Auto Update 2024/05/27 00:28:33

2016/CVE-2016-6187.json

@@ -43,8 +43,8 @@
         "description": "Kernel Exploit PoC for CVE-2016-6187 (Local Privilege Escalation)",
         "fork": false,
         "created_at": "2024-05-12T12:52:54Z",
-        "updated_at": "2024-05-25T18:48:45Z",
+        "updated_at": "2024-05-26T22:45:11Z",
-        "pushed_at": "2024-05-25T18:46:29Z",
+        "pushed_at": "2024-05-26T22:45:08Z",
         "stargazers_count": 0,
         "watchers_count": 0,
         "has_discussions": false,

2019/CVE-2019-0232.json

@@ -43,10 +43,10 @@
         "description": "Apache Tomcat Remote Code Execution on Windows - CGI-BIN",
         "fork": false,
         "created_at": "2019-04-16T14:32:03Z",
-        "updated_at": "2023-12-15T12:10:29Z",
+        "updated_at": "2024-05-26T21:59:58Z",
         "pushed_at": "2019-04-17T02:42:03Z",
-        "stargazers_count": 68,
+        "stargazers_count": 69,
-        "watchers_count": 68,
+        "watchers_count": 69,
         "has_discussions": false,
         "forks_count": 28,
         "allow_forking": true,
@@ -55,7 +55,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 28,
-        "watchers": 68,
+        "watchers": 69,
         "score": 0,
         "subscribers_count": 2
     },

2021/CVE-2021-40449.json

@@ -271,6 +271,6 @@
         "forks": 0,
         "watchers": 0,
         "score": 0,
-        "subscribers_count": 0
+        "subscribers_count": 1
     }
 ]

2021/CVE-2021-44228.json

@@ -309,10 +309,10 @@
         "description": "Deploys an agent to fix  CVE-2021-44228 (Log4j RCE vulnerability) in a running JVM process",
         "fork": false,
         "created_at": "2021-12-10T10:10:19Z",
-        "updated_at": "2024-01-04T17:04:03Z",
+        "updated_at": "2024-05-26T21:56:14Z",
         "pushed_at": "2021-12-12T10:33:02Z",
-        "stargazers_count": 108,
+        "stargazers_count": 109,
-        "watchers_count": 108,
+        "watchers_count": 109,
         "has_discussions": false,
         "forks_count": 13,
         "allow_forking": true,
@@ -321,7 +321,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 13,
-        "watchers": 108,
+        "watchers": 109,
         "score": 0,
         "subscribers_count": 4
     },

2022/CVE-2022-30190.json

@@ -171,10 +171,10 @@
         "description": "This Repository Talks about the Follina MSDT from Defender Perspective",
         "fork": false,
         "created_at": "2022-05-31T14:10:11Z",
-        "updated_at": "2024-05-15T15:30:32Z",
+        "updated_at": "2024-05-26T21:57:21Z",
         "pushed_at": "2022-06-02T09:12:54Z",
-        "stargazers_count": 38,
+        "stargazers_count": 39,
-        "watchers_count": 38,
+        "watchers_count": 39,
         "has_discussions": false,
         "forks_count": 10,
         "allow_forking": true,
@@ -183,7 +183,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 10,
-        "watchers": 38,
+        "watchers": 39,
         "score": 0,
         "subscribers_count": 1
     },

2023/CVE-2023-2255.json

@@ -18,13 +18,13 @@
         "stargazers_count": 39,
         "watchers_count": 39,
         "has_discussions": false,
-        "forks_count": 6,
+        "forks_count": 7,
         "allow_forking": true,
         "is_template": false,
         "web_commit_signoff_required": false,
         "topics": [],
         "visibility": "public",
-        "forks": 6,
+        "forks": 7,
         "watchers": 39,
         "score": 0,
         "subscribers_count": 1

2023/CVE-2023-30253.json

@@ -13,8 +13,8 @@
         "description": "Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.",
         "fork": false,
         "created_at": "2024-05-26T15:43:08Z",
-        "updated_at": "2024-05-26T16:20:21Z",
+        "updated_at": "2024-05-26T23:50:43Z",
-        "pushed_at": "2024-05-26T16:20:18Z",
+        "pushed_at": "2024-05-26T23:50:40Z",
         "stargazers_count": 0,
         "watchers_count": 0,
         "has_discussions": false,

