mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/05/06 12:28:29

Browse source
This commit is contained in:
motikan2010-bot 2024-05-06 21:28:29 +09:00
parent f7d4f33b90
commit 5474d76dc5
33 changed files with 267 additions and 116 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
2014/CVE-2014-6271.json
View file

@ -913,7 +913,7 @@
"description": ":scream: Python library and utility for CVE-2014-6271 (aka. \"shellshock\")",
"fork": false,
"created_at": "2014-11-06T19:45:54Z",
"updated_at": "2018-12-26T07:54:55Z",
"updated_at": "2024-05-06T06:26:08Z",
"pushed_at": "2017-02-04T23:06:48Z",
"stargazers_count": 2,
"watchers_count": 2,

8
2016/CVE-2016-4977.json
View file

@ -43,10 +43,10 @@
"description": "burpsuite 的Spring漏洞扫描插件。SpringVulScan支持检测路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977",
"fork": false,
"created_at": "2022-06-19T13:16:55Z",
"updated_at": "2024-04-02T17:40:57Z",
"updated_at": "2024-05-06T07:27:31Z",
"pushed_at": "2023-01-23T13:00:34Z",
"stargazers_count": 144,
"watchers_count": 144,
"stargazers_count": 145,
"watchers_count": 145,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 144,
"watchers": 145,
"score": 0,
"subscribers_count": 2
}

16
2016/CVE-2016-5195.json
View file

@ -233,10 +233,10 @@
"description": "PoC for Dirty COW (CVE-2016-5195)",
"fork": false,
"created_at": "2016-10-22T15:25:34Z",
"updated_at": "2024-04-16T02:21:29Z",
"updated_at": "2024-05-06T09:26:50Z",
"pushed_at": "2022-03-16T12:08:54Z",
"stargazers_count": 477,
"watchers_count": 477,
"stargazers_count": 478,
"watchers_count": 478,
"has_discussions": false,
"forks_count": 146,
"allow_forking": true,
@ -245,7 +245,7 @@
"topics": [],
"visibility": "public",
"forks": 146,
"watchers": 477,
"watchers": 478,
"score": 0,
"subscribers_count": 21
},
@ -1145,10 +1145,10 @@
"description": "CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞Dirty Cow但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”",
"fork": false,
"created_at": "2022-03-07T18:36:50Z",
"updated_at": "2024-05-03T20:00:56Z",
"updated_at": "2024-05-06T10:04:40Z",
"pushed_at": "2023-02-02T02:17:30Z",
"stargazers_count": 271,
"watchers_count": 271,
"stargazers_count": 272,
"watchers_count": 272,
"has_discussions": false,
"forks_count": 77,
"allow_forking": true,
@ -1157,7 +1157,7 @@
"topics": [],
"visibility": "public",
"forks": 77,
"watchers": 271,
"watchers": 272,
"score": 0,
"subscribers_count": 4
},

4
2018/CVE-2018-17463.json
View file

@ -48,13 +48,13 @@
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 8,
"score": 0,
"subscribers_count": 1

8
2018/CVE-2018-19320.json
View file

@ -73,10 +73,10 @@
"description": "Unsigned driver loader using CVE-2018-19320",
"fork": false,
"created_at": "2022-11-12T05:48:13Z",
"updated_at": "2024-05-04T19:07:02Z",
"updated_at": "2024-05-06T10:54:49Z",
"pushed_at": "2023-04-09T13:50:29Z",
"stargazers_count": 149,
"watchers_count": 149,
"stargazers_count": 150,
"watchers_count": 150,
"has_discussions": false,
"forks_count": 41,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 41,
"watchers": 149,
"watchers": 150,
"score": 0,
"subscribers_count": 6
},

