 88,
"has_discussions": false,
"forks_count": 24,
"forks_count": 25,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 24,
"watchers": 85,
"forks": 25,
"watchers": 88,
"score": 0,
"subscribers_count": 3
}

4
2024/CVE-2024-28987.json
View file

@ -48,13 +48,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 0,
"score": 0,
"subscribers_count": 0

8
2024/CVE-2024-30088.json
View file

@ -103,10 +103,10 @@
"description": "Kernel exploit for Xbox SystemOS using CVE-2024-30088",
"fork": false,
"created_at": "2024-07-15T08:07:05Z",
"updated_at": "2024-09-22T22:42:38Z",
"updated_at": "2024-09-25T14:38:35Z",
"pushed_at": "2024-09-08T21:23:34Z",
"stargazers_count": 359,
"watchers_count": 359,
"stargazers_count": 360,
"watchers_count": 360,
"has_discussions": false,
"forks_count": 30,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 30,
"watchers": 359,
"watchers": 360,
"score": 0,
"subscribers_count": 18
},

8
2024/CVE-2024-3105.json
View file

@ -13,10 +13,10 @@
"description": "A PoC Exploit for CVE-2024-3105 - The Woody code snippets Insert Header Footer Code, AdSense Ads plugin for WordPress Remote Code Execution (RCE)",
"fork": false,
"created_at": "2024-08-10T14:52:44Z",
"updated_at": "2024-08-25T18:08:24Z",
"updated_at": "2024-09-25T13:24:49Z",
"pushed_at": "2024-08-10T15:22:07Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -33,7 +33,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 2
}

4
2024/CVE-2024-31848.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -34,7 +34,7 @@
"threat-intel"
],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 15,
"score": 0,
"subscribers_count": 1

8
2024/CVE-2024-38063.json
View file

@ -73,10 +73,10 @@
"description": "Note: I am not responsible for any bad act. This is written by Chirag Artani to demonstrate the vulnerability.",
"fork": false,
"created_at": "2024-08-17T14:58:36Z",
"updated_at": "2024-09-24T14:41:16Z",
"updated_at": "2024-09-25T17:45:57Z",
"pushed_at": "2024-08-28T20:56:40Z",
"stargazers_count": 76,
"watchers_count": 76,
"stargazers_count": 77,
"watchers_count": 77,
"has_discussions": false,
"forks_count": 27,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 27,
"watchers": 76,
"watchers": 77,
"score": 0,
"subscribers_count": 4
},

4
2024/CVE-2024-38816.json
View file

@ -43,8 +43,8 @@
"description": "CVE-2024-38816 Proof of Concept",
"fork": false,
"created_at": "2024-09-25T09:36:59Z",
"updated_at": "2024-09-25T10:26:03Z",
"pushed_at": "2024-09-25T10:20:14Z",
"updated_at": "2024-09-25T12:43:51Z",
"pushed_at": "2024-09-25T12:43:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2024/CVE-2024-43918.json
View file

@ -13,10 +13,10 @@
"description": "WBW Product Table Pro <= 1.9.4 - Unauthenticated Arbitrary SQL Execution to RCE",
"fork": false,
"created_at": "2024-09-24T05:50:03Z",
"updated_at": "2024-09-24T05:52:07Z",
"updated_at": "2024-09-25T13:15:25Z",
"pushed_at": "2024-09-24T05:52:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

32
2024/CVE-2024-7385.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 863088195,
"name": "CVE-2024-7385",
"full_name": "nothe1senberg\/CVE-2024-7385",
"owner": {
"login": "nothe1senberg",
"id": 182430066,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182430066?v=4",
"html_url": "https:\/\/github.com\/nothe1senberg"
},
"html_url": "https:\/\/github.com\/nothe1senberg\/CVE-2024-7385",
"description": null,
"fork": false,
"created_at": "2024-09-25T17:35:04Z",
"updated_at": "2024-09-25T17:51:42Z",
"pushed_at": "2024-09-25T17:39:47Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

32
2024/CVE-2024-7617.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 863094511,
"name": "CVE-2024-7617",
"full_name": "maybeheisenberg\/CVE-2024-7617",
"owner": {
"login": "maybeheisenberg",
"id": 181843766,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181843766?v=4",
"html_url": "https:\/\/github.com\/maybeheisenberg"
},
"html_url": "https:\/\/github.com\/maybeheisenberg\/CVE-2024-7617",
"description": null,
"fork": false,
"created_at": "2024-09-25T17:47:44Z",
"updated_at": "2024-09-25T17:51:57Z",
"pushed_at": "2024-09-25T17:50:16Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

32
2024/CVE-2024-8275.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 863074957,
"name": "CVE-2024-8275",
"full_name": "nothe1senberg\/CVE-2024-8275",
"owner": {
"login": "nothe1senberg",
"id": 182430066,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182430066?v=4",
"html_url": "https:\/\/github.com\/nothe1senberg"
},
"html_url": "https:\/\/github.com\/nothe1senberg\/CVE-2024-8275",
"description": null,
"fork": false,
"created_at": "2024-09-25T17:08:24Z",
"updated_at": "2024-09-25T17:28:19Z",
"pushed_at": "2024-09-25T17:27:43Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-8504.json
View file