2023/CVE-2023-36845.json

@@ -425,10 +425,10 @@
         "description": "CVES ",
         "fork": false,
         "created_at": "2024-02-13T20:59:34Z",
-        "updated_at": "2024-02-14T19:35:49Z",
+        "updated_at": "2024-05-26T20:16:50Z",
         "pushed_at": "2024-02-13T21:47:25Z",
-        "stargazers_count": 5,
+        "stargazers_count": 6,
-        "watchers_count": 5,
+        "watchers_count": 6,
         "has_discussions": false,
         "forks_count": 1,
         "allow_forking": true,
@@ -437,7 +437,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 1,
-        "watchers": 5,
+        "watchers": 6,
         "score": 0,
         "subscribers_count": 1
     },

2023/CVE-2023-5360.json

@@ -146,10 +146,10 @@
         "description": "Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.",
         "fork": false,
         "created_at": "2023-11-02T03:28:59Z",
-        "updated_at": "2024-02-26T13:03:40Z",
+        "updated_at": "2024-05-26T21:10:38Z",
         "pushed_at": "2023-11-10T07:15:16Z",
-        "stargazers_count": 3,
+        "stargazers_count": 4,
-        "watchers_count": 3,
+        "watchers_count": 4,
         "has_discussions": false,
         "forks_count": 0,
         "allow_forking": true,
@@ -158,7 +158,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 0,
-        "watchers": 3,
+        "watchers": 4,
         "score": 0,
         "subscribers_count": 0
     },

2024/CVE-2024-21762.json

@@ -73,10 +73,10 @@
         "description": "out-of-bounds write in Fortinet FortiOS  CVE-2024-21762 vulnerability ",
         "fork": false,
         "created_at": "2024-03-13T09:17:28Z",
-        "updated_at": "2024-05-24T09:33:13Z",
+        "updated_at": "2024-05-26T21:26:24Z",
         "pushed_at": "2024-03-16T00:35:12Z",
-        "stargazers_count": 97,
+        "stargazers_count": 98,
-        "watchers_count": 97,
+        "watchers_count": 98,
         "has_discussions": false,
         "forks_count": 17,
         "allow_forking": true,
@@ -85,7 +85,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 17,
-        "watchers": 97,
+        "watchers": 98,
         "score": 0,
         "subscribers_count": 5
     },

2024/CVE-2024-22120.json

@@ -13,10 +13,10 @@
         "description": "Time Based SQL Injection in Zabbix Server Audit Log --> RCE",
         "fork": false,
         "created_at": "2024-05-20T03:29:09Z",
-        "updated_at": "2024-05-25T15:53:11Z",
+        "updated_at": "2024-05-26T21:18:32Z",
         "pushed_at": "2024-05-21T10:30:49Z",
-        "stargazers_count": 83,
+        "stargazers_count": 84,
-        "watchers_count": 83,
+        "watchers_count": 84,
         "has_discussions": false,
         "forks_count": 16,
         "allow_forking": true,
@@ -29,7 +29,7 @@
         ],
         "visibility": "public",
         "forks": 16,
-        "watchers": 83,
+        "watchers": 84,
         "score": 0,
         "subscribers_count": 1
     }

2024/CVE-2024-23897.json

@@ -73,10 +73,10 @@
         "description": "CVE-2024-23897",
         "fork": false,
         "created_at": "2024-01-26T09:44:32Z",
-        "updated_at": "2024-05-22T06:12:21Z",
+        "updated_at": "2024-05-26T21:25:43Z",
         "pushed_at": "2024-01-28T06:47:28Z",
-        "stargazers_count": 170,
+        "stargazers_count": 171,
-        "watchers_count": 170,
+        "watchers_count": 171,
         "has_discussions": false,
         "forks_count": 35,
         "allow_forking": true,
@@ -85,7 +85,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 35,
-        "watchers": 170,
+        "watchers": 171,
         "score": 0,
         "subscribers_count": 2
     },