8
2019/CVE-2019-0708.json
View file

@ -2597,10 +2597,10 @@
"description": "Metasploit module for CVE-2019-0708 (BlueKeep) - https:\/\/github.com\/rapid7\/metasploit-framework\/tree\/5a0119b04309c8e61b44763ac08811cd3ecbbf8d\/modules\/exploits\/windows\/rdp",
"fork": false,
"created_at": "2019-09-06T19:46:03Z",
"updated_at": "2023-12-29T05:43:19Z",
"updated_at": "2024-05-06T07:58:22Z",
"pushed_at": "2019-09-07T09:41:22Z",
"stargazers_count": 12,
"watchers_count": 12,
"stargazers_count": 13,
"watchers_count": 13,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -2609,7 +2609,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 12,
"watchers": 13,
"score": 0,
"subscribers_count": 3
},

8
2021/CVE-2021-1675.json
View file

@ -43,10 +43,10 @@
"description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527",
"fork": false,
"created_at": "2021-06-29T17:24:14Z",
"updated_at": "2024-05-06T06:06:56Z",
"updated_at": "2024-05-06T09:33:38Z",
"pushed_at": "2021-07-20T15:28:13Z",
"stargazers_count": 1791,
"watchers_count": 1791,
"stargazers_count": 1792,
"watchers_count": 1792,
"has_discussions": false,
"forks_count": 580,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 580,
"watchers": 1791,
"watchers": 1792,
"score": 0,
"subscribers_count": 44
},

4
2021/CVE-2021-22205.json
View file

@ -78,13 +78,13 @@
"stargazers_count": 70,
"watchers_count": 70,
"has_discussions": false,
"forks_count": 31,
"forks_count": 29,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 31,
"forks": 29,
"watchers": 70,
"score": 0,
"subscribers_count": 2

8
2021/CVE-2021-4034.json
View file

@ -938,10 +938,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2024-05-04T13:12:51Z",
"updated_at": "2024-05-06T12:00:29Z",
"pushed_at": "2022-06-21T14:52:05Z",
"stargazers_count": 987,
"watchers_count": 987,
"stargazers_count": 988,
"watchers_count": 988,
"has_discussions": false,
"forks_count": 180,
"allow_forking": true,
@ -952,7 +952,7 @@
],
"visibility": "public",
"forks": 180,
"watchers": 987,
"watchers": 988,
"score": 0,
"subscribers_count": 14
},

8
2021/CVE-2021-40449.json
View file

@ -197,10 +197,10 @@
"description": "Using CVE-2021-40449 to manual map kernel mode driver",
"fork": false,
"created_at": "2022-03-04T17:55:52Z",
"updated_at": "2024-04-13T17:06:31Z",
"updated_at": "2024-05-06T11:50:13Z",
"pushed_at": "2022-03-05T18:34:25Z",
"stargazers_count": 96,
"watchers_count": 96,
"stargazers_count": 97,
"watchers_count": 97,
"has_discussions": false,
"forks_count": 32,
"allow_forking": true,
@ -209,7 +209,7 @@
"topics": [],
"visibility": "public",
"forks": 32,
"watchers": 96,
"watchers": 97,
"score": 0,
"subscribers_count": 4
},

8
2021/CVE-2021-42278.json
View file

@ -48,10 +48,10 @@
"description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ",
"fork": false,
"created_at": "2021-12-13T10:28:12Z",
"updated_at": "2024-05-03T14:04:19Z",
"updated_at": "2024-05-06T06:33:08Z",
"pushed_at": "2023-01-29T03:31:27Z",
"stargazers_count": 722,
"watchers_count": 722,
"stargazers_count": 723,
"watchers_count": 723,
"has_discussions": false,
"forks_count": 115,
"allow_forking": true,
@ -60,7 +60,7 @@
"topics": [],
"visibility": "public",
"forks": 115,
"watchers": 722,
"watchers": 723,
"score": 0,
"subscribers_count": 13
},