@ -13,10 +13,10 @@
"description": "VICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504)",
"fork": false,
"created_at": "2024-09-14T06:27:11Z",
"updated_at": "2024-09-25T06:19:21Z",
"updated_at": "2024-09-25T14:06:20Z",
"pushed_at": "2024-09-15T21:34:35Z",
"stargazers_count": 27,
"watchers_count": 27,
"stargazers_count": 28,
"watchers_count": 28,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 27,
"watchers": 28,
"score": 0,
"subscribers_count": 3
},

32
2024/CVE-2024-8514.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 863090983,
"name": "CVE-2024-8514",
"full_name": "maybeheisenberg\/CVE-2024-8514",
"owner": {
"login": "maybeheisenberg",
"id": 181843766,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181843766?v=4",
"html_url": "https:\/\/github.com\/maybeheisenberg"
},
"html_url": "https:\/\/github.com\/maybeheisenberg\/CVE-2024-8514",
"description": null,
"fork": false,
"created_at": "2024-09-25T17:40:36Z",
"updated_at": "2024-09-25T17:52:02Z",
"pushed_at": "2024-09-25T17:46:29Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

21
README.md
View file

@ -357,6 +357,13 @@
- [PeterGabaldon/CVE-2024-1346](https://github.com/PeterGabaldon/CVE-2024-1346)
### CVE-2024-1380 (2024-03-13)
<code>The Relevanssi A Better Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relevanssi_export_log_check() function in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. The vendor has indicated that they may look into adding a capability check for proper authorization control, however, this vulnerability is theoretically patched as is.
</code>
- [RandomRobbieBF/CVE-2024-1380](https://github.com/RandomRobbieBF/CVE-2024-1380)
### CVE-2024-1403 (2024-02-27)
<code>In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified.  The\nvulnerability is a bypass to authentication based on a failure to properly\nhandle username and password. Certain unexpected\ncontent passed into the credentials can lead to unauthorized access without proper\nauthentication.   \n\n\n\n\n\n\n
@ -1400,6 +1407,9 @@
- [RevoltSecurities/CVE-2024-7339](https://github.com/RevoltSecurities/CVE-2024-7339)
### CVE-2024-7385
- [nothe1senberg/CVE-2024-7385](https://github.com/nothe1senberg/CVE-2024-7385)
### CVE-2024-7593 (2024-08-13)
<code>Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
@ -1408,6 +1418,9 @@
- [rxerium/CVE-2024-7593](https://github.com/rxerium/CVE-2024-7593)
- [D3N14LD15K/CVE-2024-7593_PoC_Exploit](https://github.com/D3N14LD15K/CVE-2024-7593_PoC_Exploit)
### CVE-2024-7617
- [maybeheisenberg/CVE-2024-7617](https://github.com/maybeheisenberg/CVE-2024-7617)
### CVE-2024-7646 (2024-08-16)
<code>A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
@ -1465,6 +1478,9 @@
- [horizon3ai/CVE-2024-8190](https://github.com/horizon3ai/CVE-2024-8190)
### CVE-2024-8275
- [nothe1senberg/CVE-2024-8275](https://github.com/nothe1senberg/CVE-2024-8275)
### CVE-2024-8277 (2024-09-11)
<code>The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly verifying the user's identity. This makes it possible for unauthenticated attackers to log in as user that has dismissed an admin notice in the past 30 days, which is often an administrator. Alternatively, a user can log in as any user with any transient that has a valid user_id as the value, though it would be more difficult to exploit this successfully.
@ -1486,6 +1502,9 @@
- [Chocapikk/CVE-2024-8504](https://github.com/Chocapikk/CVE-2024-8504)
- [havokzero/ViciDial](https://github.com/havokzero/ViciDial)
### CVE-2024-8514
- [maybeheisenberg/CVE-2024-8514](https://github.com/maybeheisenberg/CVE-2024-8514)
### CVE-2024-8517 (2024-09-06)
<code>SPIP before 4.3.2, 4.2.16, and \n4.1.18 is vulnerable to a command injection issue. A \nremote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request.
@ -28953,6 +28972,7 @@
- [ColdFusionX/CVE-2020-9484](https://github.com/ColdFusionX/CVE-2020-9484)
- [d3fudd/CVE-2020-9484_Exploit](https://github.com/d3fudd/CVE-2020-9484_Exploit)
- [0dayCTF/CVE-2020-9484](https://github.com/0dayCTF/CVE-2020-9484)
- [Disturbante/CVE-2020-9484](https://github.com/Disturbante/CVE-2020-9484)
### CVE-2020-9495 (2020-06-19)
@ -34914,6 +34934,7 @@
- [aamfrk/Webmin-CVE-2019-15107](https://github.com/aamfrk/Webmin-CVE-2019-15107)
- [0x4r2/Webmin-CVE-2019-15107](https://github.com/0x4r2/Webmin-CVE-2019-15107)
- [NasrallahBaadi/CVE-2019-15107](https://github.com/NasrallahBaadi/CVE-2019-15107)
- [grayorwhite/CVE-2019-15107](https://github.com/grayorwhite/CVE-2019-15107)
### CVE-2019-15120 (2019-08-16)