2024/CVE-2024-27130.json

@@ -13,10 +13,10 @@
         "description": "PoC for CVE-2024-27130",
         "fork": false,
         "created_at": "2024-05-17T07:58:01Z",
-        "updated_at": "2024-05-24T15:57:21Z",
+        "updated_at": "2024-05-26T22:12:23Z",
         "pushed_at": "2024-05-17T10:27:07Z",
-        "stargazers_count": 18,
+        "stargazers_count": 19,
-        "watchers_count": 18,
+        "watchers_count": 19,
         "has_discussions": false,
         "forks_count": 13,
         "allow_forking": true,
@@ -25,7 +25,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 13,
-        "watchers": 18,
+        "watchers": 19,
         "score": 0,
         "subscribers_count": 0
     },

2024/CVE-2024-32002.json

@@ -1199,7 +1199,7 @@
         "description": "poc of git rce using cve-2024-32002",
         "fork": false,
         "created_at": "2024-05-23T07:56:05Z",
-        "updated_at": "2024-05-24T11:11:24Z",
+        "updated_at": "2024-05-26T19:44:08Z",
         "pushed_at": "2024-05-24T10:39:48Z",
         "stargazers_count": 1,
         "watchers_count": 1,

2024/CVE-2024-32651.json

@@ -0,0 +1,32 @@
+[
+    {
+        "id": 806279478,
+        "name": "cve-2024-32651",
+        "full_name": "zcrosman\/cve-2024-32651",
+        "owner": {
+            "login": "zcrosman",
+            "id": 21688962,
+            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21688962?v=4",
+            "html_url": "https:\/\/github.com\/zcrosman"
+        },
+        "html_url": "https:\/\/github.com\/zcrosman\/cve-2024-32651",
+        "description": "changedetection rce though ssti",
+        "fork": false,
+        "created_at": "2024-05-26T21:24:14Z",
+        "updated_at": "2024-05-26T21:42:11Z",
+        "pushed_at": "2024-05-26T21:42:08Z",
+        "stargazers_count": 0,
+        "watchers_count": 0,
+        "has_discussions": false,
+        "forks_count": 0,
+        "allow_forking": true,
+        "is_template": false,
+        "web_commit_signoff_required": false,
+        "topics": [],
+        "visibility": "public",
+        "forks": 0,
+        "watchers": 0,
+        "score": 0,
+        "subscribers_count": 0
+    }
+]

2024/CVE-2024-4367.json

@@ -13,10 +13,10 @@
         "description": "CVE-2024-4367 & CVE-2024-34342 Proof of Concept",
         "fork": false,
         "created_at": "2024-05-20T10:02:23Z",
-        "updated_at": "2024-05-26T16:17:26Z",
+        "updated_at": "2024-05-26T20:22:36Z",
         "pushed_at": "2024-05-23T10:07:41Z",
-        "stargazers_count": 30,
+        "stargazers_count": 31,
-        "watchers_count": 30,
+        "watchers_count": 31,
         "has_discussions": false,
         "forks_count": 6,
         "allow_forking": true,
@@ -25,7 +25,7 @@
         "topics": [],
         "visibility": "public",
         "forks": 6,
-        "watchers": 30,
+        "watchers": 31,
         "score": 0,
         "subscribers_count": 1
     },

README.md

@@ -2101,6 +2101,13 @@
 - [Stuub/CVE-2024-32640-SQLI-MuraCMS](https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS)
 - [0x3f3c/CVE-2024-32640-SQLI-MuraCMS](https://github.com/0x3f3c/CVE-2024-32640-SQLI-MuraCMS)
 
+### CVE-2024-32651 (2024-04-25)
+
+<code>changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Jinja2 that allows Remote Command Execution on the server host. Attackers can run any system command without any restriction and they could use a reverse shell. The impact is critical as the attacker can completely takeover the server machine. This can be reduced if changedetection is behind a login page, but this isn't required by the application (not by default and not enforced).
+</code>
+
+- [zcrosman/cve-2024-32651](https://github.com/zcrosman/cve-2024-32651)
+
 ### CVE-2024-32709 (2024-04-24)
 
 <code>Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.\n\n