8
2021/CVE-2021-44228.json
View file

@ -907,10 +907,10 @@
"description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ",
"fork": false,
"created_at": "2021-12-10T23:19:28Z",
"updated_at": "2024-05-04T23:53:59Z",
"updated_at": "2024-05-06T10:26:57Z",
"pushed_at": "2024-02-12T22:37:25Z",
"stargazers_count": 1754,
"watchers_count": 1754,
"stargazers_count": 1753,
"watchers_count": 1753,
"has_discussions": false,
"forks_count": 518,
"allow_forking": true,
@ -924,7 +924,7 @@
],
"visibility": "public",
"forks": 518,
"watchers": 1754,
"watchers": 1753,
"score": 0,
"subscribers_count": 28
},

8
2022/CVE-2022-0847.json
View file

@ -103,10 +103,10 @@
"description": "CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞Dirty Cow但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”",
"fork": false,
"created_at": "2022-03-07T18:36:50Z",
"updated_at": "2024-05-03T20:00:56Z",
"updated_at": "2024-05-06T10:04:40Z",
"pushed_at": "2023-02-02T02:17:30Z",
"stargazers_count": 271,
"watchers_count": 271,
"stargazers_count": 272,
"watchers_count": 272,
"has_discussions": false,
"forks_count": 77,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 77,
"watchers": 271,
"watchers": 272,
"score": 0,
"subscribers_count": 4
},

8
2022/CVE-2022-1040.json
View file

@ -103,10 +103,10 @@
"description": "This vulnerability allows an attacker to gain unauthorized access to the firewall management space by bypassing authentication",
"fork": false,
"created_at": "2022-10-30T19:20:57Z",
"updated_at": "2022-10-24T03:11:53Z",
"updated_at": "2024-05-06T09:40:29Z",
"pushed_at": "2022-10-21T07:55:22Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},

16
2022/CVE-2022-22965.json
View file

@ -1601,10 +1601,10 @@
"description": "Spring4Shell , Spring Framework RCE (CVE-2022-22965) , Burpsuite Plugin",
"fork": false,
"created_at": "2022-04-11T12:37:58Z",
"updated_at": "2023-09-28T11:37:51Z",
"updated_at": "2024-05-06T07:27:34Z",
"pushed_at": "2022-04-11T12:39:39Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -1613,7 +1613,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},
@ -1853,10 +1853,10 @@
"description": "burpsuite 的Spring漏洞扫描插件。SpringVulScan支持检测路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977",
"fork": false,
"created_at": "2022-06-19T13:16:55Z",
"updated_at": "2024-04-02T17:40:57Z",
"updated_at": "2024-05-06T07:27:31Z",
"pushed_at": "2023-01-23T13:00:34Z",
"stargazers_count": 144,
"watchers_count": 144,
"stargazers_count": 145,
"watchers_count": 145,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -1865,7 +1865,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 144,
"watchers": 145,
"score": 0,
"subscribers_count": 2
},

4
2022/CVE-2022-33679.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 392,
"watchers_count": 392,
"has_discussions": false,
"forks_count": 70,
"forks_count": 71,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 70,
"forks": 71,
"watchers": 392,
"score": 0,
"subscribers_count": 8

8
2022/CVE-2022-45025.json
View file

@ -13,10 +13,10 @@
"description": "[PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)",
"fork": false,
"created_at": "2022-12-09T22:48:38Z",
"updated_at": "2024-05-03T07:18:55Z",
"updated_at": "2024-05-06T07:37:24Z",
"pushed_at": "2022-12-11T13:37:22Z",
"stargazers_count": 89,
"watchers_count": 89,
"stargazers_count": 90,
"watchers_count": 90,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 20,
"watchers": 89,
"watchers": 90,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-2255.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-2255 Libre Office ",
"fork": false,
"created_at": "2023-07-10T20:54:56Z",
"updated_at": "2024-05-05T02:10:33Z",
"updated_at": "2024-05-06T09:09:39Z",
"pushed_at": "2023-07-10T21:00:09Z",
"stargazers_count": 24,
"watchers_count": 24,
"stargazers_count": 25,
"watchers_count": 25,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 24,
"watchers": 25,
"score": 0,
"subscribers_count": 1
},

2
2023/CVE-2023-27163.json
View file

@ -113,7 +113,7 @@
"description": "Poc of SSRF for Request-Baskets (CVE-2023-27163)",
"fork": false,
"created_at": "2023-07-26T11:00:59Z",
"updated_at": "2023-08-08T15:50:44Z",
"updated_at": "2024-05-06T08:14:42Z",
"pushed_at": "2023-07-26T13:35:04Z",
"stargazers_count": 2,
"watchers_count": 2,

8
2023/CVE-2023-36427.json
View file

@ -13,10 +13,10 @@
"description": "Report and exploit of CVE-2023-36427",
"fork": false,
"created_at": "2023-10-09T16:55:18Z",
"updated_at": "2024-04-08T19:53:57Z",
"updated_at": "2024-05-06T10:07:10Z",
"pushed_at": "2023-11-22T15:31:34Z",
"stargazers_count": 89,
"watchers_count": 89,
"stargazers_count": 90,
"watchers_count": 90,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 17,
"watchers": 89,
"watchers": 90,
"score": 0,
"subscribers_count": 3
}

4
2023/CVE-2023-42793.json
View file

@ -138,8 +138,8 @@
"description": "JetBrains TeamCity Unauthenticated Remote Code Execution - Python3 Implementation",
"fork": false,
"created_at": "2024-04-21T13:52:28Z",
"updated_at": "2024-04-27T03:52:13Z",
"pushed_at": "2024-04-21T14:07:07Z",
"updated_at": "2024-05-06T10:15:51Z",
"pushed_at": "2024-05-06T10:15:48Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,

35
2023/CVE-2023-42860.json Normal file
View file

@ -0,0 +1,35 @@
[
{
"id": 784286642,
"name": "CVE-2023-42860",
"full_name": "Trigii\/CVE-2023-42860",
"owner": {
"login": "Trigii",
"id": 95245480,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95245480?v=4",
"html_url": "https:\/\/github.com\/Trigii"
},
"html_url": "https:\/\/github.com\/Trigii\/CVE-2023-42860",
"description": "Exploit for CVE-2023-42860",
"fork": false,
"created_at": "2024-04-09T14:53:46Z",
"updated_at": "2024-05-06T10:11:14Z",
"pushed_at": "2024-05-06T10:11:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"exploit",
"macos"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-4634.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-4634",
"fork": false,
"created_at": "2023-09-05T07:44:15Z",
"updated_at": "2024-04-28T09:36:18Z",
"updated_at": "2024-05-06T09:00:47Z",
"pushed_at": "2023-09-07T05:36:10Z",
"stargazers_count": 40,
"watchers_count": 40,
"stargazers_count": 41,
"watchers_count": 41,
"has_discussions": false,
"forks_count": 10,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 10,
"watchers": 40,
"watchers": 41,
"score": 0,
"subscribers_count": 3
}

8
2023/CVE-2023-7028.json
View file

@ -106,10 +106,10 @@
"description": "This repository presents a proof-of-concept of CVE-2023-7028",
"fork": false,
"created_at": "2024-01-12T18:29:27Z",
"updated_at": "2024-05-03T10:41:52Z",
"updated_at": "2024-05-06T09:34:16Z",
"pushed_at": "2024-01-13T13:50:20Z",
"stargazers_count": 233,
"watchers_count": 233,
"stargazers_count": 235,
"watchers_count": 235,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -118,7 +118,7 @@
"topics": [],
"visibility": "public",
"forks": 38,
"watchers": 233,
"watchers": 235,
"score": 0,
"subscribers_count": 6
},

8
2024/CVE-2024-1086.json
View file

@ -13,10 +13,10 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2024-05-06T01:38:25Z",
"updated_at": "2024-05-06T08:25:12Z",
"pushed_at": "2024-04-17T16:09:54Z",
"stargazers_count": 1910,
"watchers_count": 1910,
"stargazers_count": 1912,
"watchers_count": 1912,
"has_discussions": false,
"forks_count": 238,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 238,
"watchers": 1910,
"watchers": 1912,
"score": 0,
"subscribers_count": 21
},

32
2024/CVE-2024-1655.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 796642361,
"name": "CVE-2024-1655",
"full_name": "lnversed\/CVE-2024-1655",
"owner": {
"login": "lnversed",
"id": 46649884,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46649884?v=4",
"html_url": "https:\/\/github.com\/lnversed"
},
"html_url": "https:\/\/github.com\/lnversed\/CVE-2024-1655",
"description": null,
"fork": false,
"created_at": "2024-05-06T10:56:47Z",
"updated_at": "2024-05-06T10:57:22Z",
"pushed_at": "2024-05-06T10:57:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-21413.json
View file

@ -43,10 +43,10 @@
"description": "Microsoft-Outlook-Remote-Code-Execution-Vulnerability",
"fork": false,
"created_at": "2024-02-16T15:17:59Z",
"updated_at": "2024-05-06T00:50:17Z",
"updated_at": "2024-05-06T07:40:54Z",
"pushed_at": "2024-02-19T20:00:35Z",
"stargazers_count": 583,
"watchers_count": 583,
"stargazers_count": 584,
"watchers_count": 584,
"has_discussions": false,
"forks_count": 128,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 128,
"watchers": 583,
"watchers": 584,
"score": 0,
"subscribers_count": 9
},

12
2024/CVE-2024-23897.json
View file

@ -73,19 +73,19 @@
"description": "CVE-2024-23897",
"fork": false,
"created_at": "2024-01-26T09:44:32Z",
"updated_at": "2024-04-30T11:08:19Z",
"updated_at": "2024-05-06T11:59:09Z",
"pushed_at": "2024-01-28T06:47:28Z",
"stargazers_count": 168,
"watchers_count": 168,
"stargazers_count": 169,
"watchers_count": 169,
"has_discussions": false,
"forks_count": 33,
"forks_count": 34,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 33,
"watchers": 168,
"forks": 34,
"watchers": 169,
"score": 0,
"subscribers_count": 2
},

16
2024/CVE-2024-3094.json
View file

@ -43,10 +43,10 @@
"description": "Quick and dirty PoC for checking whether a vulnerable version of xz-utils is installed (CVE-2024-3094)",
"fork": false,
"created_at": "2024-03-29T20:28:17Z",
"updated_at": "2024-05-03T02:31:49Z",
"updated_at": "2024-05-06T09:48:48Z",
"pushed_at": "2024-03-31T00:13:39Z",
"stargazers_count": 70,
"watchers_count": 70,
"stargazers_count": 71,
"watchers_count": 71,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 70,
"watchers": 71,
"score": 0,
"subscribers_count": 3
},
@ -652,10 +652,10 @@
"description": null,
"fork": false,
"created_at": "2024-03-31T10:46:33Z",
"updated_at": "2024-04-26T01:30:28Z",
"updated_at": "2024-05-06T07:19:12Z",
"pushed_at": "2024-04-07T13:07:44Z",
"stargazers_count": 35,
"watchers_count": 35,
"stargazers_count": 36,
"watchers_count": 36,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -664,7 +664,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 35,
"watchers": 36,
"score": 0,
"subscribers_count": 6
},

8
2024/CVE-2024-33438.json
View file

@ -13,10 +13,10 @@
"description": "CubeCart <= 6.5.4 is vulnerable to an arbitrary file upload that leads to remote code execution (RCE).",
"fork": false,
"created_at": "2024-04-24T16:31:17Z",
"updated_at": "2024-05-02T16:06:43Z",
"updated_at": "2024-05-06T07:31:50Z",
"pushed_at": "2024-05-02T16:06:40Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-4040.json
View file

@ -268,10 +268,10 @@
"description": "A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.",
"fork": false,
"created_at": "2024-05-03T23:29:53Z",
"updated_at": "2024-05-05T17:50:45Z",
"updated_at": "2024-05-06T07:30:34Z",
"pushed_at": "2024-05-04T00:05:16Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -280,7 +280,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

62
2024/CVE-2024-4439.json Normal file
View file

@ -0,0 +1,62 @@
[
{
"id": 796592858,
"name": "CVE-2024-4439",
"full_name": "MielPopsssssss\/CVE-2024-4439",
"owner": {
"login": "MielPopsssssss",
"id": 79650146,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79650146?v=4",
"html_url": "https:\/\/github.com\/MielPopsssssss"
},
"html_url": "https:\/\/github.com\/MielPopsssssss\/CVE-2024-4439",
"description": "CVE-2024-4439 PoC",
"fork": false,
"created_at": "2024-05-06T08:50:23Z",
"updated_at": "2024-05-06T09:00:22Z",
"pushed_at": "2024-05-06T08:50:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 796599635,
"name": "CVE-2024-4439",
"full_name": "d0rb\/CVE-2024-4439",
"owner": {
"login": "d0rb",
"id": 10403781,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4",
"html_url": "https:\/\/github.com\/d0rb"
},
"html_url": "https:\/\/github.com\/d0rb\/CVE-2024-4439",
"description": "The provided exploit code leverages a stored Cross-Site Scripting (XSS) vulnerability (CVE-2024-4439) in WordPress Core versions up to 6.5.1.",
"fork": false,
"created_at": "2024-05-06T09:07:36Z",
"updated_at": "2024-05-06T09:09:21Z",
"pushed_at": "2024-05-06T09:09:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

22
README.md
View file

@ -197,6 +197,13 @@
- [hy011121/CVE-2024-1651-exploit-RCE](https://github.com/hy011121/CVE-2024-1651-exploit-RCE)
- [Whiteh4tWolf/CVE-2024-1651-PoC](https://github.com/Whiteh4tWolf/CVE-2024-1651-PoC)
### CVE-2024-1655 (2024-04-15)
<code>Certain ASUS WiFi routers models has an OS Command Injection vulnerability, allowing an authenticated remote attacker to execute arbitrary system commands by sending a specially crafted request.
</code>
- [lnversed/CVE-2024-1655](https://github.com/lnversed/CVE-2024-1655)
### CVE-2024-1698 (2024-02-27)
<code>The NotificationX Best FOMO, Social Proof, WooCommerce Sales Popup &amp; Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to, and including, 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
@ -456,6 +463,14 @@
- [jakabakos/CVE-2024-4040-CrushFTP-File-Read-vulnerability](https://github.com/jakabakos/CVE-2024-4040-CrushFTP-File-Read-vulnerability)
- [gotr00t0day/CVE-2024-4040](https://github.com/gotr00t0day/CVE-2024-4040)
### CVE-2024-4439 (2024-05-03)
<code>WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar.
</code>
- [MielPopsssssss/CVE-2024-4439](https://github.com/MielPopsssssss/CVE-2024-4439)
- [d0rb/CVE-2024-4439](https://github.com/d0rb/CVE-2024-4439)
### CVE-2024-12883
- [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883)
@ -7470,6 +7485,13 @@
- [C1ph3rX13/CVE-2023-42820](https://github.com/C1ph3rX13/CVE-2023-42820)
- [Startr4ck/cve-2023-42820](https://github.com/Startr4ck/cve-2023-42820)
### CVE-2023-42860 (2024-02-21)
<code>A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.
</code>
- [Trigii/CVE-2023-42860](https://github.com/Trigii/CVE-2023-42860)
### CVE-2023-42931 (2024-03-28)
<code>The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication.