diff --git a/2003/CVE-2003-0264.json b/2003/CVE-2003-0264.json
index f23c214f97..a97654ff05 100644
--- a/2003/CVE-2003-0264.json
+++ b/2003/CVE-2003-0264.json
@@ -67,28 +67,5 @@
"forks": 0,
"watchers": 0,
"score": 0
- },
- {
- "id": 247077498,
- "name": "CVE-2003-0264-SLmail-5.5",
- "full_name": "pwncone\/CVE-2003-0264-SLmail-5.5",
- "owner": {
- "login": "pwncone",
- "id": 57570315,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/57570315?v=4",
- "html_url": "https:\/\/github.com\/pwncone"
- },
- "html_url": "https:\/\/github.com\/pwncone\/CVE-2003-0264-SLmail-5.5",
- "description": "A POC remote buffer overflow for CVE-2003-0264 - SLMail 5.5",
- "fork": false,
- "created_at": "2020-03-13T13:27:56Z",
- "updated_at": "2020-03-13T13:31:38Z",
- "pushed_at": "2020-03-13T13:31:36Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
}
]
\ No newline at end of file
diff --git a/2016/CVE-2016-4655.json b/2016/CVE-2016-4655.json
index 95ebb2327f..3514ee4a84 100644
--- a/2016/CVE-2016-4655.json
+++ b/2016/CVE-2016-4655.json
@@ -13,13 +13,13 @@
"description": "OS X 10.11.6 LPE PoC for CVE-2016-4655 \/ CVE-2016-4656",
"fork": false,
"created_at": "2016-10-02T12:42:14Z",
- "updated_at": "2020-03-22T23:56:20Z",
+ "updated_at": "2020-03-27T22:48:40Z",
"pushed_at": "2016-10-04T16:36:18Z",
- "stargazers_count": 82,
- "watchers_count": 82,
+ "stargazers_count": 81,
+ "watchers_count": 81,
"forks_count": 26,
"forks": 26,
- "watchers": 82,
+ "watchers": 81,
"score": 0
},
{
diff --git a/2016/CVE-2016-4657.json b/2016/CVE-2016-4657.json
index 02724c8232..a2d0bbabf1 100644
--- a/2016/CVE-2016-4657.json
+++ b/2016/CVE-2016-4657.json
@@ -13,13 +13,13 @@
"description": "CVE-2016-4657 for NintendoSwitch rwx",
"fork": false,
"created_at": "2017-03-13T13:08:17Z",
- "updated_at": "2018-04-23T08:22:22Z",
+ "updated_at": "2020-03-28T03:00:51Z",
"pushed_at": "2017-03-15T23:03:12Z",
- "stargazers_count": 1,
- "watchers_count": 1,
+ "stargazers_count": 2,
+ "watchers_count": 2,
"forks_count": 1,
"forks": 1,
- "watchers": 1,
+ "watchers": 2,
"score": 0
},
{
diff --git a/2017/CVE-2017-11882.json b/2017/CVE-2017-11882.json
index 44475f0cd8..c62d54aedb 100644
--- a/2017/CVE-2017-11882.json
+++ b/2017/CVE-2017-11882.json
@@ -132,8 +132,8 @@
"pushed_at": "2017-12-06T12:47:31Z",
"stargazers_count": 263,
"watchers_count": 263,
- "forks_count": 74,
- "forks": 74,
+ "forks_count": 75,
+ "forks": 75,
"watchers": 263,
"score": 0
},
diff --git a/2018/CVE-2018-0101.json b/2018/CVE-2018-0101.json
index eb80f20d5e..e471192c13 100644
--- a/2018/CVE-2018-0101.json
+++ b/2018/CVE-2018-0101.json
@@ -1,27 +1,4 @@
[
- {
- "id": 120640426,
- "name": "CVE-2018-0101-DOS-POC",
- "full_name": "1337g\/CVE-2018-0101-DOS-POC",
- "owner": {
- "login": "1337g",
- "id": 32504404,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4",
- "html_url": "https:\/\/github.com\/1337g"
- },
- "html_url": "https:\/\/github.com\/1337g\/CVE-2018-0101-DOS-POC",
- "description": null,
- "fork": false,
- "created_at": "2018-02-07T16:25:59Z",
- "updated_at": "2019-10-11T19:04:25Z",
- "pushed_at": "2018-02-07T16:43:08Z",
- "stargazers_count": 13,
- "watchers_count": 13,
- "forks_count": 5,
- "forks": 5,
- "watchers": 13,
- "score": 0
- },
{
"id": 120782386,
"name": "ciscoasa_honeypot",
diff --git a/2018/CVE-2018-0296.json b/2018/CVE-2018-0296.json
index de7acd7505..1768efb7cd 100644
--- a/2018/CVE-2018-0296.json
+++ b/2018/CVE-2018-0296.json
@@ -45,29 +45,6 @@
"watchers": 164,
"score": 0
},
- {
- "id": 138348696,
- "name": "CVE-2018-0296",
- "full_name": "bhenner1\/CVE-2018-0296",
- "owner": {
- "login": "bhenner1",
- "id": 24857952,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24857952?v=4",
- "html_url": "https:\/\/github.com\/bhenner1"
- },
- "html_url": "https:\/\/github.com\/bhenner1\/CVE-2018-0296",
- "description": "Cisco ASA - CVE-2018-0296 | Exploit",
- "fork": false,
- "created_at": "2018-06-22T21:12:58Z",
- "updated_at": "2019-01-03T02:33:10Z",
- "pushed_at": "2018-06-26T13:44:41Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 1,
- "forks": 1,
- "watchers": 1,
- "score": 0
- },
{
"id": 139199476,
"name": "CVE-2018-0296",
diff --git a/2018/CVE-2018-10933.json b/2018/CVE-2018-10933.json
index bda220f0eb..304beef96d 100644
--- a/2018/CVE-2018-10933.json
+++ b/2018/CVE-2018-10933.json
@@ -40,8 +40,8 @@
"pushed_at": "2020-01-29T10:28:44Z",
"stargazers_count": 462,
"watchers_count": 462,
- "forks_count": 116,
- "forks": 116,
+ "forks_count": 117,
+ "forks": 117,
"watchers": 462,
"score": 0
},
diff --git a/2018/CVE-2018-11235.json b/2018/CVE-2018-11235.json
index d4d2ab88b5..d8da11cc88 100644
--- a/2018/CVE-2018-11235.json
+++ b/2018/CVE-2018-11235.json
@@ -1,142 +1,4 @@
[
- {
- "id": 135505582,
- "name": "CVE-2018-11235",
- "full_name": "Rogdham\/CVE-2018-11235",
- "owner": {
- "login": "Rogdham",
- "id": 3994389,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3994389?v=4",
- "html_url": "https:\/\/github.com\/Rogdham"
- },
- "html_url": "https:\/\/github.com\/Rogdham\/CVE-2018-11235",
- "description": "PoC exploit for CVE-2018-11235 allowing RCE on git clone --recurse-submodules",
- "fork": false,
- "created_at": "2018-05-30T22:56:29Z",
- "updated_at": "2020-03-27T10:32:44Z",
- "pushed_at": "2018-06-03T18:55:07Z",
- "stargazers_count": 43,
- "watchers_count": 43,
- "forks_count": 22,
- "forks": 22,
- "watchers": 43,
- "score": 0
- },
- {
- "id": 135556339,
- "name": "CVE-2018-11235",
- "full_name": "vmotos\/CVE-2018-11235",
- "owner": {
- "login": "vmotos",
- "id": 22636953,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22636953?v=4",
- "html_url": "https:\/\/github.com\/vmotos"
- },
- "html_url": "https:\/\/github.com\/vmotos\/CVE-2018-11235",
- "description": "RCE vulnerability to exec \"git clone --recurse-submodule\" (CVE-2018-11235)",
- "fork": false,
- "created_at": "2018-05-31T08:38:17Z",
- "updated_at": "2018-05-31T09:11:10Z",
- "pushed_at": "2018-05-31T09:11:06Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 1,
- "forks": 1,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 135587582,
- "name": "cve-2018-11235",
- "full_name": "Choihosu\/cve-2018-11235",
- "owner": {
- "login": "Choihosu",
- "id": 18625744,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18625744?v=4",
- "html_url": "https:\/\/github.com\/Choihosu"
- },
- "html_url": "https:\/\/github.com\/Choihosu\/cve-2018-11235",
- "description": null,
- "fork": false,
- "created_at": "2018-05-31T13:29:06Z",
- "updated_at": "2018-05-31T13:29:06Z",
- "pushed_at": "2018-05-31T13:29:06Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 135652327,
- "name": "CVE-2018-11235-DEMO",
- "full_name": "CHYbeta\/CVE-2018-11235-DEMO",
- "owner": {
- "login": "CHYbeta",
- "id": 18642224,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/18642224?v=4",
- "html_url": "https:\/\/github.com\/CHYbeta"
- },
- "html_url": "https:\/\/github.com\/CHYbeta\/CVE-2018-11235-DEMO",
- "description": null,
- "fork": false,
- "created_at": "2018-06-01T01:26:19Z",
- "updated_at": "2019-09-09T11:53:11Z",
- "pushed_at": "2018-06-07T03:34:35Z",
- "stargazers_count": 11,
- "watchers_count": 11,
- "forks_count": 3,
- "forks": 3,
- "watchers": 11,
- "score": 0
- },
- {
- "id": 136300278,
- "name": "CVE-2018-11235-poc",
- "full_name": "Kiss-sh0t\/CVE-2018-11235-poc",
- "owner": {
- "login": "Kiss-sh0t",
- "id": 16567682,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16567682?v=4",
- "html_url": "https:\/\/github.com\/Kiss-sh0t"
- },
- "html_url": "https:\/\/github.com\/Kiss-sh0t\/CVE-2018-11235-poc",
- "description": "for git v2.7.4",
- "fork": false,
- "created_at": "2018-06-06T08:48:57Z",
- "updated_at": "2018-06-06T08:56:02Z",
- "pushed_at": "2018-06-06T08:54:02Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 136924699,
- "name": "clone_and_pwn",
- "full_name": "H0K5\/clone_and_pwn",
- "owner": {
- "login": "H0K5",
- "id": 8493152,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/8493152?v=4",
- "html_url": "https:\/\/github.com\/H0K5"
- },
- "html_url": "https:\/\/github.com\/H0K5\/clone_and_pwn",
- "description": "Exploits CVE-2018-11235",
- "fork": false,
- "created_at": "2018-06-11T12:41:34Z",
- "updated_at": "2019-03-06T19:08:44Z",
- "pushed_at": "2018-06-06T17:24:02Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 143149359,
"name": "CVE-2018-11235",
diff --git a/2018/CVE-2018-1270.json b/2018/CVE-2018-1270.json
index f1f4194be5..67baba1cb7 100644
--- a/2018/CVE-2018-1270.json
+++ b/2018/CVE-2018-1270.json
@@ -1,50 +1,4 @@
[
- {
- "id": 128482458,
- "name": "CVE-2018-1270",
- "full_name": "CaledoniaProject\/CVE-2018-1270",
- "owner": {
- "login": "CaledoniaProject",
- "id": 1357701,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1357701?v=4",
- "html_url": "https:\/\/github.com\/CaledoniaProject"
- },
- "html_url": "https:\/\/github.com\/CaledoniaProject\/CVE-2018-1270",
- "description": "Spring messaging STOMP protocol RCE",
- "fork": false,
- "created_at": "2018-04-07T00:14:33Z",
- "updated_at": "2020-03-26T03:28:56Z",
- "pushed_at": "2018-04-12T05:48:24Z",
- "stargazers_count": 110,
- "watchers_count": 110,
- "forks_count": 25,
- "forks": 25,
- "watchers": 110,
- "score": 0
- },
- {
- "id": 129230393,
- "name": "CVE-2018-1270_EXP",
- "full_name": "genxor\/CVE-2018-1270_EXP",
- "owner": {
- "login": "genxor",
- "id": 3094713,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3094713?v=4",
- "html_url": "https:\/\/github.com\/genxor"
- },
- "html_url": "https:\/\/github.com\/genxor\/CVE-2018-1270_EXP",
- "description": null,
- "fork": false,
- "created_at": "2018-04-12T09:54:34Z",
- "updated_at": "2019-10-11T19:04:29Z",
- "pushed_at": "2018-04-12T10:00:45Z",
- "stargazers_count": 19,
- "watchers_count": 19,
- "forks_count": 4,
- "forks": 4,
- "watchers": 19,
- "score": 0
- },
{
"id": 158213121,
"name": "CVE-2018-1270",
diff --git a/2018/CVE-2018-1273.json b/2018/CVE-2018-1273.json
index ac0ea48514..3427d9f93c 100644
--- a/2018/CVE-2018-1273.json
+++ b/2018/CVE-2018-1273.json
@@ -1,50 +1,4 @@
[
- {
- "id": 129407531,
- "name": "CVE-2018-1273",
- "full_name": "knqyf263\/CVE-2018-1273",
- "owner": {
- "login": "knqyf263",
- "id": 2253692,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4",
- "html_url": "https:\/\/github.com\/knqyf263"
- },
- "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-1273",
- "description": "Environment for CVE-2018-1273 (Spring Data Commons)",
- "fork": false,
- "created_at": "2018-04-13T13:41:02Z",
- "updated_at": "2019-04-24T05:33:19Z",
- "pushed_at": "2018-08-15T05:26:45Z",
- "stargazers_count": 8,
- "watchers_count": 8,
- "forks_count": 2,
- "forks": 2,
- "watchers": 8,
- "score": 0
- },
- {
- "id": 129910523,
- "name": "poc-cve-2018-1273",
- "full_name": "wearearima\/poc-cve-2018-1273",
- "owner": {
- "login": "wearearima",
- "id": 24791991,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24791991?v=4",
- "html_url": "https:\/\/github.com\/wearearima"
- },
- "html_url": "https:\/\/github.com\/wearearima\/poc-cve-2018-1273",
- "description": "POC for CVE-2018-1273",
- "fork": false,
- "created_at": "2018-04-17T13:41:00Z",
- "updated_at": "2020-03-21T19:25:08Z",
- "pushed_at": "2018-06-05T15:07:18Z",
- "stargazers_count": 18,
- "watchers_count": 18,
- "forks_count": 8,
- "forks": 8,
- "watchers": 18,
- "score": 0
- },
{
"id": 151734933,
"name": "poc-cve-2018-1273",
diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json
index 9050afe96b..60109cd2e9 100644
--- a/2018/CVE-2018-2628.json
+++ b/2018/CVE-2018-2628.json
@@ -1,303 +1,4 @@
[
- {
- "id": 129995161,
- "name": "CVE-2018-2628",
- "full_name": "forlin\/CVE-2018-2628",
- "owner": {
- "login": "forlin",
- "id": 3012554,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3012554?v=4",
- "html_url": "https:\/\/github.com\/forlin"
- },
- "html_url": "https:\/\/github.com\/forlin\/CVE-2018-2628",
- "description": "CVE-2018-2628",
- "fork": false,
- "created_at": "2018-04-18T02:56:39Z",
- "updated_at": "2019-10-11T19:04:30Z",
- "pushed_at": "2018-04-18T02:48:58Z",
- "stargazers_count": 16,
- "watchers_count": 16,
- "forks_count": 43,
- "forks": 43,
- "watchers": 16,
- "score": 0
- },
- {
- "id": 130009588,
- "name": "CVE-2018-2628",
- "full_name": "shengqi158\/CVE-2018-2628",
- "owner": {
- "login": "shengqi158",
- "id": 3364935,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3364935?v=4",
- "html_url": "https:\/\/github.com\/shengqi158"
- },
- "html_url": "https:\/\/github.com\/shengqi158\/CVE-2018-2628",
- "description": "CVE-2018-2628 & CVE-2018-2893",
- "fork": false,
- "created_at": "2018-04-18T05:41:23Z",
- "updated_at": "2019-12-24T05:05:29Z",
- "pushed_at": "2018-07-20T01:24:36Z",
- "stargazers_count": 67,
- "watchers_count": 67,
- "forks_count": 47,
- "forks": 47,
- "watchers": 67,
- "score": 0
- },
- {
- "id": 130047996,
- "name": "CVE-2018-2628",
- "full_name": "skydarker\/CVE-2018-2628",
- "owner": {
- "login": "skydarker",
- "id": 25345671,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25345671?v=4",
- "html_url": "https:\/\/github.com\/skydarker"
- },
- "html_url": "https:\/\/github.com\/skydarker\/CVE-2018-2628",
- "description": "CVE-2018-2628",
- "fork": false,
- "created_at": "2018-04-18T10:50:09Z",
- "updated_at": "2018-04-18T11:23:19Z",
- "pushed_at": "2018-04-18T11:23:18Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 0,
- "forks": 0,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 130088305,
- "name": "weblogic-cve-2018-2628",
- "full_name": "jiansiting\/weblogic-cve-2018-2628",
- "owner": {
- "login": "jiansiting",
- "id": 28823754,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4",
- "html_url": "https:\/\/github.com\/jiansiting"
- },
- "html_url": "https:\/\/github.com\/jiansiting\/weblogic-cve-2018-2628",
- "description": null,
- "fork": false,
- "created_at": "2018-04-18T16:04:17Z",
- "updated_at": "2019-11-01T06:57:08Z",
- "pushed_at": "2018-04-18T16:04:26Z",
- "stargazers_count": 13,
- "watchers_count": 13,
- "forks_count": 10,
- "forks": 10,
- "watchers": 13,
- "score": 0
- },
- {
- "id": 130098527,
- "name": "CVE-2018-2628-detect",
- "full_name": "zjxzjx\/CVE-2018-2628-detect",
- "owner": {
- "login": "zjxzjx",
- "id": 8297291,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8297291?v=4",
- "html_url": "https:\/\/github.com\/zjxzjx"
- },
- "html_url": "https:\/\/github.com\/zjxzjx\/CVE-2018-2628-detect",
- "description": null,
- "fork": false,
- "created_at": "2018-04-18T17:28:44Z",
- "updated_at": "2018-11-14T06:35:35Z",
- "pushed_at": "2018-04-20T03:47:23Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 45,
- "forks": 45,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 130101048,
- "name": "CVE-2018-2628-MultiThreading",
- "full_name": "aedoo\/CVE-2018-2628-MultiThreading",
- "owner": {
- "login": "aedoo",
- "id": 19517413,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/19517413?v=4",
- "html_url": "https:\/\/github.com\/aedoo"
- },
- "html_url": "https:\/\/github.com\/aedoo\/CVE-2018-2628-MultiThreading",
- "description": "WebLogic WLS核心组件反序列化漏洞多线程批量检测脚本 CVE-2018-2628-MultiThreading",
- "fork": false,
- "created_at": "2018-04-18T17:50:29Z",
- "updated_at": "2019-10-11T19:04:30Z",
- "pushed_at": "2018-04-19T06:56:29Z",
- "stargazers_count": 14,
- "watchers_count": 14,
- "forks_count": 15,
- "forks": 15,
- "watchers": 14,
- "score": 0
- },
- {
- "id": 130153239,
- "name": "CVE-2018-2628",
- "full_name": "hawk-tiger\/CVE-2018-2628",
- "owner": {
- "login": "hawk-tiger",
- "id": 37926610,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37926610?v=4",
- "html_url": "https:\/\/github.com\/hawk-tiger"
- },
- "html_url": "https:\/\/github.com\/hawk-tiger\/CVE-2018-2628",
- "description": "CVE-2018-2628",
- "fork": false,
- "created_at": "2018-04-19T03:19:15Z",
- "updated_at": "2018-05-20T21:45:09Z",
- "pushed_at": "2018-04-18T18:28:10Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 0,
- "forks": 0,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 130239892,
- "name": "CVE-2018-2628",
- "full_name": "9uest\/CVE-2018-2628",
- "owner": {
- "login": "9uest",
- "id": 11766504,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11766504?v=4",
- "html_url": "https:\/\/github.com\/9uest"
- },
- "html_url": "https:\/\/github.com\/9uest\/CVE-2018-2628",
- "description": null,
- "fork": false,
- "created_at": "2018-04-19T15:56:49Z",
- "updated_at": "2018-06-22T05:38:30Z",
- "pushed_at": "2018-04-19T16:05:14Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 1,
- "forks": 1,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 130291417,
- "name": "CVE-2018-2628all",
- "full_name": "Shadowshusky\/CVE-2018-2628all",
- "owner": {
- "login": "Shadowshusky",
- "id": 31649758,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/31649758?v=4",
- "html_url": "https:\/\/github.com\/Shadowshusky"
- },
- "html_url": "https:\/\/github.com\/Shadowshusky\/CVE-2018-2628all",
- "description": null,
- "fork": false,
- "created_at": "2018-04-20T01:24:17Z",
- "updated_at": "2019-06-12T09:17:11Z",
- "pushed_at": "2018-04-20T01:24:32Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 2,
- "forks": 2,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 130296227,
- "name": "CVE-2018-2628",
- "full_name": "shaoshore\/CVE-2018-2628",
- "owner": {
- "login": "shaoshore",
- "id": 36906351,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/36906351?v=4",
- "html_url": "https:\/\/github.com\/shaoshore"
- },
- "html_url": "https:\/\/github.com\/shaoshore\/CVE-2018-2628",
- "description": null,
- "fork": false,
- "created_at": "2018-04-20T02:14:21Z",
- "updated_at": "2018-04-20T02:14:21Z",
- "pushed_at": "2018-04-20T02:14:22Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 131935440,
- "name": "ysoserial-cve-2018-2628",
- "full_name": "tdy218\/ysoserial-cve-2018-2628",
- "owner": {
- "login": "tdy218",
- "id": 4214030,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4214030?v=4",
- "html_url": "https:\/\/github.com\/tdy218"
- },
- "html_url": "https:\/\/github.com\/tdy218\/ysoserial-cve-2018-2628",
- "description": "Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch",
- "fork": false,
- "created_at": "2018-05-03T03:13:05Z",
- "updated_at": "2020-03-24T08:58:57Z",
- "pushed_at": "2018-05-21T09:06:43Z",
- "stargazers_count": 98,
- "watchers_count": 98,
- "forks_count": 51,
- "forks": 51,
- "watchers": 98,
- "score": 0
- },
- {
- "id": 134244931,
- "name": "CVE-2018-2628",
- "full_name": "s0wr0b1ndef\/CVE-2018-2628",
- "owner": {
- "login": "s0wr0b1ndef",
- "id": 37288034,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37288034?v=4",
- "html_url": "https:\/\/github.com\/s0wr0b1ndef"
- },
- "html_url": "https:\/\/github.com\/s0wr0b1ndef\/CVE-2018-2628",
- "description": null,
- "fork": false,
- "created_at": "2018-05-21T09:04:45Z",
- "updated_at": "2018-06-13T08:54:52Z",
- "pushed_at": "2018-05-21T09:04:57Z",
- "stargazers_count": 2,
- "watchers_count": 2,
- "forks_count": 1,
- "forks": 1,
- "watchers": 2,
- "score": 0
- },
- {
- "id": 136104138,
- "name": "cve-2018-2628",
- "full_name": "wrysunny\/cve-2018-2628",
- "owner": {
- "login": "wrysunny",
- "id": 20748454,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/20748454?v=4",
- "html_url": "https:\/\/github.com\/wrysunny"
- },
- "html_url": "https:\/\/github.com\/wrysunny\/cve-2018-2628",
- "description": "cve-2018-2628 反弹shell",
- "fork": false,
- "created_at": "2018-06-05T01:47:02Z",
- "updated_at": "2018-06-05T01:48:07Z",
- "pushed_at": "2018-06-05T01:48:05Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 136164259,
"name": "CVE-2018-2628",
@@ -321,52 +22,6 @@
"watchers": 71,
"score": 0
},
- {
- "id": 138707761,
- "name": "CVE-2018-2628",
- "full_name": "stevenlinfeng\/CVE-2018-2628",
- "owner": {
- "login": "stevenlinfeng",
- "id": 29966693,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29966693?v=4",
- "html_url": "https:\/\/github.com\/stevenlinfeng"
- },
- "html_url": "https:\/\/github.com\/stevenlinfeng\/CVE-2018-2628",
- "description": null,
- "fork": false,
- "created_at": "2018-06-26T08:25:57Z",
- "updated_at": "2018-06-26T08:25:57Z",
- "pushed_at": "2018-06-26T08:25:58Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 139417715,
- "name": "CVE-2018-2628",
- "full_name": "denmilu\/CVE-2018-2628",
- "owner": {
- "login": "denmilu",
- "id": 2469038,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4",
- "html_url": "https:\/\/github.com\/denmilu"
- },
- "html_url": "https:\/\/github.com\/denmilu\/CVE-2018-2628",
- "description": null,
- "fork": false,
- "created_at": "2018-07-02T09:00:34Z",
- "updated_at": "2019-05-26T06:58:12Z",
- "pushed_at": "2018-07-02T09:00:52Z",
- "stargazers_count": 3,
- "watchers_count": 3,
- "forks_count": 1,
- "forks": 1,
- "watchers": 3,
- "score": 0
- },
{
"id": 147341225,
"name": "WebLogic-RCE-exploit",
diff --git a/2018/CVE-2018-2636.json b/2018/CVE-2018-2636.json
index 99893750ed..0726a8f4eb 100644
--- a/2018/CVE-2018-2636.json
+++ b/2018/CVE-2018-2636.json
@@ -1,27 +1,4 @@
[
- {
- "id": 119399468,
- "name": "CVE-2018-2636",
- "full_name": "erpscanteam\/CVE-2018-2636",
- "owner": {
- "login": "erpscanteam",
- "id": 35491827,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/35491827?v=4",
- "html_url": "https:\/\/github.com\/erpscanteam"
- },
- "html_url": "https:\/\/github.com\/erpscanteam\/CVE-2018-2636",
- "description": "ERPScan Public POC for CVE-2018-2636",
- "fork": false,
- "created_at": "2018-01-29T15:16:02Z",
- "updated_at": "2019-10-11T19:04:25Z",
- "pushed_at": "2018-02-01T15:36:19Z",
- "stargazers_count": 20,
- "watchers_count": 20,
- "forks_count": 17,
- "forks": 17,
- "watchers": 20,
- "score": 0
- },
{
"id": 120569870,
"name": "micros_honeypot",
diff --git a/2018/CVE-2018-2879.json b/2018/CVE-2018-2879.json
index 2c5232a821..d88a01e694 100644
--- a/2018/CVE-2018-2879.json
+++ b/2018/CVE-2018-2879.json
@@ -1,27 +1,4 @@
[
- {
- "id": 142485401,
- "name": "Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit",
- "full_name": "MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit",
- "owner": {
- "login": "MostafaSoliman",
- "id": 13528184,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13528184?v=4",
- "html_url": "https:\/\/github.com\/MostafaSoliman"
- },
- "html_url": "https:\/\/github.com\/MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit",
- "description": null,
- "fork": false,
- "created_at": "2018-07-26T19:31:45Z",
- "updated_at": "2020-02-09T10:43:53Z",
- "pushed_at": "2018-07-27T12:09:40Z",
- "stargazers_count": 6,
- "watchers_count": 6,
- "forks_count": 5,
- "forks": 5,
- "watchers": 6,
- "score": 0
- },
{
"id": 142787515,
"name": "oracle-oam-authentication-bypas-exploit",
diff --git a/2018/CVE-2018-2893.json b/2018/CVE-2018-2893.json
index 85318d9289..3f7844a07e 100644
--- a/2018/CVE-2018-2893.json
+++ b/2018/CVE-2018-2893.json
@@ -1,73 +1,4 @@
[
- {
- "id": 141529994,
- "name": "CVE-2018-2893",
- "full_name": "anbai-inc\/CVE-2018-2893",
- "owner": {
- "login": "anbai-inc",
- "id": 34703277,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/34703277?v=4",
- "html_url": "https:\/\/github.com\/anbai-inc"
- },
- "html_url": "https:\/\/github.com\/anbai-inc\/CVE-2018-2893",
- "description": "CVE-2018-2893",
- "fork": false,
- "created_at": "2018-07-19T05:46:55Z",
- "updated_at": "2019-12-12T17:04:35Z",
- "pushed_at": "2018-07-19T05:59:00Z",
- "stargazers_count": 62,
- "watchers_count": 62,
- "forks_count": 40,
- "forks": 40,
- "watchers": 62,
- "score": 0
- },
- {
- "id": 141534186,
- "name": "CVE-2018-2893",
- "full_name": "ryanInf\/CVE-2018-2893",
- "owner": {
- "login": "ryanInf",
- "id": 19621374,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19621374?v=4",
- "html_url": "https:\/\/github.com\/ryanInf"
- },
- "html_url": "https:\/\/github.com\/ryanInf\/CVE-2018-2893",
- "description": "CVE-2018-2893 PoC",
- "fork": false,
- "created_at": "2018-07-19T06:28:12Z",
- "updated_at": "2019-10-11T19:04:34Z",
- "pushed_at": "2018-07-19T06:12:51Z",
- "stargazers_count": 26,
- "watchers_count": 26,
- "forks_count": 37,
- "forks": 37,
- "watchers": 26,
- "score": 0
- },
- {
- "id": 141678694,
- "name": "CVE-2018-2893",
- "full_name": "bigsizeme\/CVE-2018-2893",
- "owner": {
- "login": "bigsizeme",
- "id": 17845094,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17845094?v=4",
- "html_url": "https:\/\/github.com\/bigsizeme"
- },
- "html_url": "https:\/\/github.com\/bigsizeme\/CVE-2018-2893",
- "description": "反弹shell生成器",
- "fork": false,
- "created_at": "2018-07-20T07:26:43Z",
- "updated_at": "2019-04-22T04:46:36Z",
- "pushed_at": "2018-07-23T04:31:27Z",
- "stargazers_count": 17,
- "watchers_count": 17,
- "forks_count": 5,
- "forks": 5,
- "watchers": 17,
- "score": 0
- },
{
"id": 141856470,
"name": "CVE-2018-2893",
@@ -91,29 +22,6 @@
"watchers": 81,
"score": 0
},
- {
- "id": 142403659,
- "name": "CVE-2018-2893",
- "full_name": "qianl0ng\/CVE-2018-2893",
- "owner": {
- "login": "qianl0ng",
- "id": 26949233,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26949233?v=4",
- "html_url": "https:\/\/github.com\/qianl0ng"
- },
- "html_url": "https:\/\/github.com\/qianl0ng\/CVE-2018-2893",
- "description": "可以直接反弹shell",
- "fork": false,
- "created_at": "2018-07-26T07:16:38Z",
- "updated_at": "2020-03-26T02:37:37Z",
- "pushed_at": "2018-07-26T07:50:15Z",
- "stargazers_count": 38,
- "watchers_count": 38,
- "forks_count": 12,
- "forks": 12,
- "watchers": 38,
- "score": 0
- },
{
"id": 151921677,
"name": "CVE-2018-2893",
diff --git a/2018/CVE-2018-2894.json b/2018/CVE-2018-2894.json
index 2c3af33e13..0384118b4a 100644
--- a/2018/CVE-2018-2894.json
+++ b/2018/CVE-2018-2894.json
@@ -1,50 +1,4 @@
[
- {
- "id": 141601079,
- "name": "cve-2018-2894",
- "full_name": "111ddea\/cve-2018-2894",
- "owner": {
- "login": "111ddea",
- "id": 41444127,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/41444127?v=4",
- "html_url": "https:\/\/github.com\/111ddea"
- },
- "html_url": "https:\/\/github.com\/111ddea\/cve-2018-2894",
- "description": "cve-2018-2894 不同别人的利用方法。",
- "fork": false,
- "created_at": "2018-07-19T15:50:35Z",
- "updated_at": "2019-08-26T16:40:33Z",
- "pushed_at": "2018-07-22T08:34:27Z",
- "stargazers_count": 12,
- "watchers_count": 12,
- "forks_count": 6,
- "forks": 6,
- "watchers": 12,
- "score": 0
- },
- {
- "id": 141661586,
- "name": "CVE-2018-2894",
- "full_name": "LandGrey\/CVE-2018-2894",
- "owner": {
- "login": "LandGrey",
- "id": 16769779,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16769779?v=4",
- "html_url": "https:\/\/github.com\/LandGrey"
- },
- "html_url": "https:\/\/github.com\/LandGrey\/CVE-2018-2894",
- "description": "CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script",
- "fork": false,
- "created_at": "2018-07-20T03:59:18Z",
- "updated_at": "2020-03-13T02:53:14Z",
- "pushed_at": "2018-07-20T12:46:50Z",
- "stargazers_count": 118,
- "watchers_count": 118,
- "forks_count": 43,
- "forks": 43,
- "watchers": 118,
- "score": 0
- },
{
"id": 151928392,
"name": "CVE-2018-2894",
diff --git a/2018/CVE-2018-3639.json b/2018/CVE-2018-3639.json
index ddd470fb89..a7c196c879 100644
--- a/2018/CVE-2018-3639.json
+++ b/2018/CVE-2018-3639.json
@@ -1,50 +1,4 @@
[
- {
- "id": 135628428,
- "name": "ssbd-tools",
- "full_name": "tyhicks\/ssbd-tools",
- "owner": {
- "login": "tyhicks",
- "id": 1051156,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1051156?v=4",
- "html_url": "https:\/\/github.com\/tyhicks"
- },
- "html_url": "https:\/\/github.com\/tyhicks\/ssbd-tools",
- "description": "Tools to exercise the Linux kernel mitigation for CVE-2018-3639 (aka Variant 4) using the Speculative Store Bypass Disable (SSBD) feature of x86 processors",
- "fork": false,
- "created_at": "2018-05-31T19:48:18Z",
- "updated_at": "2019-12-16T15:32:25Z",
- "pushed_at": "2018-06-01T16:53:36Z",
- "stargazers_count": 2,
- "watchers_count": 2,
- "forks_count": 2,
- "forks": 2,
- "watchers": 2,
- "score": 0
- },
- {
- "id": 137829375,
- "name": "Intel-CVE-2018-3639-Mitigation_RegistryUpdate",
- "full_name": "malindarathnayake\/Intel-CVE-2018-3639-Mitigation_RegistryUpdate",
- "owner": {
- "login": "malindarathnayake",
- "id": 9443796,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/9443796?v=4",
- "html_url": "https:\/\/github.com\/malindarathnayake"
- },
- "html_url": "https:\/\/github.com\/malindarathnayake\/Intel-CVE-2018-3639-Mitigation_RegistryUpdate",
- "description": null,
- "fork": false,
- "created_at": "2018-06-19T02:19:26Z",
- "updated_at": "2018-06-19T02:57:22Z",
- "pushed_at": "2018-06-19T02:57:21Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 186128549,
"name": "CVE-2018-3639",
diff --git a/2018/CVE-2018-3810.json b/2018/CVE-2018-3810.json
index 9c70213356..9bc35c7f07 100644
--- a/2018/CVE-2018-3810.json
+++ b/2018/CVE-2018-3810.json
@@ -1,27 +1,4 @@
[
- {
- "id": 127300096,
- "name": "CVE-2018-3810",
- "full_name": "lucad93\/CVE-2018-3810",
- "owner": {
- "login": "lucad93",
- "id": 11524244,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11524244?v=4",
- "html_url": "https:\/\/github.com\/lucad93"
- },
- "html_url": "https:\/\/github.com\/lucad93\/CVE-2018-3810",
- "description": null,
- "fork": false,
- "created_at": "2018-03-29T14:04:11Z",
- "updated_at": "2018-03-29T14:06:18Z",
- "pushed_at": "2018-04-04T13:42:09Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 1,
- "forks": 1,
- "watchers": 0,
- "score": 0
- },
{
"id": 168879431,
"name": "cve-2018-3810",
diff --git a/2018/CVE-2018-4087.json b/2018/CVE-2018-4087.json
index 79b823f7d2..04b99c447c 100644
--- a/2018/CVE-2018-4087.json
+++ b/2018/CVE-2018-4087.json
@@ -21,51 +21,5 @@
"forks": 22,
"watchers": 55,
"score": 0
- },
- {
- "id": 123298406,
- "name": "UnjailMe",
- "full_name": "MTJailed\/UnjailMe",
- "owner": {
- "login": "MTJailed",
- "id": 31187886,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31187886?v=4",
- "html_url": "https:\/\/github.com\/MTJailed"
- },
- "html_url": "https:\/\/github.com\/MTJailed\/UnjailMe",
- "description": "A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)",
- "fork": false,
- "created_at": "2018-02-28T14:45:06Z",
- "updated_at": "2020-02-15T02:51:33Z",
- "pushed_at": "2018-05-08T10:59:23Z",
- "stargazers_count": 77,
- "watchers_count": 77,
- "forks_count": 23,
- "forks": 23,
- "watchers": 77,
- "score": 0
- },
- {
- "id": 124429247,
- "name": "Exploit11.2",
- "full_name": "joedaguy\/Exploit11.2",
- "owner": {
- "login": "joedaguy",
- "id": 37167590,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37167590?v=4",
- "html_url": "https:\/\/github.com\/joedaguy"
- },
- "html_url": "https:\/\/github.com\/joedaguy\/Exploit11.2",
- "description": "Exploit iOS 11.2.x by ZIMPERIUM and semi-completed by me. Sandbox escapes on CVE-2018-4087. ",
- "fork": false,
- "created_at": "2018-03-08T18:04:31Z",
- "updated_at": "2018-09-19T18:32:58Z",
- "pushed_at": "2018-03-08T15:41:18Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 28,
- "forks": 28,
- "watchers": 0,
- "score": 0
}
]
\ No newline at end of file
diff --git a/2018/CVE-2018-4121.json b/2018/CVE-2018-4121.json
index 1f436d6919..349d30cbe3 100644
--- a/2018/CVE-2018-4121.json
+++ b/2018/CVE-2018-4121.json
@@ -1,50 +1,4 @@
[
- {
- "id": 130184573,
- "name": "CVE-2018-4121",
- "full_name": "FSecureLABS\/CVE-2018-4121",
- "owner": {
- "login": "FSecureLABS",
- "id": 1469843,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1469843?v=4",
- "html_url": "https:\/\/github.com\/FSecureLABS"
- },
- "html_url": "https:\/\/github.com\/FSecureLABS\/CVE-2018-4121",
- "description": "macOS 10.13.3 (17D47) Safari Wasm Exploit ",
- "fork": false,
- "created_at": "2018-04-19T08:33:12Z",
- "updated_at": "2020-03-21T02:56:15Z",
- "pushed_at": "2018-04-19T11:20:41Z",
- "stargazers_count": 115,
- "watchers_count": 115,
- "forks_count": 31,
- "forks": 31,
- "watchers": 115,
- "score": 0
- },
- {
- "id": 141314432,
- "name": "CVE-2018-4121",
- "full_name": "denmilu\/CVE-2018-4121",
- "owner": {
- "login": "denmilu",
- "id": 2469038,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4",
- "html_url": "https:\/\/github.com\/denmilu"
- },
- "html_url": "https:\/\/github.com\/denmilu\/CVE-2018-4121",
- "description": null,
- "fork": false,
- "created_at": "2018-07-17T16:15:29Z",
- "updated_at": "2018-07-17T16:15:44Z",
- "pushed_at": "2018-07-17T16:15:42Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 147746670,
"name": "CVE-2018-4121",
diff --git a/2018/CVE-2018-4878.json b/2018/CVE-2018-4878.json
index 7afe75b3ec..85aae77757 100644
--- a/2018/CVE-2018-4878.json
+++ b/2018/CVE-2018-4878.json
@@ -1,142 +1,4 @@
[
- {
- "id": 118241221,
- "name": "CVE-2018-4878-",
- "full_name": "ydl555\/CVE-2018-4878-",
- "owner": {
- "login": "ydl555",
- "id": 12909271,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12909271?v=4",
- "html_url": "https:\/\/github.com\/ydl555"
- },
- "html_url": "https:\/\/github.com\/ydl555\/CVE-2018-4878-",
- "description": "备忘:flash挂马工具备份 CVE-2018-4878",
- "fork": false,
- "created_at": "2018-01-20T12:32:26Z",
- "updated_at": "2018-06-14T13:18:54Z",
- "pushed_at": "2018-06-12T03:04:09Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 1,
- "forks": 1,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 120909146,
- "name": "CVE-2018-4878",
- "full_name": "mdsecactivebreach\/CVE-2018-4878",
- "owner": {
- "login": "mdsecactivebreach",
- "id": 29373540,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/29373540?v=4",
- "html_url": "https:\/\/github.com\/mdsecactivebreach"
- },
- "html_url": "https:\/\/github.com\/mdsecactivebreach\/CVE-2018-4878",
- "description": null,
- "fork": false,
- "created_at": "2018-02-09T13:30:46Z",
- "updated_at": "2020-03-26T07:15:42Z",
- "pushed_at": "2018-02-09T14:38:27Z",
- "stargazers_count": 21,
- "watchers_count": 21,
- "forks_count": 17,
- "forks": 17,
- "watchers": 21,
- "score": 0
- },
- {
- "id": 120962228,
- "name": "CVE-2018-4878",
- "full_name": "hybridious\/CVE-2018-4878",
- "owner": {
- "login": "hybridious",
- "id": 26754785,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26754785?v=4",
- "html_url": "https:\/\/github.com\/hybridious"
- },
- "html_url": "https:\/\/github.com\/hybridious\/CVE-2018-4878",
- "description": "Aggressor Script to just launch IE driveby for CVE-2018-4878",
- "fork": false,
- "created_at": "2018-02-09T22:25:03Z",
- "updated_at": "2018-02-10T09:26:14Z",
- "pushed_at": "2018-02-09T22:09:42Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 5,
- "forks": 5,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 121002284,
- "name": "CVE-2018-4878",
- "full_name": "vysecurity\/CVE-2018-4878",
- "owner": {
- "login": "vysecurity",
- "id": 3596242,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3596242?v=4",
- "html_url": "https:\/\/github.com\/vysecurity"
- },
- "html_url": "https:\/\/github.com\/vysecurity\/CVE-2018-4878",
- "description": "Aggressor Script to launch IE driveby for CVE-2018-4878",
- "fork": false,
- "created_at": "2018-02-10T09:30:18Z",
- "updated_at": "2020-02-20T11:36:51Z",
- "pushed_at": "2018-02-10T19:39:10Z",
- "stargazers_count": 70,
- "watchers_count": 70,
- "forks_count": 30,
- "forks": 30,
- "watchers": 70,
- "score": 0
- },
- {
- "id": 122421613,
- "name": "CVE-2018-4878",
- "full_name": "anbai-inc\/CVE-2018-4878",
- "owner": {
- "login": "anbai-inc",
- "id": 34703277,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/34703277?v=4",
- "html_url": "https:\/\/github.com\/anbai-inc"
- },
- "html_url": "https:\/\/github.com\/anbai-inc\/CVE-2018-4878",
- "description": "CVE-2018-4878 样本",
- "fork": false,
- "created_at": "2018-02-22T02:38:30Z",
- "updated_at": "2020-03-23T09:01:11Z",
- "pushed_at": "2018-02-22T07:10:21Z",
- "stargazers_count": 114,
- "watchers_count": 114,
- "forks_count": 51,
- "forks": 51,
- "watchers": 114,
- "score": 0
- },
- {
- "id": 125353862,
- "name": "CVE-2018-4878",
- "full_name": "Sch01ar\/CVE-2018-4878",
- "owner": {
- "login": "Sch01ar",
- "id": 28928231,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/28928231?v=4",
- "html_url": "https:\/\/github.com\/Sch01ar"
- },
- "html_url": "https:\/\/github.com\/Sch01ar\/CVE-2018-4878",
- "description": null,
- "fork": false,
- "created_at": "2018-03-15T10:56:29Z",
- "updated_at": "2018-03-17T15:53:22Z",
- "pushed_at": "2018-03-17T15:53:21Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 3,
- "forks": 3,
- "watchers": 0,
- "score": 0
- },
{
"id": 128007297,
"name": "CVE-2018-4878",
@@ -160,29 +22,6 @@
"watchers": 9,
"score": 0
},
- {
- "id": 137009230,
- "name": "CVE-2018-4878",
- "full_name": "ydl555\/CVE-2018-4878",
- "owner": {
- "login": "ydl555",
- "id": 12909271,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12909271?v=4",
- "html_url": "https:\/\/github.com\/ydl555"
- },
- "html_url": "https:\/\/github.com\/ydl555\/CVE-2018-4878",
- "description": " CVE-2018-4878 flash 0day",
- "fork": false,
- "created_at": "2018-06-12T02:57:59Z",
- "updated_at": "2018-06-12T03:01:52Z",
- "pushed_at": "2018-06-12T02:57:59Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 153381902,
"name": "CVE-2018-4878",
diff --git a/2018/CVE-2018-6242.json b/2018/CVE-2018-6242.json
index 3180e646b6..5578d0642c 100644
--- a/2018/CVE-2018-6242.json
+++ b/2018/CVE-2018-6242.json
@@ -22,29 +22,6 @@
"watchers": 389,
"score": 0
},
- {
- "id": 134342730,
- "name": "rcm-modchips",
- "full_name": "reswitched\/rcm-modchips",
- "owner": {
- "login": "reswitched",
- "id": 26338222,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26338222?v=4",
- "html_url": "https:\/\/github.com\/reswitched"
- },
- "html_url": "https:\/\/github.com\/reswitched\/rcm-modchips",
- "description": "Collection of \"modchip\" designs for launching payloads via the Tegra RCM bug (CVE-2018-6242) ",
- "fork": false,
- "created_at": "2018-05-22T01:15:14Z",
- "updated_at": "2019-01-22T23:33:39Z",
- "pushed_at": "2018-05-22T07:44:42Z",
- "stargazers_count": 21,
- "watchers_count": 21,
- "forks_count": 3,
- "forks": 3,
- "watchers": 21,
- "score": 0
- },
{
"id": 213283473,
"name": "fusho",
diff --git a/2018/CVE-2018-6389.json b/2018/CVE-2018-6389.json
index 33dc17ab87..5136feab26 100644
--- a/2018/CVE-2018-6389.json
+++ b/2018/CVE-2018-6389.json
@@ -1,211 +1,4 @@
[
- {
- "id": 120386140,
- "name": "wordpress-fix-cve-2018-6389",
- "full_name": "yolabingo\/wordpress-fix-cve-2018-6389",
- "owner": {
- "login": "yolabingo",
- "id": 628954,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/628954?v=4",
- "html_url": "https:\/\/github.com\/yolabingo"
- },
- "html_url": "https:\/\/github.com\/yolabingo\/wordpress-fix-cve-2018-6389",
- "description": "Apache RewriteRule to mitigate potential DoS attack via Wordpress wp-admin\/load-scripts.php file",
- "fork": false,
- "created_at": "2018-02-06T01:43:33Z",
- "updated_at": "2018-02-08T01:19:57Z",
- "pushed_at": "2018-02-06T01:46:23Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 0,
- "forks": 0,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 120477120,
- "name": "CVE-2018-6389",
- "full_name": "WazeHell\/CVE-2018-6389",
- "owner": {
- "login": "WazeHell",
- "id": 20618414,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20618414?v=4",
- "html_url": "https:\/\/github.com\/WazeHell"
- },
- "html_url": "https:\/\/github.com\/WazeHell\/CVE-2018-6389",
- "description": "CVE-2018-6389 Exploit In WordPress DoS ",
- "fork": false,
- "created_at": "2018-02-06T15:16:03Z",
- "updated_at": "2020-03-26T06:03:04Z",
- "pushed_at": "2018-02-06T15:36:29Z",
- "stargazers_count": 74,
- "watchers_count": 74,
- "forks_count": 34,
- "forks": 34,
- "watchers": 74,
- "score": 0
- },
- {
- "id": 120533146,
- "name": "modsecurity-cve-2018-6389",
- "full_name": "rastating\/modsecurity-cve-2018-6389",
- "owner": {
- "login": "rastating",
- "id": 2500434,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/2500434?v=4",
- "html_url": "https:\/\/github.com\/rastating"
- },
- "html_url": "https:\/\/github.com\/rastating\/modsecurity-cve-2018-6389",
- "description": "A ModSecurity ruleset for detecting potential attacks using CVE-2018-6389",
- "fork": false,
- "created_at": "2018-02-06T22:51:21Z",
- "updated_at": "2018-02-06T22:51:21Z",
- "pushed_at": "2018-02-07T01:05:27Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 120540306,
- "name": "CVE-2018-6389",
- "full_name": "knqyf263\/CVE-2018-6389",
- "owner": {
- "login": "knqyf263",
- "id": 2253692,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4",
- "html_url": "https:\/\/github.com\/knqyf263"
- },
- "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-6389",
- "description": "WordPress DoS (CVE-2018-6389)",
- "fork": false,
- "created_at": "2018-02-07T00:20:57Z",
- "updated_at": "2020-01-17T20:42:25Z",
- "pushed_at": "2018-02-07T00:43:23Z",
- "stargazers_count": 10,
- "watchers_count": 10,
- "forks_count": 2,
- "forks": 2,
- "watchers": 10,
- "score": 0
- },
- {
- "id": 120617956,
- "name": "cve-2018-6389-php-patcher",
- "full_name": "JulienGadanho\/cve-2018-6389-php-patcher",
- "owner": {
- "login": "JulienGadanho",
- "id": 18120161,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18120161?v=4",
- "html_url": "https:\/\/github.com\/JulienGadanho"
- },
- "html_url": "https:\/\/github.com\/JulienGadanho\/cve-2018-6389-php-patcher",
- "description": "Patch Wordpress DOS breach (CVE-2018-6389) in PHP",
- "fork": false,
- "created_at": "2018-02-07T13:22:31Z",
- "updated_at": "2018-12-02T15:55:12Z",
- "pushed_at": "2018-02-13T08:19:53Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 3,
- "forks": 3,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 120916403,
- "name": "wordpress-CVE-2018-6389",
- "full_name": "dsfau\/wordpress-CVE-2018-6389",
- "owner": {
- "login": "dsfau",
- "id": 26786936,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26786936?v=4",
- "html_url": "https:\/\/github.com\/dsfau"
- },
- "html_url": "https:\/\/github.com\/dsfau\/wordpress-CVE-2018-6389",
- "description": "Metasploit module for WordPress DOS load-scripts.php CVE-2018-638",
- "fork": false,
- "created_at": "2018-02-09T14:37:44Z",
- "updated_at": "2018-12-11T09:20:38Z",
- "pushed_at": "2018-02-09T19:40:28Z",
- "stargazers_count": 2,
- "watchers_count": 2,
- "forks_count": 0,
- "forks": 0,
- "watchers": 2,
- "score": 0
- },
- {
- "id": 121636079,
- "name": "CVE-2018-6389-FIX",
- "full_name": "Jetserver\/CVE-2018-6389-FIX",
- "owner": {
- "login": "Jetserver",
- "id": 16237996,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16237996?v=4",
- "html_url": "https:\/\/github.com\/Jetserver"
- },
- "html_url": "https:\/\/github.com\/Jetserver\/CVE-2018-6389-FIX",
- "description": "Global Fix for Wordpress CVE-2018-6389",
- "fork": false,
- "created_at": "2018-02-15T14:00:14Z",
- "updated_at": "2018-02-15T14:02:54Z",
- "pushed_at": "2018-02-18T11:40:56Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 122881954,
- "name": "PoC---CVE-2018-6389",
- "full_name": "thechrono13\/PoC---CVE-2018-6389",
- "owner": {
- "login": "thechrono13",
- "id": 23078415,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23078415?v=4",
- "html_url": "https:\/\/github.com\/thechrono13"
- },
- "html_url": "https:\/\/github.com\/thechrono13\/PoC---CVE-2018-6389",
- "description": "Proof of Concept of vunerability CVE-2018-6389 on Wordpress 4.9.2",
- "fork": false,
- "created_at": "2018-02-25T22:06:05Z",
- "updated_at": "2018-02-25T22:07:50Z",
- "pushed_at": "2018-02-26T10:13:10Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 1,
- "forks": 1,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 122955721,
- "name": "cve-2018-6389",
- "full_name": "BlackRouter\/cve-2018-6389",
- "owner": {
- "login": "BlackRouter",
- "id": 15177510,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/15177510?v=4",
- "html_url": "https:\/\/github.com\/BlackRouter"
- },
- "html_url": "https:\/\/github.com\/BlackRouter\/cve-2018-6389",
- "description": null,
- "fork": false,
- "created_at": "2018-02-26T10:45:27Z",
- "updated_at": "2018-02-26T10:45:27Z",
- "pushed_at": "2018-02-26T10:47:38Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 123245165,
"name": "PoC---CVE-2018-6389",
@@ -229,52 +22,6 @@
"watchers": 0,
"score": 0
},
- {
- "id": 123487751,
- "name": "wordpress-cve-2018-6389",
- "full_name": "JavierOlmedo\/wordpress-cve-2018-6389",
- "owner": {
- "login": "JavierOlmedo",
- "id": 15904748,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15904748?v=4",
- "html_url": "https:\/\/github.com\/JavierOlmedo"
- },
- "html_url": "https:\/\/github.com\/JavierOlmedo\/wordpress-cve-2018-6389",
- "description": "CVE-2018-6389 WordPress Core - 'load-scripts.php' Denial of Service <= 4.9.4",
- "fork": false,
- "created_at": "2018-03-01T20:19:14Z",
- "updated_at": "2018-03-19T20:05:40Z",
- "pushed_at": "2018-03-07T20:11:54Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 0,
- "forks": 0,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 123791550,
- "name": "wordpress_cve-2018-6389",
- "full_name": "m3ssap0\/wordpress_cve-2018-6389",
- "owner": {
- "login": "m3ssap0",
- "id": 705120,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/705120?v=4",
- "html_url": "https:\/\/github.com\/m3ssap0"
- },
- "html_url": "https:\/\/github.com\/m3ssap0\/wordpress_cve-2018-6389",
- "description": "Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.",
- "fork": false,
- "created_at": "2018-03-04T13:33:15Z",
- "updated_at": "2018-09-18T13:02:37Z",
- "pushed_at": "2018-03-10T11:57:29Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 0,
- "forks": 0,
- "watchers": 1,
- "score": 0
- },
{
"id": 123796262,
"name": "Shiva",
@@ -298,52 +45,6 @@
"watchers": 71,
"score": 0
},
- {
- "id": 130395597,
- "name": "Wordpress-Hack-CVE-2018-6389",
- "full_name": "mudhappy\/Wordpress-Hack-CVE-2018-6389",
- "owner": {
- "login": "mudhappy",
- "id": 7614944,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7614944?v=4",
- "html_url": "https:\/\/github.com\/mudhappy"
- },
- "html_url": "https:\/\/github.com\/mudhappy\/Wordpress-Hack-CVE-2018-6389",
- "description": null,
- "fork": false,
- "created_at": "2018-04-20T17:45:38Z",
- "updated_at": "2018-04-20T17:48:12Z",
- "pushed_at": "2018-04-20T17:48:06Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 132090592,
- "name": "WP-DOS-Exploit-CVE-2018-6389",
- "full_name": "armaanpathan12345\/WP-DOS-Exploit-CVE-2018-6389",
- "owner": {
- "login": "armaanpathan12345",
- "id": 16278863,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16278863?v=4",
- "html_url": "https:\/\/github.com\/armaanpathan12345"
- },
- "html_url": "https:\/\/github.com\/armaanpathan12345\/WP-DOS-Exploit-CVE-2018-6389",
- "description": "WP-DOS-Exploit-CVE-2018-6389",
- "fork": false,
- "created_at": "2018-05-04T05:15:33Z",
- "updated_at": "2018-05-04T05:19:30Z",
- "pushed_at": "2018-05-04T05:19:29Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 2,
- "forks": 2,
- "watchers": 0,
- "score": 0
- },
{
"id": 146678844,
"name": "trellis-cve-2018-6389",
diff --git a/2018/CVE-2018-6574.json b/2018/CVE-2018-6574.json
index 55b5dd3ae0..df80e307d8 100644
--- a/2018/CVE-2018-6574.json
+++ b/2018/CVE-2018-6574.json
@@ -1,119 +1,4 @@
[
- {
- "id": 127698499,
- "name": "cve-2018-6574",
- "full_name": "acole76\/cve-2018-6574",
- "owner": {
- "login": "acole76",
- "id": 1920278,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1920278?v=4",
- "html_url": "https:\/\/github.com\/acole76"
- },
- "html_url": "https:\/\/github.com\/acole76\/cve-2018-6574",
- "description": null,
- "fork": false,
- "created_at": "2018-04-02T03:34:29Z",
- "updated_at": "2018-04-02T03:44:17Z",
- "pushed_at": "2018-04-02T03:44:16Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 130792609,
- "name": "CVE-2018-6574-POC",
- "full_name": "neargle\/CVE-2018-6574-POC",
- "owner": {
- "login": "neargle",
- "id": 7868679,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7868679?v=4",
- "html_url": "https:\/\/github.com\/neargle"
- },
- "html_url": "https:\/\/github.com\/neargle\/CVE-2018-6574-POC",
- "description": "CVE-2018-6574 POC : golang 'go get' remote command execution during source code build",
- "fork": false,
- "created_at": "2018-04-24T03:44:20Z",
- "updated_at": "2019-10-31T03:10:11Z",
- "pushed_at": "2018-04-24T16:32:22Z",
- "stargazers_count": 20,
- "watchers_count": 20,
- "forks_count": 8,
- "forks": 8,
- "watchers": 20,
- "score": 0
- },
- {
- "id": 133783468,
- "name": "go-get-rce",
- "full_name": "willbo4r\/go-get-rce",
- "owner": {
- "login": "willbo4r",
- "id": 13272847,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/13272847?v=4",
- "html_url": "https:\/\/github.com\/willbo4r"
- },
- "html_url": "https:\/\/github.com\/willbo4r\/go-get-rce",
- "description": "CVE-2018-6574 for pentesterLAB",
- "fork": false,
- "created_at": "2018-05-17T08:32:40Z",
- "updated_at": "2018-05-17T08:33:33Z",
- "pushed_at": "2018-05-17T08:33:32Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 134137690,
- "name": "go-get-rce",
- "full_name": "ahmetmanga\/go-get-rce",
- "owner": {
- "login": "ahmetmanga",
- "id": 25594206,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25594206?v=4",
- "html_url": "https:\/\/github.com\/ahmetmanga"
- },
- "html_url": "https:\/\/github.com\/ahmetmanga\/go-get-rce",
- "description": "cve-2018-6574 @pentesterlab",
- "fork": false,
- "created_at": "2018-05-20T09:39:15Z",
- "updated_at": "2018-05-20T09:40:53Z",
- "pushed_at": "2018-05-20T09:40:52Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 134184478,
- "name": "cve-2018-6574",
- "full_name": "ahmetmanga\/cve-2018-6574",
- "owner": {
- "login": "ahmetmanga",
- "id": 25594206,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25594206?v=4",
- "html_url": "https:\/\/github.com\/ahmetmanga"
- },
- "html_url": "https:\/\/github.com\/ahmetmanga\/cve-2018-6574",
- "description": null,
- "fork": false,
- "created_at": "2018-05-20T20:32:15Z",
- "updated_at": "2018-05-20T20:33:17Z",
- "pushed_at": "2018-05-20T20:33:16Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 140187650,
"name": "go-get-exploit",
diff --git a/2018/CVE-2018-6789.json b/2018/CVE-2018-6789.json
index 3da3065232..a3fc0ec2da 100644
--- a/2018/CVE-2018-6789.json
+++ b/2018/CVE-2018-6789.json
@@ -1,27 +1,4 @@
[
- {
- "id": 125541441,
- "name": "exim-vuln-poc",
- "full_name": "c0llision\/exim-vuln-poc",
- "owner": {
- "login": "c0llision",
- "id": 32601427,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32601427?v=4",
- "html_url": "https:\/\/github.com\/c0llision"
- },
- "html_url": "https:\/\/github.com\/c0llision\/exim-vuln-poc",
- "description": "CVE-2018-6789",
- "fork": false,
- "created_at": "2018-03-16T16:21:22Z",
- "updated_at": "2018-05-03T17:20:25Z",
- "pushed_at": "2018-05-03T17:20:24Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 156674030,
"name": "CVE-2018-6789",
diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json
index 7f5d04de03..a1602f64a3 100644
--- a/2018/CVE-2018-7600.json
+++ b/2018/CVE-2018-7600.json
@@ -1,27 +1,4 @@
[
- {
- "id": 127405676,
- "name": "CVE-2018-7600-Drupal-RCE",
- "full_name": "g0rx\/CVE-2018-7600-Drupal-RCE",
- "owner": {
- "login": "g0rx",
- "id": 10961397,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10961397?v=4",
- "html_url": "https:\/\/github.com\/g0rx"
- },
- "html_url": "https:\/\/github.com\/g0rx\/CVE-2018-7600-Drupal-RCE",
- "description": "CVE-2018-7600 Drupal RCE",
- "fork": false,
- "created_at": "2018-03-30T08:52:54Z",
- "updated_at": "2020-01-21T13:24:13Z",
- "pushed_at": "2018-04-18T06:58:39Z",
- "stargazers_count": 101,
- "watchers_count": 101,
- "forks_count": 45,
- "forks": 45,
- "watchers": 101,
- "score": 0
- },
{
"id": 127436541,
"name": "CVE-2018-7600",
@@ -91,351 +68,6 @@
"watchers": 3,
"score": 0
},
- {
- "id": 129500604,
- "name": "CVE-2018-7600-Drupal-0day-RCE",
- "full_name": "dr-iman\/CVE-2018-7600-Drupal-0day-RCE",
- "owner": {
- "login": "dr-iman",
- "id": 25507113,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25507113?v=4",
- "html_url": "https:\/\/github.com\/dr-iman"
- },
- "html_url": "https:\/\/github.com\/dr-iman\/CVE-2018-7600-Drupal-0day-RCE",
- "description": "Drupal 0day Remote PHP Code Execution (Perl)",
- "fork": false,
- "created_at": "2018-04-14T09:02:54Z",
- "updated_at": "2020-02-17T23:18:39Z",
- "pushed_at": "2018-04-14T09:06:44Z",
- "stargazers_count": 6,
- "watchers_count": 6,
- "forks_count": 6,
- "forks": 6,
- "watchers": 6,
- "score": 0
- },
- {
- "id": 129514721,
- "name": "drupalgeddon2",
- "full_name": "jirojo2\/drupalgeddon2",
- "owner": {
- "login": "jirojo2",
- "id": 3594710,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3594710?v=4",
- "html_url": "https:\/\/github.com\/jirojo2"
- },
- "html_url": "https:\/\/github.com\/jirojo2\/drupalgeddon2",
- "description": "MSF exploit module for Drupalgeddon 2 (CVE-2018-7600 \/ SA-CORE-2018-002)",
- "fork": false,
- "created_at": "2018-04-14T12:26:10Z",
- "updated_at": "2018-04-26T08:15:06Z",
- "pushed_at": "2018-04-14T23:48:33Z",
- "stargazers_count": 5,
- "watchers_count": 5,
- "forks_count": 1,
- "forks": 1,
- "watchers": 5,
- "score": 0
- },
- {
- "id": 129543577,
- "name": "CVE-2018-7600",
- "full_name": "dwisiswant0\/CVE-2018-7600",
- "owner": {
- "login": "dwisiswant0",
- "id": 25837540,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25837540?v=4",
- "html_url": "https:\/\/github.com\/dwisiswant0"
- },
- "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2018-7600",
- "description": "PoC for CVE-2018-7600 Drupal SA-CORE-2018-002 (Drupalgeddon 2).",
- "fork": false,
- "created_at": "2018-04-14T18:26:26Z",
- "updated_at": "2018-05-07T09:33:54Z",
- "pushed_at": "2018-04-14T20:52:03Z",
- "stargazers_count": 3,
- "watchers_count": 3,
- "forks_count": 2,
- "forks": 2,
- "watchers": 3,
- "score": 0
- },
- {
- "id": 129569913,
- "name": "CVE-2018-7600",
- "full_name": "thehappydinoa\/CVE-2018-7600",
- "owner": {
- "login": "thehappydinoa",
- "id": 30162978,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/30162978?v=4",
- "html_url": "https:\/\/github.com\/thehappydinoa"
- },
- "html_url": "https:\/\/github.com\/thehappydinoa\/CVE-2018-7600",
- "description": "Proof-of-Concept for Drupal CVE-2018-7600 \/ SA-CORE-2018-002",
- "fork": false,
- "created_at": "2018-04-15T02:21:59Z",
- "updated_at": "2019-12-30T13:14:00Z",
- "pushed_at": "2018-05-04T00:53:24Z",
- "stargazers_count": 6,
- "watchers_count": 6,
- "forks_count": 0,
- "forks": 0,
- "watchers": 6,
- "score": 0
- },
- {
- "id": 129605925,
- "name": "CVE-2018-7600",
- "full_name": "sl4cky\/CVE-2018-7600",
- "owner": {
- "login": "sl4cky",
- "id": 13188087,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13188087?v=4",
- "html_url": "https:\/\/github.com\/sl4cky"
- },
- "html_url": "https:\/\/github.com\/sl4cky\/CVE-2018-7600",
- "description": "Testing and exploitation tool for Drupalgeddon 2 (CVE-2018-7600)",
- "fork": false,
- "created_at": "2018-04-15T12:01:41Z",
- "updated_at": "2020-03-08T16:10:02Z",
- "pushed_at": "2018-04-15T12:31:03Z",
- "stargazers_count": 5,
- "watchers_count": 5,
- "forks_count": 3,
- "forks": 3,
- "watchers": 5,
- "score": 0
- },
- {
- "id": 129620689,
- "name": "CVE-2018-7600-Masschecker",
- "full_name": "sl4cky\/CVE-2018-7600-Masschecker",
- "owner": {
- "login": "sl4cky",
- "id": 13188087,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13188087?v=4",
- "html_url": "https:\/\/github.com\/sl4cky"
- },
- "html_url": "https:\/\/github.com\/sl4cky\/CVE-2018-7600-Masschecker",
- "description": "Tool to check for CVE-2018-7600 vulnerability on several URLS",
- "fork": false,
- "created_at": "2018-04-15T14:56:35Z",
- "updated_at": "2020-03-08T16:10:02Z",
- "pushed_at": "2018-04-15T14:58:52Z",
- "stargazers_count": 4,
- "watchers_count": 4,
- "forks_count": 0,
- "forks": 0,
- "watchers": 4,
- "score": 0
- },
- {
- "id": 129800155,
- "name": "CVE-2018-7600",
- "full_name": "FireFart\/CVE-2018-7600",
- "owner": {
- "login": "FireFart",
- "id": 105281,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/105281?v=4",
- "html_url": "https:\/\/github.com\/FireFart"
- },
- "html_url": "https:\/\/github.com\/FireFart\/CVE-2018-7600",
- "description": "CVE-2018-7600 - Drupal 7.x RCE",
- "fork": false,
- "created_at": "2018-04-16T20:16:21Z",
- "updated_at": "2019-10-16T15:21:37Z",
- "pushed_at": "2018-04-18T20:34:19Z",
- "stargazers_count": 66,
- "watchers_count": 66,
- "forks_count": 31,
- "forks": 31,
- "watchers": 66,
- "score": 0
- },
- {
- "id": 129927277,
- "name": "CVE-2018-7600",
- "full_name": "pimps\/CVE-2018-7600",
- "owner": {
- "login": "pimps",
- "id": 11393266,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11393266?v=4",
- "html_url": "https:\/\/github.com\/pimps"
- },
- "html_url": "https:\/\/github.com\/pimps\/CVE-2018-7600",
- "description": "Exploit for Drupal 7 <= 7.57 CVE-2018-7600",
- "fork": false,
- "created_at": "2018-04-17T15:38:15Z",
- "updated_at": "2020-03-25T15:10:20Z",
- "pushed_at": "2018-04-26T15:40:28Z",
- "stargazers_count": 72,
- "watchers_count": 72,
- "forks_count": 27,
- "forks": 27,
- "watchers": 72,
- "score": 0
- },
- {
- "id": 130154422,
- "name": "drupalgeddon2",
- "full_name": "lorddemon\/drupalgeddon2",
- "owner": {
- "login": "lorddemon",
- "id": 6675738,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6675738?v=4",
- "html_url": "https:\/\/github.com\/lorddemon"
- },
- "html_url": "https:\/\/github.com\/lorddemon\/drupalgeddon2",
- "description": "Exploit for CVE-2018-7600.. called drupalgeddon2, ",
- "fork": false,
- "created_at": "2018-04-19T03:31:47Z",
- "updated_at": "2020-02-06T19:33:44Z",
- "pushed_at": "2018-04-19T03:38:24Z",
- "stargazers_count": 3,
- "watchers_count": 3,
- "forks_count": 5,
- "forks": 5,
- "watchers": 3,
- "score": 0
- },
- {
- "id": 130234974,
- "name": "CVE-2018-7600",
- "full_name": "Sch01ar\/CVE-2018-7600",
- "owner": {
- "login": "Sch01ar",
- "id": 28928231,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/28928231?v=4",
- "html_url": "https:\/\/github.com\/Sch01ar"
- },
- "html_url": "https:\/\/github.com\/Sch01ar\/CVE-2018-7600",
- "description": null,
- "fork": false,
- "created_at": "2018-04-19T15:18:12Z",
- "updated_at": "2018-04-19T15:59:09Z",
- "pushed_at": "2018-04-19T15:59:09Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 130868059,
- "name": "drupal-check",
- "full_name": "Hestat\/drupal-check",
- "owner": {
- "login": "Hestat",
- "id": 22892300,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22892300?v=4",
- "html_url": "https:\/\/github.com\/Hestat"
- },
- "html_url": "https:\/\/github.com\/Hestat\/drupal-check",
- "description": "Tool to dive Apache logs for evidence of exploitation of CVE-2018-7600",
- "fork": false,
- "created_at": "2018-04-24T14:34:46Z",
- "updated_at": "2018-07-08T12:46:15Z",
- "pushed_at": "2018-05-08T17:30:14Z",
- "stargazers_count": 2,
- "watchers_count": 2,
- "forks_count": 2,
- "forks": 2,
- "watchers": 2,
- "score": 0
- },
- {
- "id": 131244306,
- "name": "CVE-2018-7600-drupalgeddon2-scanner",
- "full_name": "fyraiga\/CVE-2018-7600-drupalgeddon2-scanner",
- "owner": {
- "login": "fyraiga",
- "id": 38775758,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/38775758?v=4",
- "html_url": "https:\/\/github.com\/fyraiga"
- },
- "html_url": "https:\/\/github.com\/fyraiga\/CVE-2018-7600-drupalgeddon2-scanner",
- "description": "Drupalgeddon2 POC + Scanner (adapted)",
- "fork": false,
- "created_at": "2018-04-27T04:11:43Z",
- "updated_at": "2018-08-08T02:58:55Z",
- "pushed_at": "2018-08-08T02:58:54Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 131665156,
- "name": "drupalgeddon-2",
- "full_name": "Damian972\/drupalgeddon-2",
- "owner": {
- "login": "Damian972",
- "id": 25445518,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25445518?v=4",
- "html_url": "https:\/\/github.com\/Damian972"
- },
- "html_url": "https:\/\/github.com\/Damian972\/drupalgeddon-2",
- "description": "Vuln checker for Drupal v7.x + v8.x (CVE-2018-7600 \/ SA-CORE-2018-002)",
- "fork": false,
- "created_at": "2018-05-01T01:38:43Z",
- "updated_at": "2019-02-28T05:09:20Z",
- "pushed_at": "2018-05-03T01:23:56Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 0,
- "forks": 0,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 134812138,
- "name": "CVE-2018-7600",
- "full_name": "Jyozi\/CVE-2018-7600",
- "owner": {
- "login": "Jyozi",
- "id": 20456656,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20456656?v=4",
- "html_url": "https:\/\/github.com\/Jyozi"
- },
- "html_url": "https:\/\/github.com\/Jyozi\/CVE-2018-7600",
- "description": null,
- "fork": false,
- "created_at": "2018-05-25T06:19:05Z",
- "updated_at": "2018-05-25T06:20:54Z",
- "pushed_at": "2018-05-25T06:20:53Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
- {
- "id": 140643631,
- "name": "CVE-2018-7600",
- "full_name": "happynote3966\/CVE-2018-7600",
- "owner": {
- "login": "happynote3966",
- "id": 19719330,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19719330?v=4",
- "html_url": "https:\/\/github.com\/happynote3966"
- },
- "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7600",
- "description": null,
- "fork": false,
- "created_at": "2018-07-12T01:12:44Z",
- "updated_at": "2018-07-17T03:24:11Z",
- "pushed_at": "2018-07-17T03:24:09Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 0,
- "forks": 0,
- "watchers": 0,
- "score": 0
- },
{
"id": 151199861,
"name": "CVE-2018-7600-Drupal-RCE",
diff --git a/2018/CVE-2018-7602.json b/2018/CVE-2018-7602.json
index c343473022..d2d4220635 100644
--- a/2018/CVE-2018-7602.json
+++ b/2018/CVE-2018-7602.json
@@ -1,50 +1,4 @@
[
- {
- "id": 131232015,
- "name": "Drupalgedon3",
- "full_name": "1337g\/Drupalgedon3",
- "owner": {
- "login": "1337g",
- "id": 32504404,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4",
- "html_url": "https:\/\/github.com\/1337g"
- },
- "html_url": "https:\/\/github.com\/1337g\/Drupalgedon3",
- "description": "POC to test\/exploit drupal vulnerability SA-CORE-2018-004 \/ CVE-2018-7602",
- "fork": false,
- "created_at": "2018-04-27T01:59:31Z",
- "updated_at": "2018-06-27T02:16:00Z",
- "pushed_at": "2018-04-26T14:49:51Z",
- "stargazers_count": 4,
- "watchers_count": 4,
- "forks_count": 2,
- "forks": 2,
- "watchers": 4,
- "score": 0
- },
- {
- "id": 140663638,
- "name": "CVE-2018-7602",
- "full_name": "happynote3966\/CVE-2018-7602",
- "owner": {
- "login": "happynote3966",
- "id": 19719330,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19719330?v=4",
- "html_url": "https:\/\/github.com\/happynote3966"
- },
- "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7602",
- "description": null,
- "fork": false,
- "created_at": "2018-07-12T05:08:14Z",
- "updated_at": "2018-07-17T02:57:18Z",
- "pushed_at": "2018-07-17T02:57:17Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "forks_count": 1,
- "forks": 1,
- "watchers": 0,
- "score": 0
- },
{
"id": 155205612,
"name": "CVE-2018-7602",
diff --git a/2018/CVE-2018-8120.json b/2018/CVE-2018-8120.json
index 3d6f976f8b..0575887f43 100644
--- a/2018/CVE-2018-8120.json
+++ b/2018/CVE-2018-8120.json
@@ -1,165 +1,4 @@
[
- {
- "id": 133785986,
- "name": "cve-2018-8120",
- "full_name": "bigric3\/cve-2018-8120",
- "owner": {
- "login": "bigric3",
- "id": 22165361,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22165361?v=4",
- "html_url": "https:\/\/github.com\/bigric3"
- },
- "html_url": "https:\/\/github.com\/bigric3\/cve-2018-8120",
- "description": null,
- "fork": false,
- "created_at": "2018-05-17T08:51:39Z",
- "updated_at": "2019-11-01T19:42:06Z",
- "pushed_at": "2018-05-18T07:49:45Z",
- "stargazers_count": 166,
- "watchers_count": 166,
- "forks_count": 69,
- "forks": 69,
- "watchers": 166,
- "score": 0
- },
- {
- "id": 134023459,
- "name": "CVE-2018-8120",
- "full_name": "unamer\/CVE-2018-8120",
- "owner": {
- "login": "unamer",
- "id": 12728984,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12728984?v=4",
- "html_url": "https:\/\/github.com\/unamer"
- },
- "html_url": "https:\/\/github.com\/unamer\/CVE-2018-8120",
- "description": "CVE-2018-8120 Windows LPE exploit",
- "fork": false,
- "created_at": "2018-05-19T02:43:15Z",
- "updated_at": "2020-03-23T09:35:24Z",
- "pushed_at": "2018-05-30T13:09:54Z",
- "stargazers_count": 431,
- "watchers_count": 431,
- "forks_count": 193,
- "forks": 193,
- "watchers": 431,
- "score": 0
- },
- {
- "id": 136113184,
- "name": "cve-2018-8120",
- "full_name": "ne1llee\/cve-2018-8120",
- "owner": {
- "login": "ne1llee",
- "id": 12810839,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12810839?v=4",
- "html_url": "https:\/\/github.com\/ne1llee"
- },
- "html_url": "https:\/\/github.com\/ne1llee\/cve-2018-8120",
- "description": null,
- "fork": false,
- "created_at": "2018-06-05T03:12:52Z",
- "updated_at": "2019-12-05T19:48:30Z",
- "pushed_at": "2018-06-05T03:48:43Z",
- "stargazers_count": 3,
- "watchers_count": 3,
- "forks_count": 2,
- "forks": 2,
- "watchers": 3,
- "score": 0
- },
- {
- "id": 136446726,
- "name": "CVE-2018-8120",
- "full_name": "alpha1ab\/CVE-2018-8120",
- "owner": {
- "login": "alpha1ab",
- "id": 39789275,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39789275?v=4",
- "html_url": "https:\/\/github.com\/alpha1ab"
- },
- "html_url": "https:\/\/github.com\/alpha1ab\/CVE-2018-8120",
- "description": "CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7 ",
- "fork": false,
- "created_at": "2018-06-07T08:30:07Z",
- "updated_at": "2020-03-19T02:58:52Z",
- "pushed_at": "2018-08-08T05:48:24Z",
- "stargazers_count": 262,
- "watchers_count": 262,
- "forks_count": 115,
- "forks": 115,
- "watchers": 262,
- "score": 0
- },
- {
- "id": 137569820,
- "name": "CVE-2018-8120",
- "full_name": "areuu\/CVE-2018-8120",
- "owner": {
- "login": "areuu",
- "id": 15951836,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/15951836?v=4",
- "html_url": "https:\/\/github.com\/areuu"
- },
- "html_url": "https:\/\/github.com\/areuu\/CVE-2018-8120",
- "description": "CVE-2018-8120 POC",
- "fork": false,
- "created_at": "2018-06-16T09:40:27Z",
- "updated_at": "2019-11-21T07:01:19Z",
- "pushed_at": "2018-06-16T10:18:15Z",
- "stargazers_count": 2,
- "watchers_count": 2,
- "forks_count": 0,
- "forks": 0,
- "watchers": 2,
- "score": 0
- },
- {
- "id": 140512208,
- "name": "CVE-2018-8120",
- "full_name": "EVOL4\/CVE-2018-8120",
- "owner": {
- "login": "EVOL4",
- "id": 26862344,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/26862344?v=4",
- "html_url": "https:\/\/github.com\/EVOL4"
- },
- "html_url": "https:\/\/github.com\/EVOL4\/CVE-2018-8120",
- "description": "dd",
- "fork": false,
- "created_at": "2018-07-11T02:41:16Z",
- "updated_at": "2018-11-16T12:24:05Z",
- "pushed_at": "2018-08-10T13:06:04Z",
- "stargazers_count": 2,
- "watchers_count": 2,
- "forks_count": 1,
- "forks": 1,
- "watchers": 2,
- "score": 0
- },
- {
- "id": 144975276,
- "name": "CVE-2018-8120",
- "full_name": "ozkanbilge\/CVE-2018-8120",
- "owner": {
- "login": "ozkanbilge",
- "id": 39211596,
- "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39211596?v=4",
- "html_url": "https:\/\/github.com\/ozkanbilge"
- },
- "html_url": "https:\/\/github.com\/ozkanbilge\/CVE-2018-8120",
- "description": "CVE-2018-8120 Windows LPE exploit",
- "fork": false,
- "created_at": "2018-08-16T10:51:00Z",
- "updated_at": "2018-10-26T06:15:38Z",
- "pushed_at": "2018-08-16T10:53:19Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 0,
- "forks": 0,
- "watchers": 1,
- "score": 0
- },
{
"id": 162424739,
"name": "CVE-2018-8120",
diff --git a/2018/CVE-2018-8174.json b/2018/CVE-2018-8174.json
index 417ed8c42e..b3c87ee444 100644
--- a/2018/CVE-2018-8174.json
+++ b/2018/CVE-2018-8174.json
@@ -1,119 +1,4 @@
[
- {
- "id": 134479769,
- "name": "CVE-2018-8174-msf",
- "full_name": "0x09AL\/CVE-2018-8174-msf",
- "owner": {
- "login": "0x09AL",
- "id": 25826294,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25826294?v=4",
- "html_url": "https:\/\/github.com\/0x09AL"
- },
- "html_url": "https:\/\/github.com\/0x09AL\/CVE-2018-8174-msf",
- "description": "CVE-2018-8174 - VBScript memory corruption exploit.",
- "fork": false,
- "created_at": "2018-05-22T21:50:32Z",
- "updated_at": "2020-02-21T17:21:50Z",
- "pushed_at": "2018-05-23T20:43:58Z",
- "stargazers_count": 160,
- "watchers_count": 160,
- "forks_count": 74,
- "forks": 74,
- "watchers": 160,
- "score": 0
- },
- {
- "id": 135381512,
- "name": "CVE-2018-8174_EXP",
- "full_name": "Yt1g3r\/CVE-2018-8174_EXP",
- "owner": {
- "login": "Yt1g3r",
- "id": 12625147,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12625147?v=4",
- "html_url": "https:\/\/github.com\/Yt1g3r"
- },
- "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2018-8174_EXP",
- "description": "CVE-2018-8174_python",
- "fork": false,
- "created_at": "2018-05-30T03:12:32Z",
- "updated_at": "2020-03-09T12:03:04Z",
- "pushed_at": "2018-05-30T03:33:14Z",
- "stargazers_count": 124,
- "watchers_count": 124,
- "forks_count": 53,
- "forks": 53,
- "watchers": 124,
- "score": 0
- },
- {
- "id": 135767741,
- "name": "CVE-2018-8174",
- "full_name": "SyFi\/CVE-2018-8174",
- "owner": {
- "login": "SyFi",
- "id": 26314806,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26314806?v=4",
- "html_url": "https:\/\/github.com\/SyFi"
- },
- "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8174",
- "description": "MS Word MS WordPad via IE VBS Engine RCE ",
- "fork": false,
- "created_at": "2018-06-01T22:12:54Z",
- "updated_at": "2019-12-06T00:54:27Z",
- "pushed_at": "2018-06-01T22:18:59Z",
- "stargazers_count": 8,
- "watchers_count": 8,
- "forks_count": 11,
- "forks": 11,
- "watchers": 8,
- "score": 0
- },
- {
- "id": 138712476,
- "name": "Rig-Exploit-for-CVE-2018-8174",
- "full_name": "orf53975\/Rig-Exploit-for-CVE-2018-8174",
- "owner": {
- "login": "orf53975",
- "id": 25189997,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25189997?v=4",
- "html_url": "https:\/\/github.com\/orf53975"
- },
- "html_url": "https:\/\/github.com\/orf53975\/Rig-Exploit-for-CVE-2018-8174",
- "description": "Rig Exploit for CVE-2018-8174 As with its previous campaigns, Rig’s Seamless campaign uses malvertising. In this case, the malvertisements have a hidden iframe that redirects victims to Rig’s landing page, which includes an exploit for CVE-2018-8174 and shellcode. This enables remote code execution of the shellcode obfuscated in the landing page. After successful exploitation, a second-stage downloader is retrieved, which appears to be a variant of SmokeLoader due to the URL. It would then download the final payload, a Monero miner.",
- "fork": false,
- "created_at": "2018-06-26T09:03:45Z",
- "updated_at": "2018-11-16T12:24:05Z",
- "pushed_at": "2018-06-08T14:33:04Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 1,
- "forks": 1,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 140478620,
- "name": "cve-2018-8174_analysis",
- "full_name": "piotrflorczyk\/cve-2018-8174_analysis",
- "owner": {
- "login": "piotrflorczyk",
- "id": 7830144,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7830144?v=4",
- "html_url": "https:\/\/github.com\/piotrflorczyk"
- },
- "html_url": "https:\/\/github.com\/piotrflorczyk\/cve-2018-8174_analysis",
- "description": "Analysis of VBS exploit CVE-2018-8174",
- "fork": false,
- "created_at": "2018-07-10T19:31:25Z",
- "updated_at": "2020-03-15T15:25:11Z",
- "pushed_at": "2018-07-12T08:35:13Z",
- "stargazers_count": 12,
- "watchers_count": 12,
- "forks_count": 8,
- "forks": 8,
- "watchers": 12,
- "score": 0
- },
{
"id": 147615569,
"name": "CVE-2018-8174-msf",
diff --git a/2018/CVE-2018-9995.json b/2018/CVE-2018-9995.json
index da4689bf60..494c8942c4 100644
--- a/2018/CVE-2018-9995.json
+++ b/2018/CVE-2018-9995.json
@@ -22,98 +22,6 @@
"watchers": 415,
"score": 0
},
- {
- "id": 132603275,
- "name": "CVE-2018-9995_Batch_scanning_exp",
- "full_name": "zzh217\/CVE-2018-9995_Batch_scanning_exp",
- "owner": {
- "login": "zzh217",
- "id": 26359175,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26359175?v=4",
- "html_url": "https:\/\/github.com\/zzh217"
- },
- "html_url": "https:\/\/github.com\/zzh217\/CVE-2018-9995_Batch_scanning_exp",
- "description": "CVE-2018-9995_Batch_scanning_exp",
- "fork": false,
- "created_at": "2018-05-08T12:07:26Z",
- "updated_at": "2018-11-29T12:00:35Z",
- "pushed_at": "2018-08-09T14:41:32Z",
- "stargazers_count": 4,
- "watchers_count": 4,
- "forks_count": 2,
- "forks": 2,
- "watchers": 4,
- "score": 0
- },
- {
- "id": 132681023,
- "name": "CVE-2018-9995_check",
- "full_name": "Huangkey\/CVE-2018-9995_check",
- "owner": {
- "login": "Huangkey",
- "id": 22346795,
- "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22346795?v=4",
- "html_url": "https:\/\/github.com\/Huangkey"
- },
- "html_url": "https:\/\/github.com\/Huangkey\/CVE-2018-9995_check",
- "description": "DVR系列摄像头批量检测",
- "fork": false,
- "created_at": "2018-05-09T00:43:24Z",
- "updated_at": "2018-05-11T08:45:27Z",
- "pushed_at": "2018-05-09T10:13:20Z",
- "stargazers_count": 1,
- "watchers_count": 1,
- "forks_count": 1,
- "forks": 1,
- "watchers": 1,
- "score": 0
- },
- {
- "id": 133002644,
- "name": "CVE-2018-9995-ModifiedByGwolfs",
- "full_name": "gwolfs\/CVE-2018-9995-ModifiedByGwolfs",
- "owner": {
- "login": "gwolfs",
- "id": 39183087,
- "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/39183087?v=4",
- "html_url": "https:\/\/github.com\/gwolfs"
- },
- "html_url": "https:\/\/github.com\/gwolfs\/CVE-2018-9995-ModifiedByGwolfs",
- "description": null,
- "fork": false,
- "created_at": "2018-05-11T07:05:37Z",
- "updated_at": "2018-05-21T06:35:44Z",
- "pushed_at": "2018-05-21T06:35:43Z",
- "stargazers_count": 2,
- "watchers_count": 2,
- "forks_count": 0,
- "forks": 0,
- "watchers": 2,
- "score": 0
- },
- {
- "id": 139241933,
- "name": "cve-2018-9995",
- "full_name": "shacojx\/cve-2018-9995",
- "owner": {
- "login": "shacojx",
- "id": 19655109,
- "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19655109?v=4",
- "html_url": "https:\/\/github.com\/shacojx"
- },
- "html_url": "https:\/\/github.com\/shacojx\/cve-2018-9995",
- "description": "exploit camera with vuln cve-2018-9995 ( Novo, CeNova, QSee, Pulnix, XVR 5 in 1 (title: \"XVR Login\"), Securus, - Security. Never Compromise !! - Night OWL, DVR Login, HVR Login, MDVR Login )",
- "fork": false,
- "created_at": "2018-06-30T10:54:40Z",
- "updated_at": "2020-01-22T01:20:24Z",
- "pushed_at": "2018-06-30T10:55:19Z",
- "stargazers_count": 3,
- "watchers_count": 3,
- "forks_count": 1,
- "forks": 1,
- "watchers": 3,
- "score": 0
- },
{
"id": 150025071,
"name": "DVR-Exploiter",
diff --git a/2019/CVE-2019-0192.json b/2019/CVE-2019-0192.json
index eb4446571d..63440862a8 100644
--- a/2019/CVE-2019-0192.json
+++ b/2019/CVE-2019-0192.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 174814901,
+ "name": "CVE-2019-0192",
+ "full_name": "mpgn\/CVE-2019-0192",
+ "owner": {
+ "login": "mpgn",
+ "id": 5891788,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4",
+ "html_url": "https:\/\/github.com\/mpgn"
+ },
+ "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-0192",
+ "description": "RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl",
+ "fork": false,
+ "created_at": "2019-03-10T11:35:26Z",
+ "updated_at": "2020-03-19T02:58:47Z",
+ "pushed_at": "2019-03-10T18:33:43Z",
+ "stargazers_count": 198,
+ "watchers_count": 198,
+ "forks_count": 57,
+ "forks": 57,
+ "watchers": 198,
+ "score": 0
+ },
{
"id": 218993619,
"name": "Solr-RCE-CVE-2019-0192",
diff --git a/2019/CVE-2019-0193.json b/2019/CVE-2019-0193.json
index b87b86e0db..5de0d2fca7 100644
--- a/2019/CVE-2019-0193.json
+++ b/2019/CVE-2019-0193.json
@@ -1,4 +1,50 @@
[
+ {
+ "id": 176290079,
+ "name": "CVE-2019-0193",
+ "full_name": "xConsoIe\/CVE-2019-0193",
+ "owner": {
+ "login": "xConsoIe",
+ "id": 48456709,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/48456709?v=4",
+ "html_url": "https:\/\/github.com\/xConsoIe"
+ },
+ "html_url": "https:\/\/github.com\/xConsoIe\/CVE-2019-0193",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-03-18T13:18:01Z",
+ "updated_at": "2019-09-04T03:22:35Z",
+ "pushed_at": "2019-03-18T13:22:48Z",
+ "stargazers_count": 5,
+ "watchers_count": 5,
+ "forks_count": 5,
+ "forks": 5,
+ "watchers": 5,
+ "score": 0
+ },
+ {
+ "id": 201405406,
+ "name": "CVE-2019-0193",
+ "full_name": "jas502n\/CVE-2019-0193",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-0193",
+ "description": "Apache Solr DataImport Handler RCE",
+ "fork": false,
+ "created_at": "2019-08-09T06:27:39Z",
+ "updated_at": "2020-03-21T23:35:34Z",
+ "pushed_at": "2019-08-12T02:23:38Z",
+ "stargazers_count": 70,
+ "watchers_count": 70,
+ "forks_count": 34,
+ "forks": 34,
+ "watchers": 70,
+ "score": 0
+ },
{
"id": 201878363,
"name": "solr_exploit",
@@ -21,5 +67,28 @@
"forks": 5,
"watchers": 20,
"score": 0
+ },
+ {
+ "id": 206173868,
+ "name": "CVE-2019-0193-exp",
+ "full_name": "jaychouzzk\/CVE-2019-0193-exp",
+ "owner": {
+ "login": "jaychouzzk",
+ "id": 45549315,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45549315?v=4",
+ "html_url": "https:\/\/github.com\/jaychouzzk"
+ },
+ "html_url": "https:\/\/github.com\/jaychouzzk\/CVE-2019-0193-exp",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-09-03T21:16:24Z",
+ "updated_at": "2019-10-02T11:54:13Z",
+ "pushed_at": "2019-09-04T15:40:41Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-0232.json b/2019/CVE-2019-0232.json
index cf01d26346..9258e79e30 100644
--- a/2019/CVE-2019-0232.json
+++ b/2019/CVE-2019-0232.json
@@ -22,6 +22,52 @@
"watchers": 168,
"score": 0
},
+ {
+ "id": 181706868,
+ "name": "CVE-2019-0232",
+ "full_name": "jas502n\/CVE-2019-0232",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-0232",
+ "description": "Apache Tomcat Remote Code Execution on Windows - CGI-BIN",
+ "fork": false,
+ "created_at": "2019-04-16T14:32:03Z",
+ "updated_at": "2020-03-12T00:07:25Z",
+ "pushed_at": "2019-04-17T02:42:03Z",
+ "stargazers_count": 53,
+ "watchers_count": 53,
+ "forks_count": 21,
+ "forks": 21,
+ "watchers": 53,
+ "score": 0
+ },
+ {
+ "id": 188168912,
+ "name": "CVE-2019-0232-EXP",
+ "full_name": "CherishHair\/CVE-2019-0232-EXP",
+ "owner": {
+ "login": "CherishHair",
+ "id": 16273668,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/16273668?v=4",
+ "html_url": "https:\/\/github.com\/CherishHair"
+ },
+ "html_url": "https:\/\/github.com\/CherishHair\/CVE-2019-0232-EXP",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-23T05:44:29Z",
+ "updated_at": "2019-11-27T11:05:38Z",
+ "pushed_at": "2019-05-23T13:13:02Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 3,
+ "score": 0
+ },
{
"id": 223192188,
"name": "CVE-2019-0232",
diff --git a/2019/CVE-2019-0604.json b/2019/CVE-2019-0604.json
index b5502db570..56421ef000 100644
--- a/2019/CVE-2019-0604.json
+++ b/2019/CVE-2019-0604.json
@@ -1,4 +1,50 @@
[
+ {
+ "id": 177246255,
+ "name": "CVE-2019-0604",
+ "full_name": "linhlhq\/CVE-2019-0604",
+ "owner": {
+ "login": "linhlhq",
+ "id": 28854132,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/28854132?v=4",
+ "html_url": "https:\/\/github.com\/linhlhq"
+ },
+ "html_url": "https:\/\/github.com\/linhlhq\/CVE-2019-0604",
+ "description": "CVE-2019-0604",
+ "fork": false,
+ "created_at": "2019-03-23T05:01:54Z",
+ "updated_at": "2020-03-23T11:08:00Z",
+ "pushed_at": "2019-03-22T05:45:44Z",
+ "stargazers_count": 119,
+ "watchers_count": 119,
+ "forks_count": 71,
+ "forks": 71,
+ "watchers": 119,
+ "score": 0
+ },
+ {
+ "id": 179413290,
+ "name": "CVE-2019-0604_sharepoint_CVE",
+ "full_name": "denmilu\/CVE-2019-0604_sharepoint_CVE",
+ "owner": {
+ "login": "denmilu",
+ "id": 2469038,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4",
+ "html_url": "https:\/\/github.com\/denmilu"
+ },
+ "html_url": "https:\/\/github.com\/denmilu\/CVE-2019-0604_sharepoint_CVE",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-04-04T03:17:30Z",
+ "updated_at": "2019-04-04T03:17:59Z",
+ "pushed_at": "2019-04-04T03:17:57Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 3,
+ "forks": 3,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 193926769,
"name": "CVE-2019-0604",
diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json
index c29650b63f..e65c311e54 100644
--- a/2019/CVE-2019-0708.json
+++ b/2019/CVE-2019-0708.json
@@ -1,4 +1,119 @@
[
+ {
+ "id": 186699764,
+ "name": "CVE-2019-0708-poc",
+ "full_name": "hook-s3c\/CVE-2019-0708-poc",
+ "owner": {
+ "login": "hook-s3c",
+ "id": 31825993,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31825993?v=4",
+ "html_url": "https:\/\/github.com\/hook-s3c"
+ },
+ "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2019-0708-poc",
+ "description": "proof of concept exploit for Microsoft Windows 7 and Server 2008 RDP vulnerability",
+ "fork": false,
+ "created_at": "2019-05-14T21:00:50Z",
+ "updated_at": "2019-11-27T19:50:44Z",
+ "pushed_at": "2019-05-15T14:23:11Z",
+ "stargazers_count": 41,
+ "watchers_count": 41,
+ "forks_count": 10,
+ "forks": 10,
+ "watchers": 41,
+ "score": 0
+ },
+ {
+ "id": 186705259,
+ "name": "CVE-2019-0708",
+ "full_name": "SherlockSec\/CVE-2019-0708",
+ "owner": {
+ "login": "SherlockSec",
+ "id": 37545173,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37545173?v=4",
+ "html_url": "https:\/\/github.com\/SherlockSec"
+ },
+ "html_url": "https:\/\/github.com\/SherlockSec\/CVE-2019-0708",
+ "description": "A Win7 RDP exploit",
+ "fork": false,
+ "created_at": "2019-05-14T21:47:33Z",
+ "updated_at": "2019-12-12T01:46:35Z",
+ "pushed_at": "2019-05-14T21:51:14Z",
+ "stargazers_count": 11,
+ "watchers_count": 11,
+ "forks_count": 46,
+ "forks": 46,
+ "watchers": 11,
+ "score": 0
+ },
+ {
+ "id": 186731659,
+ "name": "CVE-2019-0708-PoC",
+ "full_name": "yetiddbb\/CVE-2019-0708-PoC",
+ "owner": {
+ "login": "yetiddbb",
+ "id": 12067282,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12067282?v=4",
+ "html_url": "https:\/\/github.com\/yetiddbb"
+ },
+ "html_url": "https:\/\/github.com\/yetiddbb\/CVE-2019-0708-PoC",
+ "description": "CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-15T02:03:50Z",
+ "updated_at": "2019-05-15T02:06:00Z",
+ "pushed_at": "2019-05-15T02:03:51Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 186734186,
+ "name": "CVE-2019-0708-exploit",
+ "full_name": "p0p0p0\/CVE-2019-0708-exploit",
+ "owner": {
+ "login": "p0p0p0",
+ "id": 38487045,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/38487045?v=4",
+ "html_url": "https:\/\/github.com\/p0p0p0"
+ },
+ "html_url": "https:\/\/github.com\/p0p0p0\/CVE-2019-0708-exploit",
+ "description": "CVE-2019-0708-exploit",
+ "fork": false,
+ "created_at": "2019-05-15T02:24:21Z",
+ "updated_at": "2020-03-21T13:14:13Z",
+ "pushed_at": "2019-05-15T02:26:46Z",
+ "stargazers_count": 107,
+ "watchers_count": 107,
+ "forks_count": 23,
+ "forks": 23,
+ "watchers": 107,
+ "score": 0
+ },
+ {
+ "id": 186738633,
+ "name": "CVE-2019-0708-Exploit",
+ "full_name": "rockmelodies\/CVE-2019-0708-Exploit",
+ "owner": {
+ "login": "rockmelodies",
+ "id": 24653177,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24653177?v=4",
+ "html_url": "https:\/\/github.com\/rockmelodies"
+ },
+ "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2019-0708-Exploit",
+ "description": "Using CVE-2019-0708 to Locally Promote Privileges in Windows 10 System",
+ "fork": false,
+ "created_at": "2019-05-15T02:58:04Z",
+ "updated_at": "2019-10-15T14:09:51Z",
+ "pushed_at": "2019-05-15T02:51:24Z",
+ "stargazers_count": 29,
+ "watchers_count": 29,
+ "forks_count": 33,
+ "forks": 33,
+ "watchers": 29,
+ "score": 0
+ },
{
"id": 186746847,
"name": "CVE-2019-0708",
@@ -22,6 +137,52 @@
"watchers": 8,
"score": 0
},
+ {
+ "id": 186769422,
+ "name": "Dark-Network-CVE-2019-0708",
+ "full_name": "xiyangzuishuai\/Dark-Network-CVE-2019-0708",
+ "owner": {
+ "login": "xiyangzuishuai",
+ "id": 50652254,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50652254?v=4",
+ "html_url": "https:\/\/github.com\/xiyangzuishuai"
+ },
+ "html_url": "https:\/\/github.com\/xiyangzuishuai\/Dark-Network-CVE-2019-0708",
+ "description": "Dark Net Sunset New Release CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-15T07:09:24Z",
+ "updated_at": "2019-05-15T07:09:24Z",
+ "pushed_at": "2019-05-15T07:09:25Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 186771926,
+ "name": "CVE-2019-0708",
+ "full_name": "temp-user-2014\/CVE-2019-0708",
+ "owner": {
+ "login": "temp-user-2014",
+ "id": 20980272,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20980272?v=4",
+ "html_url": "https:\/\/github.com\/temp-user-2014"
+ },
+ "html_url": "https:\/\/github.com\/temp-user-2014\/CVE-2019-0708",
+ "description": "CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-15T07:24:34Z",
+ "updated_at": "2019-05-15T07:32:17Z",
+ "pushed_at": "2019-05-15T07:32:16Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 186793386,
"name": "CVE-2019-0708",
@@ -45,6 +206,29 @@
"watchers": 3,
"score": 0
},
+ {
+ "id": 186794712,
+ "name": "cve-2019-0708-2",
+ "full_name": "pry0cc\/cve-2019-0708-2",
+ "owner": {
+ "login": "pry0cc",
+ "id": 4334403,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4334403?v=4",
+ "html_url": "https:\/\/github.com\/pry0cc"
+ },
+ "html_url": "https:\/\/github.com\/pry0cc\/cve-2019-0708-2",
+ "description": "Testing my new bot out",
+ "fork": false,
+ "created_at": "2019-05-15T09:32:28Z",
+ "updated_at": "2020-03-17T03:44:13Z",
+ "pushed_at": "2019-05-15T14:55:23Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 3,
+ "score": 0
+ },
{
"id": 186836054,
"name": "CVE-2019-0708-EXPloit",
@@ -114,6 +298,29 @@
"watchers": 1,
"score": 0
},
+ {
+ "id": 186849775,
+ "name": "CVE-2019-0708",
+ "full_name": "k8gege\/CVE-2019-0708",
+ "owner": {
+ "login": "k8gege",
+ "id": 42312878,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4",
+ "html_url": "https:\/\/github.com\/k8gege"
+ },
+ "html_url": "https:\/\/github.com\/k8gege\/CVE-2019-0708",
+ "description": "3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)",
+ "fork": false,
+ "created_at": "2019-05-15T15:01:38Z",
+ "updated_at": "2020-03-23T09:56:21Z",
+ "pushed_at": "2019-06-13T13:07:03Z",
+ "stargazers_count": 291,
+ "watchers_count": 291,
+ "forks_count": 179,
+ "forks": 179,
+ "watchers": 291,
+ "score": 0
+ },
{
"id": 186851202,
"name": "RDS_CVE-2019-0708",
@@ -137,6 +344,98 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 186854844,
+ "name": "CVE-2019-0708",
+ "full_name": "jiansiting\/CVE-2019-0708",
+ "owner": {
+ "login": "jiansiting",
+ "id": 28823754,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4",
+ "html_url": "https:\/\/github.com\/jiansiting"
+ },
+ "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-0708",
+ "description": "RDP POC",
+ "fork": false,
+ "created_at": "2019-05-15T15:29:05Z",
+ "updated_at": "2020-02-10T11:52:30Z",
+ "pushed_at": "2019-06-01T04:12:19Z",
+ "stargazers_count": 18,
+ "watchers_count": 18,
+ "forks_count": 13,
+ "forks": 13,
+ "watchers": 18,
+ "score": 0
+ },
+ {
+ "id": 186863422,
+ "name": "CVE-2019-0708",
+ "full_name": "NullByteSuiteDevs\/CVE-2019-0708",
+ "owner": {
+ "login": "NullByteSuiteDevs",
+ "id": 15307246,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15307246?v=4",
+ "html_url": "https:\/\/github.com\/NullByteSuiteDevs"
+ },
+ "html_url": "https:\/\/github.com\/NullByteSuiteDevs\/CVE-2019-0708",
+ "description": "PoC exploit for BlueKeep (CVE-2019-0708)",
+ "fork": false,
+ "created_at": "2019-05-15T16:22:02Z",
+ "updated_at": "2020-03-25T05:26:24Z",
+ "pushed_at": "2019-05-15T16:24:12Z",
+ "stargazers_count": 5,
+ "watchers_count": 5,
+ "forks_count": 3,
+ "forks": 3,
+ "watchers": 5,
+ "score": 0
+ },
+ {
+ "id": 186864995,
+ "name": "CVE-2019-0708",
+ "full_name": "heaphopopotamus\/CVE-2019-0708",
+ "owner": {
+ "login": "heaphopopotamus",
+ "id": 33820078,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33820078?v=4",
+ "html_url": "https:\/\/github.com\/heaphopopotamus"
+ },
+ "html_url": "https:\/\/github.com\/heaphopopotamus\/CVE-2019-0708",
+ "description": "Waiting for reliable code to create vuln scanner",
+ "fork": false,
+ "created_at": "2019-05-15T16:32:19Z",
+ "updated_at": "2019-05-21T17:24:40Z",
+ "pushed_at": "2019-05-15T16:32:21Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 186865180,
+ "name": "CVE-2019-0708",
+ "full_name": "thugcrowd\/CVE-2019-0708",
+ "owner": {
+ "login": "thugcrowd",
+ "id": 40207376,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/40207376?v=4",
+ "html_url": "https:\/\/github.com\/thugcrowd"
+ },
+ "html_url": "https:\/\/github.com\/thugcrowd\/CVE-2019-0708",
+ "description": "sup pry0cc :3",
+ "fork": false,
+ "created_at": "2019-05-15T16:33:31Z",
+ "updated_at": "2020-03-24T14:55:02Z",
+ "pushed_at": "2019-08-28T02:51:47Z",
+ "stargazers_count": 6,
+ "watchers_count": 6,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 6,
+ "score": 0
+ },
{
"id": 186874375,
"name": "CVE-2019-0708-PoC",
@@ -160,6 +459,75 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 186877745,
+ "name": "CVE-2019-0708",
+ "full_name": "blacksunwen\/CVE-2019-0708",
+ "owner": {
+ "login": "blacksunwen",
+ "id": 26432151,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26432151?v=4",
+ "html_url": "https:\/\/github.com\/blacksunwen"
+ },
+ "html_url": "https:\/\/github.com\/blacksunwen\/CVE-2019-0708",
+ "description": "CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-15T17:56:22Z",
+ "updated_at": "2020-03-27T11:43:40Z",
+ "pushed_at": "2019-05-29T10:17:16Z",
+ "stargazers_count": 20,
+ "watchers_count": 20,
+ "forks_count": 10,
+ "forks": 10,
+ "watchers": 20,
+ "score": 0
+ },
+ {
+ "id": 186887802,
+ "name": "CVE-2019-0708",
+ "full_name": "infenet\/CVE-2019-0708",
+ "owner": {
+ "login": "infenet",
+ "id": 34240091,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/34240091?v=4",
+ "html_url": "https:\/\/github.com\/infenet"
+ },
+ "html_url": "https:\/\/github.com\/infenet\/CVE-2019-0708",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-15T19:11:03Z",
+ "updated_at": "2019-06-03T05:03:55Z",
+ "pushed_at": "2019-05-15T18:35:48Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 186893561,
+ "name": "CVE-2019-0708",
+ "full_name": "n0auth\/CVE-2019-0708",
+ "owner": {
+ "login": "n0auth",
+ "id": 50678852,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50678852?v=4",
+ "html_url": "https:\/\/github.com\/n0auth"
+ },
+ "html_url": "https:\/\/github.com\/n0auth\/CVE-2019-0708",
+ "description": "Totally legitimate",
+ "fork": false,
+ "created_at": "2019-05-15T19:53:34Z",
+ "updated_at": "2020-01-11T19:07:22Z",
+ "pushed_at": "2019-05-15T20:14:13Z",
+ "stargazers_count": 11,
+ "watchers_count": 11,
+ "forks_count": 12,
+ "forks": 12,
+ "watchers": 11,
+ "score": 0
+ },
{
"id": 186895051,
"name": "CVE-2019-0708",
@@ -206,6 +574,52 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 186908816,
+ "name": "CVE-2019-0708",
+ "full_name": "HackerJ0e\/CVE-2019-0708",
+ "owner": {
+ "login": "HackerJ0e",
+ "id": 19658269,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/19658269?v=4",
+ "html_url": "https:\/\/github.com\/HackerJ0e"
+ },
+ "html_url": "https:\/\/github.com\/HackerJ0e\/CVE-2019-0708",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-15T22:03:28Z",
+ "updated_at": "2019-05-15T22:09:37Z",
+ "pushed_at": "2019-05-15T22:09:36Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 186922161,
+ "name": "CVE-2019-0708",
+ "full_name": "syriusbughunt\/CVE-2019-0708",
+ "owner": {
+ "login": "syriusbughunt",
+ "id": 45476916,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/45476916?v=4",
+ "html_url": "https:\/\/github.com\/syriusbughunt"
+ },
+ "html_url": "https:\/\/github.com\/syriusbughunt\/CVE-2019-0708",
+ "description": "PoC about CVE-2019-0708 (RDP; Windows 7, Windows Server 2003, Windows Server 2008) ",
+ "fork": false,
+ "created_at": "2019-05-16T00:34:23Z",
+ "updated_at": "2020-02-13T14:34:03Z",
+ "pushed_at": "2019-05-16T02:12:17Z",
+ "stargazers_count": 39,
+ "watchers_count": 39,
+ "forks_count": 9,
+ "forks": 9,
+ "watchers": 39,
+ "score": 0
+ },
{
"id": 186923282,
"name": "CVE-2019-0708",
@@ -252,6 +666,29 @@
"watchers": 1,
"score": 0
},
+ {
+ "id": 186978771,
+ "name": "CVE-2019-0708",
+ "full_name": "shumtheone\/CVE-2019-0708",
+ "owner": {
+ "login": "shumtheone",
+ "id": 41236357,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/41236357?v=4",
+ "html_url": "https:\/\/github.com\/shumtheone"
+ },
+ "html_url": "https:\/\/github.com\/shumtheone\/CVE-2019-0708",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-16T07:48:55Z",
+ "updated_at": "2019-05-27T23:09:54Z",
+ "pushed_at": "2019-05-16T07:58:38Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 1,
+ "score": 0
+ },
{
"id": 187001080,
"name": "CVE-2019-0708",
@@ -275,6 +712,144 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 187032294,
+ "name": "cve-2019-0708-exp",
+ "full_name": "Jaky5155\/cve-2019-0708-exp",
+ "owner": {
+ "login": "Jaky5155",
+ "id": 47801640,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/47801640?v=4",
+ "html_url": "https:\/\/github.com\/Jaky5155"
+ },
+ "html_url": "https:\/\/github.com\/Jaky5155\/cve-2019-0708-exp",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-16T13:21:02Z",
+ "updated_at": "2020-02-13T14:34:03Z",
+ "pushed_at": "2019-05-22T04:24:58Z",
+ "stargazers_count": 29,
+ "watchers_count": 29,
+ "forks_count": 23,
+ "forks": 23,
+ "watchers": 29,
+ "score": 0
+ },
+ {
+ "id": 187057686,
+ "name": "CVE-2019-0708-Check-Device-Patch-Status",
+ "full_name": "fourtwizzy\/CVE-2019-0708-Check-Device-Patch-Status",
+ "owner": {
+ "login": "fourtwizzy",
+ "id": 1735941,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1735941?v=4",
+ "html_url": "https:\/\/github.com\/fourtwizzy"
+ },
+ "html_url": "https:\/\/github.com\/fourtwizzy\/CVE-2019-0708-Check-Device-Patch-Status",
+ "description": "Powershell script to run and determine if a specific device has been patched for CVE-2019-0708. This checks to see if the termdd.sys file has been updated appropriate and is at a version level at or greater than the versions released in the 5\/14\/19 patches.",
+ "fork": false,
+ "created_at": "2019-05-16T15:47:29Z",
+ "updated_at": "2020-02-13T14:34:03Z",
+ "pushed_at": "2019-08-28T17:14:57Z",
+ "stargazers_count": 17,
+ "watchers_count": 17,
+ "forks_count": 8,
+ "forks": 8,
+ "watchers": 17,
+ "score": 0
+ },
+ {
+ "id": 187063902,
+ "name": "CVE-2019-0708",
+ "full_name": "303sec\/CVE-2019-0708",
+ "owner": {
+ "login": "303sec",
+ "id": 39656643,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39656643?v=4",
+ "html_url": "https:\/\/github.com\/303sec"
+ },
+ "html_url": "https:\/\/github.com\/303sec\/CVE-2019-0708",
+ "description": "POC for CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-16T16:26:30Z",
+ "updated_at": "2019-05-18T04:43:06Z",
+ "pushed_at": "2019-05-17T08:34:15Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 187097173,
+ "name": "CVE-2019-0708-POC",
+ "full_name": "f8al\/CVE-2019-0708-POC",
+ "owner": {
+ "login": "f8al",
+ "id": 7221183,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7221183?v=4",
+ "html_url": "https:\/\/github.com\/f8al"
+ },
+ "html_url": "https:\/\/github.com\/f8al\/CVE-2019-0708-POC",
+ "description": "PoC for CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-16T20:30:36Z",
+ "updated_at": "2020-03-25T06:15:05Z",
+ "pushed_at": "2019-05-28T22:20:48Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 187139993,
+ "name": "CVE-2019-0708",
+ "full_name": "blockchainguard\/CVE-2019-0708",
+ "owner": {
+ "login": "blockchainguard",
+ "id": 43979150,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/43979150?v=4",
+ "html_url": "https:\/\/github.com\/blockchainguard"
+ },
+ "html_url": "https:\/\/github.com\/blockchainguard\/CVE-2019-0708",
+ "description": "CVE-2019-0708漏洞MSF批量巡检插件",
+ "fork": false,
+ "created_at": "2019-05-17T03:25:42Z",
+ "updated_at": "2019-08-09T02:10:48Z",
+ "pushed_at": "2019-05-23T04:21:09Z",
+ "stargazers_count": 4,
+ "watchers_count": 4,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 4,
+ "score": 0
+ },
+ {
+ "id": 187151227,
+ "name": "CVE-2019-0708",
+ "full_name": "haoge8090\/CVE-2019-0708",
+ "owner": {
+ "login": "haoge8090",
+ "id": 37906481,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/37906481?v=4",
+ "html_url": "https:\/\/github.com\/haoge8090"
+ },
+ "html_url": "https:\/\/github.com\/haoge8090\/CVE-2019-0708",
+ "description": "CVE-2019-0708 Exploit",
+ "fork": false,
+ "created_at": "2019-05-17T05:19:32Z",
+ "updated_at": "2019-05-23T13:45:56Z",
+ "pushed_at": "2019-05-18T12:03:45Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 2,
+ "score": 0
+ },
{
"id": 187245631,
"name": "CVE-2019-0708",
@@ -321,6 +896,167 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 187336632,
+ "name": "CVE-2019-0708",
+ "full_name": "bilawalzardaer\/CVE-2019-0708",
+ "owner": {
+ "login": "bilawalzardaer",
+ "id": 50767001,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/50767001?v=4",
+ "html_url": "https:\/\/github.com\/bilawalzardaer"
+ },
+ "html_url": "https:\/\/github.com\/bilawalzardaer\/CVE-2019-0708",
+ "description": "CVE-2019-0708 RDP Remote Code Execute Exploit ",
+ "fork": false,
+ "created_at": "2019-05-18T09:02:39Z",
+ "updated_at": "2019-05-26T07:01:12Z",
+ "pushed_at": "2019-05-18T09:12:08Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 187538824,
+ "name": "CVE-2019-0708-PoC-Hitting-Path",
+ "full_name": "skyshell20082008\/CVE-2019-0708-PoC-Hitting-Path",
+ "owner": {
+ "login": "skyshell20082008",
+ "id": 32186292,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32186292?v=4",
+ "html_url": "https:\/\/github.com\/skyshell20082008"
+ },
+ "html_url": "https:\/\/github.com\/skyshell20082008\/CVE-2019-0708-PoC-Hitting-Path",
+ "description": "It's only hitting vulnerable path in termdd.sys!!! NOT DOS",
+ "fork": false,
+ "created_at": "2019-05-19T23:32:34Z",
+ "updated_at": "2020-03-25T06:15:56Z",
+ "pushed_at": "2019-05-19T17:47:28Z",
+ "stargazers_count": 14,
+ "watchers_count": 14,
+ "forks_count": 114,
+ "forks": 114,
+ "watchers": 14,
+ "score": 0
+ },
+ {
+ "id": 187567229,
+ "name": "CVE-2019-0708-",
+ "full_name": "ttsite\/CVE-2019-0708-",
+ "owner": {
+ "login": "ttsite",
+ "id": 43260559,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43260559?v=4",
+ "html_url": "https:\/\/github.com\/ttsite"
+ },
+ "html_url": "https:\/\/github.com\/ttsite\/CVE-2019-0708-",
+ "description": "Announces fraud",
+ "fork": false,
+ "created_at": "2019-05-20T04:23:58Z",
+ "updated_at": "2019-06-11T14:50:34Z",
+ "pushed_at": "2019-06-11T14:50:33Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 187758878,
+ "name": "CVE-2019-0708",
+ "full_name": "ttsite\/CVE-2019-0708",
+ "owner": {
+ "login": "ttsite",
+ "id": 43260559,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43260559?v=4",
+ "html_url": "https:\/\/github.com\/ttsite"
+ },
+ "html_url": "https:\/\/github.com\/ttsite\/CVE-2019-0708",
+ "description": "Report fraud",
+ "fork": false,
+ "created_at": "2019-05-21T04:00:49Z",
+ "updated_at": "2019-07-04T09:25:15Z",
+ "pushed_at": "2019-07-04T09:25:14Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 187768807,
+ "name": "CVE-2019-0708-poc",
+ "full_name": "biggerwing\/CVE-2019-0708-poc",
+ "owner": {
+ "login": "biggerwing",
+ "id": 23331519,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/23331519?v=4",
+ "html_url": "https:\/\/github.com\/biggerwing"
+ },
+ "html_url": "https:\/\/github.com\/biggerwing\/CVE-2019-0708-poc",
+ "description": "CVE-2019-0708 远程代码执行漏洞批量检测",
+ "fork": false,
+ "created_at": "2019-05-21T05:38:54Z",
+ "updated_at": "2020-02-19T10:14:27Z",
+ "pushed_at": "2019-05-30T02:43:06Z",
+ "stargazers_count": 73,
+ "watchers_count": 73,
+ "forks_count": 27,
+ "forks": 27,
+ "watchers": 73,
+ "score": 0
+ },
+ {
+ "id": 187779603,
+ "name": "CVE-2019-0708",
+ "full_name": "n1xbyte\/CVE-2019-0708",
+ "owner": {
+ "login": "n1xbyte",
+ "id": 18420902,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18420902?v=4",
+ "html_url": "https:\/\/github.com\/n1xbyte"
+ },
+ "html_url": "https:\/\/github.com\/n1xbyte\/CVE-2019-0708",
+ "description": "dump",
+ "fork": false,
+ "created_at": "2019-05-21T06:57:19Z",
+ "updated_at": "2020-03-27T10:57:00Z",
+ "pushed_at": "2019-06-01T05:15:11Z",
+ "stargazers_count": 455,
+ "watchers_count": 455,
+ "forks_count": 184,
+ "forks": 184,
+ "watchers": 455,
+ "score": 0
+ },
+ {
+ "id": 187788453,
+ "name": "CVE-2019-0708",
+ "full_name": "freeide\/CVE-2019-0708",
+ "owner": {
+ "login": "freeide",
+ "id": 33774184,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33774184?v=4",
+ "html_url": "https:\/\/github.com\/freeide"
+ },
+ "html_url": "https:\/\/github.com\/freeide\/CVE-2019-0708",
+ "description": "High level exploit",
+ "fork": false,
+ "created_at": "2019-05-21T07:51:41Z",
+ "updated_at": "2020-02-07T09:05:09Z",
+ "pushed_at": "2019-05-15T20:54:37Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 187816400,
"name": "CVE-2019-0708-POC",
@@ -344,6 +1080,29 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 187824958,
+ "name": "BlueKeepTracker",
+ "full_name": "pry0cc\/BlueKeepTracker",
+ "owner": {
+ "login": "pry0cc",
+ "id": 4334403,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4334403?v=4",
+ "html_url": "https:\/\/github.com\/pry0cc"
+ },
+ "html_url": "https:\/\/github.com\/pry0cc\/BlueKeepTracker",
+ "description": "My bot (badly written) to search and monitor cve-2019-0708 repositories ",
+ "fork": false,
+ "created_at": "2019-05-21T11:37:00Z",
+ "updated_at": "2020-03-17T03:44:14Z",
+ "pushed_at": "2019-05-21T11:38:10Z",
+ "stargazers_count": 6,
+ "watchers_count": 6,
+ "forks_count": 2,
+ "forks": 2,
+ "watchers": 6,
+ "score": 0
+ },
{
"id": 187840993,
"name": "CVE-2019-0708-win7",
@@ -413,6 +1172,29 @@
"watchers": 1,
"score": 0
},
+ {
+ "id": 187967704,
+ "name": "rdp0708scanner",
+ "full_name": "l9c\/rdp0708scanner",
+ "owner": {
+ "login": "l9c",
+ "id": 16722567,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16722567?v=4",
+ "html_url": "https:\/\/github.com\/l9c"
+ },
+ "html_url": "https:\/\/github.com\/l9c\/rdp0708scanner",
+ "description": "cve-2019-0708 vulnerablility scanner",
+ "fork": false,
+ "created_at": "2019-05-22T05:18:18Z",
+ "updated_at": "2020-01-19T23:34:36Z",
+ "pushed_at": "2019-05-22T06:06:56Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 187990368,
"name": "cve-2019-0708-scan",
@@ -436,6 +1218,75 @@
"watchers": 5,
"score": 0
},
+ {
+ "id": 188186570,
+ "name": "Check-vuln-CVE-2019-0708",
+ "full_name": "SugiB3o\/Check-vuln-CVE-2019-0708",
+ "owner": {
+ "login": "SugiB3o",
+ "id": 24741216,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24741216?v=4",
+ "html_url": "https:\/\/github.com\/SugiB3o"
+ },
+ "html_url": "https:\/\/github.com\/SugiB3o\/Check-vuln-CVE-2019-0708",
+ "description": "Check vuln CVE 2019-0708",
+ "fork": false,
+ "created_at": "2019-05-23T07:47:29Z",
+ "updated_at": "2019-07-18T07:39:28Z",
+ "pushed_at": "2019-05-23T07:54:14Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 2,
+ "score": 0
+ },
+ {
+ "id": 188244264,
+ "name": "CVE-2019-0708",
+ "full_name": "gobysec\/CVE-2019-0708",
+ "owner": {
+ "login": "gobysec",
+ "id": 50955360,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50955360?v=4",
+ "html_url": "https:\/\/github.com\/gobysec"
+ },
+ "html_url": "https:\/\/github.com\/gobysec\/CVE-2019-0708",
+ "description": "Goby support CVE-2019-0708 \"BlueKeep\" vulnerability check",
+ "fork": false,
+ "created_at": "2019-05-23T13:54:24Z",
+ "updated_at": "2020-02-12T12:29:52Z",
+ "pushed_at": "2019-05-23T14:14:58Z",
+ "stargazers_count": 15,
+ "watchers_count": 15,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 15,
+ "score": 0
+ },
+ {
+ "id": 188257373,
+ "name": "CVE-2019-0708-Tool",
+ "full_name": "adalenv\/CVE-2019-0708-Tool",
+ "owner": {
+ "login": "adalenv",
+ "id": 7238874,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/7238874?v=4",
+ "html_url": "https:\/\/github.com\/adalenv"
+ },
+ "html_url": "https:\/\/github.com\/adalenv\/CVE-2019-0708-Tool",
+ "description": "A social experiment",
+ "fork": false,
+ "created_at": "2019-05-23T15:08:30Z",
+ "updated_at": "2020-03-25T05:27:22Z",
+ "pushed_at": "2019-05-29T17:12:33Z",
+ "stargazers_count": 89,
+ "watchers_count": 89,
+ "forks_count": 12,
+ "forks": 12,
+ "watchers": 89,
+ "score": 0
+ },
{
"id": 188274849,
"name": "CVE-2019-0708-POC",
@@ -459,6 +1310,52 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 188287755,
+ "name": "CVE-2019-0708-PoC-Exploit",
+ "full_name": "freeide\/CVE-2019-0708-PoC-Exploit",
+ "owner": {
+ "login": "freeide",
+ "id": 33774184,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33774184?v=4",
+ "html_url": "https:\/\/github.com\/freeide"
+ },
+ "html_url": "https:\/\/github.com\/freeide\/CVE-2019-0708-PoC-Exploit",
+ "description": "CVE-2019-0708 PoC Exploit",
+ "fork": false,
+ "created_at": "2019-05-23T18:37:27Z",
+ "updated_at": "2020-01-25T02:16:54Z",
+ "pushed_at": "2019-05-23T15:56:16Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 188316989,
+ "name": "rdpscan",
+ "full_name": "robertdavidgraham\/rdpscan",
+ "owner": {
+ "login": "robertdavidgraham",
+ "id": 3814757,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3814757?v=4",
+ "html_url": "https:\/\/github.com\/robertdavidgraham"
+ },
+ "html_url": "https:\/\/github.com\/robertdavidgraham\/rdpscan",
+ "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability.",
+ "fork": false,
+ "created_at": "2019-05-23T22:50:12Z",
+ "updated_at": "2020-03-20T20:47:43Z",
+ "pushed_at": "2019-06-22T21:48:45Z",
+ "stargazers_count": 700,
+ "watchers_count": 700,
+ "forks_count": 165,
+ "forks": 165,
+ "watchers": 700,
+ "score": 0
+ },
{
"id": 188376138,
"name": "CVE-2019-0708-POC",
@@ -482,6 +1379,121 @@
"watchers": 12,
"score": 0
},
+ {
+ "id": 188781634,
+ "name": "Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit",
+ "full_name": "krivegasa\/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit",
+ "owner": {
+ "login": "krivegasa",
+ "id": 26058390,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26058390?v=4",
+ "html_url": "https:\/\/github.com\/krivegasa"
+ },
+ "html_url": "https:\/\/github.com\/krivegasa\/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit",
+ "description": "Scan through given ip list",
+ "fork": false,
+ "created_at": "2019-05-27T06:11:51Z",
+ "updated_at": "2020-01-14T11:35:09Z",
+ "pushed_at": "2019-05-22T22:32:03Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 188842935,
+ "name": "bluekeepscan",
+ "full_name": "Rostelecom-CERT\/bluekeepscan",
+ "owner": {
+ "login": "Rostelecom-CERT",
+ "id": 36195291,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/36195291?v=4",
+ "html_url": "https:\/\/github.com\/Rostelecom-CERT"
+ },
+ "html_url": "https:\/\/github.com\/Rostelecom-CERT\/bluekeepscan",
+ "description": "CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-27T12:52:11Z",
+ "updated_at": "2020-03-25T05:25:43Z",
+ "pushed_at": "2019-05-27T12:58:13Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 2,
+ "forks": 2,
+ "watchers": 2,
+ "score": 0
+ },
+ {
+ "id": 188939031,
+ "name": "CVE-2019-0708",
+ "full_name": "Leoid\/CVE-2019-0708",
+ "owner": {
+ "login": "Leoid",
+ "id": 19527552,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19527552?v=4",
+ "html_url": "https:\/\/github.com\/Leoid"
+ },
+ "html_url": "https:\/\/github.com\/Leoid\/CVE-2019-0708",
+ "description": "Only Hitting PoC [Tested on Windows Server 2008 r2]",
+ "fork": false,
+ "created_at": "2019-05-28T02:25:21Z",
+ "updated_at": "2020-03-23T13:56:10Z",
+ "pushed_at": "2019-05-28T02:46:19Z",
+ "stargazers_count": 110,
+ "watchers_count": 110,
+ "forks_count": 39,
+ "forks": 39,
+ "watchers": 110,
+ "score": 0
+ },
+ {
+ "id": 189061944,
+ "name": "CVE-2019-0708Poc-BatchScanning",
+ "full_name": "ht0Ruial\/CVE-2019-0708Poc-BatchScanning",
+ "owner": {
+ "login": "ht0Ruial",
+ "id": 44924427,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/44924427?v=4",
+ "html_url": "https:\/\/github.com\/ht0Ruial"
+ },
+ "html_url": "https:\/\/github.com\/ht0Ruial\/CVE-2019-0708Poc-BatchScanning",
+ "description": "基于360公开的无损检测工具的可直接在windows上运行的批量检测程序",
+ "fork": false,
+ "created_at": "2019-05-28T16:09:10Z",
+ "updated_at": "2019-10-20T18:29:55Z",
+ "pushed_at": "2019-05-28T17:16:24Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 3,
+ "score": 0
+ },
+ {
+ "id": 189126322,
+ "name": "BlueKeep",
+ "full_name": "oneoy\/BlueKeep",
+ "owner": {
+ "login": "oneoy",
+ "id": 38435398,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/38435398?v=4",
+ "html_url": "https:\/\/github.com\/oneoy"
+ },
+ "html_url": "https:\/\/github.com\/oneoy\/BlueKeep",
+ "description": "CVE-2019-0708 bluekeep 漏洞检测",
+ "fork": false,
+ "created_at": "2019-05-29T01:08:55Z",
+ "updated_at": "2020-03-25T06:37:48Z",
+ "pushed_at": "2019-05-29T01:09:08Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 1,
+ "score": 0
+ },
{
"id": 189158834,
"name": "CVE-2019-0708",
@@ -528,6 +1540,75 @@
"watchers": 1,
"score": 0
},
+ {
+ "id": 189265014,
+ "name": "BlueKeep",
+ "full_name": "Ekultek\/BlueKeep",
+ "owner": {
+ "login": "Ekultek",
+ "id": 14183473,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14183473?v=4",
+ "html_url": "https:\/\/github.com\/Ekultek"
+ },
+ "html_url": "https:\/\/github.com\/Ekultek\/BlueKeep",
+ "description": "Proof of concept for CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-29T16:53:54Z",
+ "updated_at": "2020-03-25T03:25:30Z",
+ "pushed_at": "2019-09-03T20:50:28Z",
+ "stargazers_count": 1013,
+ "watchers_count": 1013,
+ "forks_count": 350,
+ "forks": 350,
+ "watchers": 1013,
+ "score": 0
+ },
+ {
+ "id": 189380582,
+ "name": "CVE-2019-0708",
+ "full_name": "UraSecTeam\/CVE-2019-0708",
+ "owner": {
+ "login": "UraSecTeam",
+ "id": 23280827,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23280827?v=4",
+ "html_url": "https:\/\/github.com\/UraSecTeam"
+ },
+ "html_url": "https:\/\/github.com\/UraSecTeam\/CVE-2019-0708",
+ "description": "CVE-2019-0708",
+ "fork": false,
+ "created_at": "2019-05-30T08:59:49Z",
+ "updated_at": "2019-05-30T18:05:14Z",
+ "pushed_at": "2019-05-30T18:05:12Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 189422199,
+ "name": "rdpscan-BlueKeep",
+ "full_name": "Gh0st0ne\/rdpscan-BlueKeep",
+ "owner": {
+ "login": "Gh0st0ne",
+ "id": 47971115,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/47971115?v=4",
+ "html_url": "https:\/\/github.com\/Gh0st0ne"
+ },
+ "html_url": "https:\/\/github.com\/Gh0st0ne\/rdpscan-BlueKeep",
+ "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability. ",
+ "fork": false,
+ "created_at": "2019-05-30T13:50:32Z",
+ "updated_at": "2020-03-25T05:24:18Z",
+ "pushed_at": "2019-05-30T13:51:21Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 2,
+ "forks": 2,
+ "watchers": 2,
+ "score": 0
+ },
{
"id": 189498490,
"name": "bluekeep_CVE-2019-0708_poc_to_exploit",
@@ -551,6 +1632,167 @@
"watchers": 321,
"score": 0
},
+ {
+ "id": 189513712,
+ "name": "CVE-2019-0708",
+ "full_name": "JasonLOU\/CVE-2019-0708",
+ "owner": {
+ "login": "JasonLOU",
+ "id": 45555090,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45555090?v=4",
+ "html_url": "https:\/\/github.com\/JasonLOU"
+ },
+ "html_url": "https:\/\/github.com\/JasonLOU\/CVE-2019-0708",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-31T02:28:23Z",
+ "updated_at": "2019-05-31T03:35:33Z",
+ "pushed_at": "2019-05-31T03:35:31Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 189549701,
+ "name": "CVE-2019-0708",
+ "full_name": "shun-gg\/CVE-2019-0708",
+ "owner": {
+ "login": "shun-gg",
+ "id": 50439612,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50439612?v=4",
+ "html_url": "https:\/\/github.com\/shun-gg"
+ },
+ "html_url": "https:\/\/github.com\/shun-gg\/CVE-2019-0708",
+ "description": "蓝屏poc",
+ "fork": false,
+ "created_at": "2019-05-31T07:35:26Z",
+ "updated_at": "2019-07-26T08:52:44Z",
+ "pushed_at": "2019-05-31T08:02:54Z",
+ "stargazers_count": 7,
+ "watchers_count": 7,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 7,
+ "score": 0
+ },
+ {
+ "id": 189571928,
+ "name": "CVE-2019-0708",
+ "full_name": "AdministratorGithub\/CVE-2019-0708",
+ "owner": {
+ "login": "AdministratorGithub",
+ "id": 19834937,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19834937?v=4",
+ "html_url": "https:\/\/github.com\/AdministratorGithub"
+ },
+ "html_url": "https:\/\/github.com\/AdministratorGithub\/CVE-2019-0708",
+ "description": "CVE-2019-0708批量蓝屏恶搞",
+ "fork": false,
+ "created_at": "2019-05-31T09:59:30Z",
+ "updated_at": "2019-07-09T09:33:49Z",
+ "pushed_at": "2019-07-09T09:33:47Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 189634467,
+ "name": "CVE-2019-0708",
+ "full_name": "umarfarook882\/CVE-2019-0708",
+ "owner": {
+ "login": "umarfarook882",
+ "id": 22318677,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22318677?v=4",
+ "html_url": "https:\/\/github.com\/umarfarook882"
+ },
+ "html_url": "https:\/\/github.com\/umarfarook882\/CVE-2019-0708",
+ "description": "CVE-2019-0708 - BlueKeep (RDP)",
+ "fork": false,
+ "created_at": "2019-05-31T17:37:26Z",
+ "updated_at": "2020-03-13T03:40:54Z",
+ "pushed_at": "2019-06-01T11:07:50Z",
+ "stargazers_count": 36,
+ "watchers_count": 36,
+ "forks_count": 8,
+ "forks": 8,
+ "watchers": 36,
+ "score": 0
+ },
+ {
+ "id": 189959275,
+ "name": "detect_bluekeep.py",
+ "full_name": "HynekPetrak\/detect_bluekeep.py",
+ "owner": {
+ "login": "HynekPetrak",
+ "id": 8593983,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8593983?v=4",
+ "html_url": "https:\/\/github.com\/HynekPetrak"
+ },
+ "html_url": "https:\/\/github.com\/HynekPetrak\/detect_bluekeep.py",
+ "description": "Python script to detect bluekeep vulnerability (CVE-2019-0708) with TLS\/SSL and x509 support",
+ "fork": false,
+ "created_at": "2019-06-03T07:49:26Z",
+ "updated_at": "2019-12-19T17:22:47Z",
+ "pushed_at": "2019-06-12T08:48:17Z",
+ "stargazers_count": 17,
+ "watchers_count": 17,
+ "forks_count": 4,
+ "forks": 4,
+ "watchers": 17,
+ "score": 0
+ },
+ {
+ "id": 190510027,
+ "name": "CVE-2019-0708-Batch-Blue-Screen",
+ "full_name": "Wileysec\/CVE-2019-0708-Batch-Blue-Screen",
+ "owner": {
+ "login": "Wileysec",
+ "id": 33207361,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33207361?v=4",
+ "html_url": "https:\/\/github.com\/Wileysec"
+ },
+ "html_url": "https:\/\/github.com\/Wileysec\/CVE-2019-0708-Batch-Blue-Screen",
+ "description": "改写某大佬写的0708蓝屏脚本 改为网段批量蓝屏",
+ "fork": false,
+ "created_at": "2019-06-06T03:49:26Z",
+ "updated_at": "2019-06-13T16:56:58Z",
+ "pushed_at": "2019-06-06T03:57:09Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 191301322,
+ "name": "CVE-2019-0708",
+ "full_name": "Pa55w0rd\/CVE-2019-0708",
+ "owner": {
+ "login": "Pa55w0rd",
+ "id": 16274549,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16274549?v=4",
+ "html_url": "https:\/\/github.com\/Pa55w0rd"
+ },
+ "html_url": "https:\/\/github.com\/Pa55w0rd\/CVE-2019-0708",
+ "description": "CVE-2019-0708批量检测",
+ "fork": false,
+ "created_at": "2019-06-11T05:38:26Z",
+ "updated_at": "2019-11-24T16:23:21Z",
+ "pushed_at": "2019-06-11T06:40:41Z",
+ "stargazers_count": 9,
+ "watchers_count": 9,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 9,
+ "score": 0
+ },
{
"id": 191340467,
"name": "CVE-2019-0708-PoC",
@@ -574,6 +1816,98 @@
"watchers": 16,
"score": 0
},
+ {
+ "id": 191491863,
+ "name": "CVE-2019-0708-Msf--",
+ "full_name": "cream492\/CVE-2019-0708-Msf--",
+ "owner": {
+ "login": "cream492",
+ "id": 29266660,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29266660?v=4",
+ "html_url": "https:\/\/github.com\/cream492"
+ },
+ "html_url": "https:\/\/github.com\/cream492\/CVE-2019-0708-Msf--",
+ "description": "CVE-2019-0708-Msf-验证",
+ "fork": false,
+ "created_at": "2019-06-12T03:37:39Z",
+ "updated_at": "2019-06-12T03:40:17Z",
+ "pushed_at": "2019-06-12T03:38:46Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 192833438,
+ "name": "CVE-2019-0708",
+ "full_name": "wdfcc\/CVE-2019-0708",
+ "owner": {
+ "login": "wdfcc",
+ "id": 14845586,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14845586?v=4",
+ "html_url": "https:\/\/github.com\/wdfcc"
+ },
+ "html_url": "https:\/\/github.com\/wdfcc\/CVE-2019-0708",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-06-20T02:19:17Z",
+ "updated_at": "2019-06-20T02:26:29Z",
+ "pushed_at": "2019-06-20T02:26:26Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 193537193,
+ "name": "cve-2019-0708",
+ "full_name": "cvencoder\/cve-2019-0708",
+ "owner": {
+ "login": "cvencoder",
+ "id": 52171059,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52171059?v=4",
+ "html_url": "https:\/\/github.com\/cvencoder"
+ },
+ "html_url": "https:\/\/github.com\/cvencoder\/cve-2019-0708",
+ "description": "POC CVE-2019-0708 with python script!",
+ "fork": false,
+ "created_at": "2019-06-24T16:03:08Z",
+ "updated_at": "2019-07-28T09:20:55Z",
+ "pushed_at": "2019-06-24T16:03:58Z",
+ "stargazers_count": 14,
+ "watchers_count": 14,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 14,
+ "score": 0
+ },
+ {
+ "id": 195150954,
+ "name": "CVE-2019-0708-exp",
+ "full_name": "ze0r\/CVE-2019-0708-exp",
+ "owner": {
+ "login": "ze0r",
+ "id": 43227253,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43227253?v=4",
+ "html_url": "https:\/\/github.com\/ze0r"
+ },
+ "html_url": "https:\/\/github.com\/ze0r\/CVE-2019-0708-exp",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-07-04T01:49:22Z",
+ "updated_at": "2019-11-12T12:02:00Z",
+ "pushed_at": "2019-07-25T07:31:57Z",
+ "stargazers_count": 10,
+ "watchers_count": 10,
+ "forks_count": 4,
+ "forks": 4,
+ "watchers": 10,
+ "score": 0
+ },
{
"id": 196871345,
"name": "cve-2019-0708",
@@ -597,6 +1931,52 @@
"watchers": 20,
"score": 0
},
+ {
+ "id": 197547695,
+ "name": "cve-2019-0708",
+ "full_name": "cve-2019-0708-poc\/cve-2019-0708",
+ "owner": {
+ "login": "cve-2019-0708-poc",
+ "id": 53038783,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/53038783?v=4",
+ "html_url": "https:\/\/github.com\/cve-2019-0708-poc"
+ },
+ "html_url": "https:\/\/github.com\/cve-2019-0708-poc\/cve-2019-0708",
+ "description": "CVE-2019-0708 Exploit Tool",
+ "fork": false,
+ "created_at": "2019-07-18T08:41:01Z",
+ "updated_at": "2019-08-29T04:15:45Z",
+ "pushed_at": "2019-07-18T08:44:51Z",
+ "stargazers_count": 18,
+ "watchers_count": 18,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 18,
+ "score": 0
+ },
+ {
+ "id": 197655376,
+ "name": "CVE-2019-0708",
+ "full_name": "andripwn\/CVE-2019-0708",
+ "owner": {
+ "login": "andripwn",
+ "id": 52893492,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52893492?v=4",
+ "html_url": "https:\/\/github.com\/andripwn"
+ },
+ "html_url": "https:\/\/github.com\/andripwn\/CVE-2019-0708",
+ "description": "Scanner PoC for CVE-2019-0708 RDP RCE vuln",
+ "fork": false,
+ "created_at": "2019-07-18T20:53:54Z",
+ "updated_at": "2020-01-24T04:49:58Z",
+ "pushed_at": "2019-07-18T20:57:19Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
{
"id": 198343084,
"name": "bluekeep",
@@ -620,6 +2000,52 @@
"watchers": 268,
"score": 0
},
+ {
+ "id": 198731225,
+ "name": "CVE-2019-0708",
+ "full_name": "ntkernel0\/CVE-2019-0708",
+ "owner": {
+ "login": "ntkernel0",
+ "id": 46866847,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/46866847?v=4",
+ "html_url": "https:\/\/github.com\/ntkernel0"
+ },
+ "html_url": "https:\/\/github.com\/ntkernel0\/CVE-2019-0708",
+ "description": "收集网上CVE-2018-0708的poc和exp(目前没有找到exp)",
+ "fork": false,
+ "created_at": "2019-07-25T01:05:21Z",
+ "updated_at": "2019-12-07T02:05:23Z",
+ "pushed_at": "2019-07-25T01:03:47Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 202911823,
+ "name": "Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-",
+ "full_name": "dorkerdevil\/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-",
+ "owner": {
+ "login": "dorkerdevil",
+ "id": 15796745,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15796745?v=4",
+ "html_url": "https:\/\/github.com\/dorkerdevil"
+ },
+ "html_url": "https:\/\/github.com\/dorkerdevil\/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-",
+ "description": "rce exploit , made to work with pocsuite3",
+ "fork": false,
+ "created_at": "2019-08-17T17:23:53Z",
+ "updated_at": "2020-03-21T19:32:36Z",
+ "pushed_at": "2019-08-19T02:52:11Z",
+ "stargazers_count": 102,
+ "watchers_count": 102,
+ "forks_count": 52,
+ "forks": 52,
+ "watchers": 102,
+ "score": 0
+ },
{
"id": 202951481,
"name": "bluekeep",
@@ -689,6 +2115,29 @@
"watchers": 1,
"score": 0
},
+ {
+ "id": 206863569,
+ "name": "msf-module-CVE-2019-0708",
+ "full_name": "RickGeex\/msf-module-CVE-2019-0708",
+ "owner": {
+ "login": "RickGeex",
+ "id": 7975904,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7975904?v=4",
+ "html_url": "https:\/\/github.com\/RickGeex"
+ },
+ "html_url": "https:\/\/github.com\/RickGeex\/msf-module-CVE-2019-0708",
+ "description": "Metasploit module for CVE-2019-0708 (BlueKeep) - https:\/\/github.com\/rapid7\/metasploit-framework\/tree\/5a0119b04309c8e61b44763ac08811cd3ecbbf8d\/modules\/exploits\/windows\/rdp",
+ "fork": false,
+ "created_at": "2019-09-06T19:46:03Z",
+ "updated_at": "2020-03-25T05:25:37Z",
+ "pushed_at": "2019-09-07T09:41:22Z",
+ "stargazers_count": 9,
+ "watchers_count": 9,
+ "forks_count": 3,
+ "forks": 3,
+ "watchers": 9,
+ "score": 0
+ },
{
"id": 206893335,
"name": "CVE-2019-0708",
@@ -735,6 +2184,98 @@
"watchers": 35,
"score": 0
},
+ {
+ "id": 206926531,
+ "name": "CVE-2019-0708RDP-MSF",
+ "full_name": "Micr067\/CVE-2019-0708RDP-MSF",
+ "owner": {
+ "login": "Micr067",
+ "id": 49861012,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/49861012?v=4",
+ "html_url": "https:\/\/github.com\/Micr067"
+ },
+ "html_url": "https:\/\/github.com\/Micr067\/CVE-2019-0708RDP-MSF",
+ "description": "CVE-2019-0708RDP MSF",
+ "fork": false,
+ "created_at": "2019-09-07T06:32:25Z",
+ "updated_at": "2019-09-07T06:32:25Z",
+ "pushed_at": "2019-09-07T06:32:26Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 206928449,
+ "name": "CVE-2019-0708-BlueKeep",
+ "full_name": "adkinguzi\/CVE-2019-0708-BlueKeep",
+ "owner": {
+ "login": "adkinguzi",
+ "id": 31617622,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/31617622?v=4",
+ "html_url": "https:\/\/github.com\/adkinguzi"
+ },
+ "html_url": "https:\/\/github.com\/adkinguzi\/CVE-2019-0708-BlueKeep",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-09-07T06:50:47Z",
+ "updated_at": "2020-03-25T05:24:54Z",
+ "pushed_at": "2019-09-07T07:05:24Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 2,
+ "forks": 2,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 206932731,
+ "name": "CVE-2019-0708",
+ "full_name": "FrostsaberX\/CVE-2019-0708",
+ "owner": {
+ "login": "FrostsaberX",
+ "id": 24857203,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24857203?v=4",
+ "html_url": "https:\/\/github.com\/FrostsaberX"
+ },
+ "html_url": "https:\/\/github.com\/FrostsaberX\/CVE-2019-0708",
+ "description": "CVE-2019-0708 With Metasploit-Framework Exploit",
+ "fork": false,
+ "created_at": "2019-09-07T07:32:14Z",
+ "updated_at": "2019-09-09T01:17:19Z",
+ "pushed_at": "2019-09-07T08:50:59Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 3,
+ "score": 0
+ },
+ {
+ "id": 206976374,
+ "name": "CVE-2019-0708-EXP-MSF-",
+ "full_name": "qinggegeya\/CVE-2019-0708-EXP-MSF-",
+ "owner": {
+ "login": "qinggegeya",
+ "id": 30001685,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/30001685?v=4",
+ "html_url": "https:\/\/github.com\/qinggegeya"
+ },
+ "html_url": "https:\/\/github.com\/qinggegeya\/CVE-2019-0708-EXP-MSF-",
+ "description": "CVE-2019-0708-EXP(MSF) Vulnerability exploit program for cve-2019-0708",
+ "fork": false,
+ "created_at": "2019-09-07T14:02:50Z",
+ "updated_at": "2020-03-25T16:07:00Z",
+ "pushed_at": "2019-09-07T15:07:24Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 5,
+ "forks": 5,
+ "watchers": 3,
+ "score": 0
+ },
{
"id": 207703935,
"name": "CVE-2019-0708",
diff --git a/2019/CVE-2019-0709.json b/2019/CVE-2019-0709.json
index 5a0d6be374..e6532cea6f 100644
--- a/2019/CVE-2019-0709.json
+++ b/2019/CVE-2019-0709.json
@@ -21,5 +21,28 @@
"forks": 0,
"watchers": 0,
"score": 0
+ },
+ {
+ "id": 189527128,
+ "name": "CVE-2019-0709",
+ "full_name": "qq431169079\/CVE-2019-0709",
+ "owner": {
+ "login": "qq431169079",
+ "id": 42376039,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/42376039?v=4",
+ "html_url": "https:\/\/github.com\/qq431169079"
+ },
+ "html_url": "https:\/\/github.com\/qq431169079\/CVE-2019-0709",
+ "description": "Exploit In Progress",
+ "fork": false,
+ "created_at": "2019-05-31T04:23:39Z",
+ "updated_at": "2019-05-31T23:10:21Z",
+ "pushed_at": "2019-05-26T15:25:10Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-0859.json b/2019/CVE-2019-0859.json
index ae15b7ca0a..b0508fd90c 100644
--- a/2019/CVE-2019-0859.json
+++ b/2019/CVE-2019-0859.json
@@ -13,13 +13,13 @@
"description": "CVE-2019-0859 1day Exploit",
"fork": false,
"created_at": "2019-06-07T04:37:34Z",
- "updated_at": "2020-03-27T08:47:15Z",
+ "updated_at": "2020-03-28T02:44:00Z",
"pushed_at": "2020-02-11T06:46:50Z",
- "stargazers_count": 112,
- "watchers_count": 112,
+ "stargazers_count": 113,
+ "watchers_count": 113,
"forks_count": 37,
"forks": 37,
- "watchers": 112,
+ "watchers": 113,
"score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-1003000.json b/2019/CVE-2019-1003000.json
index dc2796d327..db410c211a 100644
--- a/2019/CVE-2019-1003000.json
+++ b/2019/CVE-2019-1003000.json
@@ -21,5 +21,74 @@
"forks": 25,
"watchers": 50,
"score": 0
+ },
+ {
+ "id": 170809838,
+ "name": "cve-2019-1003000-jenkins-rce-poc",
+ "full_name": "adamyordan\/cve-2019-1003000-jenkins-rce-poc",
+ "owner": {
+ "login": "adamyordan",
+ "id": 9531164,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9531164?v=4",
+ "html_url": "https:\/\/github.com\/adamyordan"
+ },
+ "html_url": "https:\/\/github.com\/adamyordan\/cve-2019-1003000-jenkins-rce-poc",
+ "description": "Jenkins RCE Proof-of-Concept: SECURITY-1266 \/ CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)",
+ "fork": false,
+ "created_at": "2019-02-15T05:59:24Z",
+ "updated_at": "2020-03-26T08:12:01Z",
+ "pushed_at": "2019-04-01T13:19:49Z",
+ "stargazers_count": 246,
+ "watchers_count": 246,
+ "forks_count": 72,
+ "forks": 72,
+ "watchers": 246,
+ "score": 0
+ },
+ {
+ "id": 172198653,
+ "name": "CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins",
+ "full_name": "0xtavian\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins",
+ "owner": {
+ "login": "0xtavian",
+ "id": 21030907,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/21030907?v=4",
+ "html_url": "https:\/\/github.com\/0xtavian"
+ },
+ "html_url": "https:\/\/github.com\/0xtavian\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins",
+ "description": "Python CVE-2019-1003000 and CVE-2018-1999002 Pre-Auth RCE Jenkins ",
+ "fork": false,
+ "created_at": "2019-02-23T10:00:03Z",
+ "updated_at": "2020-03-13T16:16:07Z",
+ "pushed_at": "2019-02-23T10:01:26Z",
+ "stargazers_count": 5,
+ "watchers_count": 5,
+ "forks_count": 3,
+ "forks": 3,
+ "watchers": 5,
+ "score": 0
+ },
+ {
+ "id": 183322760,
+ "name": "CVE-2019-1003000_RCE-DETECTION",
+ "full_name": "1NTheKut\/CVE-2019-1003000_RCE-DETECTION",
+ "owner": {
+ "login": "1NTheKut",
+ "id": 26243759,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26243759?v=4",
+ "html_url": "https:\/\/github.com\/1NTheKut"
+ },
+ "html_url": "https:\/\/github.com\/1NTheKut\/CVE-2019-1003000_RCE-DETECTION",
+ "description": "A C# module to detect if a Jenkins server is vulnerable to the RCE vulnerability found in CVE-2019-1003000 (chained with CVE-2018-1000861 for pre-auth RCE)",
+ "fork": false,
+ "created_at": "2019-04-24T23:52:42Z",
+ "updated_at": "2019-05-13T06:00:34Z",
+ "pushed_at": "2019-05-01T07:11:28Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 1,
+ "score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-10149.json b/2019/CVE-2019-10149.json
index 6853ff0382..17c9ec58fe 100644
--- a/2019/CVE-2019-10149.json
+++ b/2019/CVE-2019-10149.json
@@ -1,4 +1,165 @@
[
+ {
+ "id": 191233980,
+ "name": "exim-rce-quickfix",
+ "full_name": "bananaphones\/exim-rce-quickfix",
+ "owner": {
+ "login": "bananaphones",
+ "id": 4877449,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4877449?v=4",
+ "html_url": "https:\/\/github.com\/bananaphones"
+ },
+ "html_url": "https:\/\/github.com\/bananaphones\/exim-rce-quickfix",
+ "description": "quick fix for CVE-2019-10149, works on Debian\\Ubuntu\\Centos",
+ "fork": false,
+ "created_at": "2019-06-10T19:37:05Z",
+ "updated_at": "2020-01-11T07:45:20Z",
+ "pushed_at": "2019-06-14T10:16:02Z",
+ "stargazers_count": 20,
+ "watchers_count": 20,
+ "forks_count": 18,
+ "forks": 18,
+ "watchers": 20,
+ "score": 0
+ },
+ {
+ "id": 191493140,
+ "name": "eximrce-CVE-2019-10149",
+ "full_name": "cowbe0x004\/eximrce-CVE-2019-10149",
+ "owner": {
+ "login": "cowbe0x004",
+ "id": 3072913,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3072913?v=4",
+ "html_url": "https:\/\/github.com\/cowbe0x004"
+ },
+ "html_url": "https:\/\/github.com\/cowbe0x004\/eximrce-CVE-2019-10149",
+ "description": "simple python socket connection to test if exim is vulnerable to CVE-2019-10149. The payload simply touch a file in \/tmp\/eximrce.",
+ "fork": false,
+ "created_at": "2019-06-12T03:47:16Z",
+ "updated_at": "2019-11-15T03:38:41Z",
+ "pushed_at": "2019-07-08T18:25:12Z",
+ "stargazers_count": 9,
+ "watchers_count": 9,
+ "forks_count": 9,
+ "forks": 9,
+ "watchers": 9,
+ "score": 0
+ },
+ {
+ "id": 191845568,
+ "name": "PoC--CVE-2019-10149_Exim",
+ "full_name": "MNEMO-CERT\/PoC--CVE-2019-10149_Exim",
+ "owner": {
+ "login": "MNEMO-CERT",
+ "id": 51804856,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/51804856?v=4",
+ "html_url": "https:\/\/github.com\/MNEMO-CERT"
+ },
+ "html_url": "https:\/\/github.com\/MNEMO-CERT\/PoC--CVE-2019-10149_Exim",
+ "description": "PoC for CVE-2019-10149, this vulnerability could be xploited betwen 4-87 to 4.91 version of Exim server.",
+ "fork": false,
+ "created_at": "2019-06-13T23:21:53Z",
+ "updated_at": "2020-03-13T15:08:28Z",
+ "pushed_at": "2019-06-18T14:57:22Z",
+ "stargazers_count": 11,
+ "watchers_count": 11,
+ "forks_count": 4,
+ "forks": 4,
+ "watchers": 11,
+ "score": 0
+ },
+ {
+ "id": 191952969,
+ "name": "CVE-2019-10149-quick",
+ "full_name": "aishee\/CVE-2019-10149-quick",
+ "owner": {
+ "login": "aishee",
+ "id": 8377283,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8377283?v=4",
+ "html_url": "https:\/\/github.com\/aishee"
+ },
+ "html_url": "https:\/\/github.com\/aishee\/CVE-2019-10149-quick",
+ "description": "Simple Bash shell quick fix CVE-2019-10149",
+ "fork": false,
+ "created_at": "2019-06-14T14:02:43Z",
+ "updated_at": "2019-06-14T14:03:33Z",
+ "pushed_at": "2019-06-14T14:03:31Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 194002154,
+ "name": "CVE-2019-10149-privilege-escalation",
+ "full_name": "AzizMea\/CVE-2019-10149-privilege-escalation",
+ "owner": {
+ "login": "AzizMea",
+ "id": 30970260,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/30970260?v=4",
+ "html_url": "https:\/\/github.com\/AzizMea"
+ },
+ "html_url": "https:\/\/github.com\/AzizMea\/CVE-2019-10149-privilege-escalation",
+ "description": "CVE-2019-10149 privilege escalation",
+ "fork": false,
+ "created_at": "2019-06-27T01:34:41Z",
+ "updated_at": "2020-01-07T08:25:21Z",
+ "pushed_at": "2019-06-27T17:46:25Z",
+ "stargazers_count": 8,
+ "watchers_count": 8,
+ "forks_count": 5,
+ "forks": 5,
+ "watchers": 8,
+ "score": 0
+ },
+ {
+ "id": 198729185,
+ "name": "StickyExim",
+ "full_name": "Brets0150\/StickyExim",
+ "owner": {
+ "login": "Brets0150",
+ "id": 40045956,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40045956?v=4",
+ "html_url": "https:\/\/github.com\/Brets0150"
+ },
+ "html_url": "https:\/\/github.com\/Brets0150\/StickyExim",
+ "description": "Exim Honey Pot for CVE-2019-10149 exploit attempts.",
+ "fork": false,
+ "created_at": "2019-07-25T00:46:37Z",
+ "updated_at": "2019-08-06T20:21:47Z",
+ "pushed_at": "2019-08-06T20:21:46Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 206647936,
+ "name": "exim.exp",
+ "full_name": "ChrissHack\/exim.exp",
+ "owner": {
+ "login": "ChrissHack",
+ "id": 36897897,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36897897?v=4",
+ "html_url": "https:\/\/github.com\/ChrissHack"
+ },
+ "html_url": "https:\/\/github.com\/ChrissHack\/exim.exp",
+ "description": "CVE-2019-10149",
+ "fork": false,
+ "created_at": "2019-09-05T20:04:14Z",
+ "updated_at": "2019-09-11T01:27:28Z",
+ "pushed_at": "2019-09-05T20:34:18Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 3,
+ "score": 0
+ },
{
"id": 216513053,
"name": "CVE-2019-10149",
diff --git a/2019/CVE-2019-1040.json b/2019/CVE-2019-1040.json
index 09dca1625e..ff33b70757 100644
--- a/2019/CVE-2019-1040.json
+++ b/2019/CVE-2019-1040.json
@@ -22,6 +22,29 @@
"watchers": 149,
"score": 0
},
+ {
+ "id": 192691928,
+ "name": "UltraRealy_with_CVE-2019-1040",
+ "full_name": "lazaars\/UltraRealy_with_CVE-2019-1040",
+ "owner": {
+ "login": "lazaars",
+ "id": 36127186,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/36127186?v=4",
+ "html_url": "https:\/\/github.com\/lazaars"
+ },
+ "html_url": "https:\/\/github.com\/lazaars\/UltraRealy_with_CVE-2019-1040",
+ "description": "Updated version for the tool UltraRealy with support of the CVE-2019-1040 exploit",
+ "fork": false,
+ "created_at": "2019-06-19T08:32:31Z",
+ "updated_at": "2020-01-20T01:59:12Z",
+ "pushed_at": "2019-06-19T09:15:16Z",
+ "stargazers_count": 12,
+ "watchers_count": 12,
+ "forks_count": 5,
+ "forks": 5,
+ "watchers": 12,
+ "score": 0
+ },
{
"id": 193532426,
"name": "cve-2019-1040-scanner",
diff --git a/2019/CVE-2019-11510.json b/2019/CVE-2019-11510.json
index 20f6c2bb33..3d4c8a4161 100644
--- a/2019/CVE-2019-11510.json
+++ b/2019/CVE-2019-11510.json
@@ -22,6 +22,144 @@
"watchers": 300,
"score": 0
},
+ {
+ "id": 203567273,
+ "name": "Pulse",
+ "full_name": "ladyleet1337\/Pulse",
+ "owner": {
+ "login": "ladyleet1337",
+ "id": 26109832,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/26109832?v=4",
+ "html_url": "https:\/\/github.com\/ladyleet1337"
+ },
+ "html_url": "https:\/\/github.com\/ladyleet1337\/Pulse",
+ "description": "Pulse Secure VPN CVE-2019-11510",
+ "fork": false,
+ "created_at": "2019-08-21T11:08:48Z",
+ "updated_at": "2019-11-13T06:46:41Z",
+ "pushed_at": "2019-08-21T12:03:54Z",
+ "stargazers_count": 4,
+ "watchers_count": 4,
+ "forks_count": 2,
+ "forks": 2,
+ "watchers": 4,
+ "score": 0
+ },
+ {
+ "id": 203747377,
+ "name": "CVE-2019-11510-poc",
+ "full_name": "imjdl\/CVE-2019-11510-poc",
+ "owner": {
+ "login": "imjdl",
+ "id": 31382943,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/31382943?v=4",
+ "html_url": "https:\/\/github.com\/imjdl"
+ },
+ "html_url": "https:\/\/github.com\/imjdl\/CVE-2019-11510-poc",
+ "description": "Pulse Secure SSL VPN pre-auth file reading",
+ "fork": false,
+ "created_at": "2019-08-22T08:18:19Z",
+ "updated_at": "2020-01-13T04:41:30Z",
+ "pushed_at": "2019-08-26T19:33:43Z",
+ "stargazers_count": 39,
+ "watchers_count": 39,
+ "forks_count": 15,
+ "forks": 15,
+ "watchers": 39,
+ "score": 0
+ },
+ {
+ "id": 204579243,
+ "name": "CVE-2019-11510_poc",
+ "full_name": "es0\/CVE-2019-11510_poc",
+ "owner": {
+ "login": "es0",
+ "id": 10739380,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10739380?v=4",
+ "html_url": "https:\/\/github.com\/es0"
+ },
+ "html_url": "https:\/\/github.com\/es0\/CVE-2019-11510_poc",
+ "description": "PoC for CVE-2019-11510 | Pulse Secure 8.1R15.1\/8.2\/8.3\/9.0 SSL VPN - Arbitrary File Disclosure vulnerability",
+ "fork": false,
+ "created_at": "2019-08-26T23:30:15Z",
+ "updated_at": "2020-02-27T09:47:01Z",
+ "pushed_at": "2019-08-27T00:52:49Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 2,
+ "score": 0
+ },
+ {
+ "id": 204608508,
+ "name": "http-pulse_ssl_vpn.nse",
+ "full_name": "r00tpgp\/http-pulse_ssl_vpn.nse",
+ "owner": {
+ "login": "r00tpgp",
+ "id": 29351179,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29351179?v=4",
+ "html_url": "https:\/\/github.com\/r00tpgp"
+ },
+ "html_url": "https:\/\/github.com\/r00tpgp\/http-pulse_ssl_vpn.nse",
+ "description": "Nmap NSE script to detect Pulse Secure SSL VPN file disclosure CVE-2019-11510",
+ "fork": false,
+ "created_at": "2019-08-27T03:04:19Z",
+ "updated_at": "2019-12-17T15:16:20Z",
+ "pushed_at": "2019-08-27T07:03:26Z",
+ "stargazers_count": 11,
+ "watchers_count": 11,
+ "forks_count": 4,
+ "forks": 4,
+ "watchers": 11,
+ "score": 0
+ },
+ {
+ "id": 204666616,
+ "name": "CVE-2019-11510-1",
+ "full_name": "jas502n\/CVE-2019-11510-1",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11510-1",
+ "description": "SSL VPN Rce",
+ "fork": false,
+ "created_at": "2019-08-27T09:21:10Z",
+ "updated_at": "2020-03-13T12:32:14Z",
+ "pushed_at": "2019-08-27T09:29:05Z",
+ "stargazers_count": 48,
+ "watchers_count": 48,
+ "forks_count": 15,
+ "forks": 15,
+ "watchers": 48,
+ "score": 0
+ },
+ {
+ "id": 205106127,
+ "name": "CVE-2019-11510",
+ "full_name": "jason3e7\/CVE-2019-11510",
+ "owner": {
+ "login": "jason3e7",
+ "id": 3059297,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/3059297?v=4",
+ "html_url": "https:\/\/github.com\/jason3e7"
+ },
+ "html_url": "https:\/\/github.com\/jason3e7\/CVE-2019-11510",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-08-29T07:27:57Z",
+ "updated_at": "2019-08-29T07:28:54Z",
+ "pushed_at": "2019-08-29T07:28:52Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 207348255,
"name": "pwn-pulse",
diff --git a/2019/CVE-2019-11580.json b/2019/CVE-2019-11580.json
index 3f458c656f..1a7c80eb20 100644
--- a/2019/CVE-2019-11580.json
+++ b/2019/CVE-2019-11580.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 197342430,
+ "name": "CVE-2019-11580",
+ "full_name": "jas502n\/CVE-2019-11580",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11580",
+ "description": "CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE",
+ "fork": false,
+ "created_at": "2019-07-17T07:54:38Z",
+ "updated_at": "2020-03-16T09:45:02Z",
+ "pushed_at": "2019-07-18T10:03:28Z",
+ "stargazers_count": 74,
+ "watchers_count": 74,
+ "forks_count": 17,
+ "forks": 17,
+ "watchers": 74,
+ "score": 0
+ },
{
"id": 245476096,
"name": "CVE-2019-11580",
diff --git a/2019/CVE-2019-11581.json b/2019/CVE-2019-11581.json
index 34d9ea526f..fa06d6748e 100644
--- a/2019/CVE-2019-11581.json
+++ b/2019/CVE-2019-11581.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 197105656,
+ "name": "CVE-2019-11581",
+ "full_name": "jas502n\/CVE-2019-11581",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11581",
+ "description": "Atlassian JIRA Template injection vulnerability RCE",
+ "fork": false,
+ "created_at": "2019-07-16T02:27:00Z",
+ "updated_at": "2020-03-23T11:27:34Z",
+ "pushed_at": "2019-07-22T06:47:52Z",
+ "stargazers_count": 62,
+ "watchers_count": 62,
+ "forks_count": 20,
+ "forks": 20,
+ "watchers": 62,
+ "score": 0
+ },
{
"id": 198763431,
"name": "CVE-2019-11581",
diff --git a/2019/CVE-2019-11932.json b/2019/CVE-2019-11932.json
index 6d0ab1a282..856bbfb657 100644
--- a/2019/CVE-2019-11932.json
+++ b/2019/CVE-2019-11932.json
@@ -228,5 +228,28 @@
"forks": 0,
"watchers": 5,
"score": 0
+ },
+ {
+ "id": 239654888,
+ "name": "https-github.com-awakened171",
+ "full_name": "dashtic172\/https-github.com-awakened171",
+ "owner": {
+ "login": "dashtic172",
+ "id": 60906735,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/60906735?v=4",
+ "html_url": "https:\/\/github.com\/dashtic172"
+ },
+ "html_url": "https:\/\/github.com\/dashtic172\/https-github.com-awakened171",
+ "description": "https:\/\/github.com\/awakened1712\/CVE-2019-11932",
+ "fork": false,
+ "created_at": "2020-02-11T02:00:14Z",
+ "updated_at": "2020-02-11T02:00:14Z",
+ "pushed_at": "2020-02-11T02:00:15Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-12272.json b/2019/CVE-2019-12272.json
index b1de24a829..c1abb682e6 100644
--- a/2019/CVE-2019-12272.json
+++ b/2019/CVE-2019-12272.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 195171033,
+ "name": "LuCI_RCE_exp",
+ "full_name": "HACHp1\/LuCI_RCE_exp",
+ "owner": {
+ "login": "HACHp1",
+ "id": 25722416,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25722416?v=4",
+ "html_url": "https:\/\/github.com\/HACHp1"
+ },
+ "html_url": "https:\/\/github.com\/HACHp1\/LuCI_RCE_exp",
+ "description": "Exp of cve-2019-12272",
+ "fork": false,
+ "created_at": "2019-07-04T04:54:36Z",
+ "updated_at": "2020-01-27T05:11:01Z",
+ "pushed_at": "2019-07-10T04:33:30Z",
+ "stargazers_count": 12,
+ "watchers_count": 12,
+ "forks_count": 3,
+ "forks": 3,
+ "watchers": 12,
+ "score": 0
+ },
{
"id": 226418974,
"name": "lede-17.01.3",
diff --git a/2019/CVE-2019-12384.json b/2019/CVE-2019-12384.json
index 34a02fedd9..b058d7b64c 100644
--- a/2019/CVE-2019-12384.json
+++ b/2019/CVE-2019-12384.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 198579428,
+ "name": "CVE-2019-12384",
+ "full_name": "jas502n\/CVE-2019-12384",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-12384",
+ "description": "Jackson Rce For CVE-2019-12384 ",
+ "fork": false,
+ "created_at": "2019-07-24T07:12:14Z",
+ "updated_at": "2020-03-20T06:34:40Z",
+ "pushed_at": "2019-07-24T07:31:42Z",
+ "stargazers_count": 52,
+ "watchers_count": 52,
+ "forks_count": 12,
+ "forks": 12,
+ "watchers": 52,
+ "score": 0
+ },
{
"id": 198939305,
"name": "Jackson_RCE-CVE-2019-12384",
diff --git a/2019/CVE-2019-13024.json b/2019/CVE-2019-13024.json
index b5671931e8..f4214be885 100644
--- a/2019/CVE-2019-13024.json
+++ b/2019/CVE-2019-13024.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 204202778,
+ "name": "CVE-2019-13024",
+ "full_name": "mhaskar\/CVE-2019-13024",
+ "owner": {
+ "login": "mhaskar",
+ "id": 6861215,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6861215?v=4",
+ "html_url": "https:\/\/github.com\/mhaskar"
+ },
+ "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-13024",
+ "description": "The official exploit code for Centreon v19.04 Remote Code Execution CVE-2019-13024",
+ "fork": false,
+ "created_at": "2019-08-24T19:26:19Z",
+ "updated_at": "2020-01-23T08:21:19Z",
+ "pushed_at": "2019-08-24T19:27:24Z",
+ "stargazers_count": 8,
+ "watchers_count": 8,
+ "forks_count": 4,
+ "forks": 4,
+ "watchers": 8,
+ "score": 0
+ },
{
"id": 220509225,
"name": "Centreon-RCE",
diff --git a/2019/CVE-2019-13272.json b/2019/CVE-2019-13272.json
index 55fc40cc5d..c0fa8e0ab8 100644
--- a/2019/CVE-2019-13272.json
+++ b/2019/CVE-2019-13272.json
@@ -1,4 +1,96 @@
[
+ {
+ "id": 199781061,
+ "name": "CVE-2019-13272",
+ "full_name": "jas502n\/CVE-2019-13272",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-13272",
+ "description": "Linux 4.10 < 5.1.17 PTRACE_TRACEME local root",
+ "fork": false,
+ "created_at": "2019-07-31T04:51:43Z",
+ "updated_at": "2020-03-26T19:13:34Z",
+ "pushed_at": "2019-08-01T16:02:59Z",
+ "stargazers_count": 225,
+ "watchers_count": 225,
+ "forks_count": 77,
+ "forks": 77,
+ "watchers": 225,
+ "score": 0
+ },
+ {
+ "id": 199794841,
+ "name": "CVE-2019-13272",
+ "full_name": "Cyc1eC\/CVE-2019-13272",
+ "owner": {
+ "login": "Cyc1eC",
+ "id": 26767829,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26767829?v=4",
+ "html_url": "https:\/\/github.com\/Cyc1eC"
+ },
+ "html_url": "https:\/\/github.com\/Cyc1eC\/CVE-2019-13272",
+ "description": "The exploit for CVE-2019-13272",
+ "fork": false,
+ "created_at": "2019-07-31T06:36:21Z",
+ "updated_at": "2019-12-17T14:57:32Z",
+ "pushed_at": "2019-07-31T07:05:04Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 5,
+ "forks": 5,
+ "watchers": 3,
+ "score": 0
+ },
+ {
+ "id": 200459882,
+ "name": "cve-2019-13272",
+ "full_name": "bigbigliang-malwarebenchmark\/cve-2019-13272",
+ "owner": {
+ "login": "bigbigliang-malwarebenchmark",
+ "id": 45776349,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45776349?v=4",
+ "html_url": "https:\/\/github.com\/bigbigliang-malwarebenchmark"
+ },
+ "html_url": "https:\/\/github.com\/bigbigliang-malwarebenchmark\/cve-2019-13272",
+ "description": "提权漏洞",
+ "fork": false,
+ "created_at": "2019-08-04T06:51:36Z",
+ "updated_at": "2019-09-12T15:32:19Z",
+ "pushed_at": "2019-08-04T07:06:47Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 200948343,
+ "name": "CVE-2019-13272",
+ "full_name": "oneoy\/CVE-2019-13272",
+ "owner": {
+ "login": "oneoy",
+ "id": 38435398,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/38435398?v=4",
+ "html_url": "https:\/\/github.com\/oneoy"
+ },
+ "html_url": "https:\/\/github.com\/oneoy\/CVE-2019-13272",
+ "description": "linux 提权",
+ "fork": false,
+ "created_at": "2019-08-07T01:21:26Z",
+ "updated_at": "2020-03-25T06:34:45Z",
+ "pushed_at": "2019-08-07T01:21:38Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 4,
+ "forks": 4,
+ "watchers": 3,
+ "score": 0
+ },
{
"id": 209440455,
"name": "CVE-2019-13272",
diff --git a/2019/CVE-2019-14287.json b/2019/CVE-2019-14287.json
index 5a084ea8a8..f5dde6b504 100644
--- a/2019/CVE-2019-14287.json
+++ b/2019/CVE-2019-14287.json
@@ -251,5 +251,28 @@
"forks": 0,
"watchers": 2,
"score": 0
+ },
+ {
+ "id": 239374146,
+ "name": "Dockerized-CVE-2019-14287",
+ "full_name": "CMNatic\/Dockerized-CVE-2019-14287",
+ "owner": {
+ "login": "CMNatic",
+ "id": 4163116,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4163116?v=4",
+ "html_url": "https:\/\/github.com\/CMNatic"
+ },
+ "html_url": "https:\/\/github.com\/CMNatic\/Dockerized-CVE-2019-14287",
+ "description": "Containerized and deployable use of the CVE-2019-14287 vuln. View README.md for more.",
+ "fork": false,
+ "created_at": "2020-02-09T21:05:20Z",
+ "updated_at": "2020-02-19T07:14:32Z",
+ "pushed_at": "2020-02-09T21:28:10Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-1458.json b/2019/CVE-2019-1458.json
index 681142e3ed..ad1ec04d3e 100644
--- a/2019/CVE-2019-1458.json
+++ b/2019/CVE-2019-1458.json
@@ -40,8 +40,8 @@
"pushed_at": "2020-03-11T09:59:01Z",
"stargazers_count": 52,
"watchers_count": 52,
- "forks_count": 9,
- "forks": 9,
+ "forks_count": 10,
+ "forks": 10,
"watchers": 52,
"score": 0
}
diff --git a/2019/CVE-2019-15107.json b/2019/CVE-2019-15107.json
index 3c007faabb..e8036df16c 100644
--- a/2019/CVE-2019-15107.json
+++ b/2019/CVE-2019-15107.json
@@ -1,4 +1,119 @@
[
+ {
+ "id": 203123412,
+ "name": "CVE-2019-15107",
+ "full_name": "jas502n\/CVE-2019-15107",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-15107",
+ "description": "CVE-2019-15107 Webmin RCE (unauthorized)",
+ "fork": false,
+ "created_at": "2019-08-19T07:43:16Z",
+ "updated_at": "2020-03-13T11:52:07Z",
+ "pushed_at": "2019-09-02T16:06:19Z",
+ "stargazers_count": 43,
+ "watchers_count": 43,
+ "forks_count": 16,
+ "forks": 16,
+ "watchers": 43,
+ "score": 0
+ },
+ {
+ "id": 203752840,
+ "name": "webmin_docker_and_exp",
+ "full_name": "HACHp1\/webmin_docker_and_exp",
+ "owner": {
+ "login": "HACHp1",
+ "id": 25722416,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25722416?v=4",
+ "html_url": "https:\/\/github.com\/HACHp1"
+ },
+ "html_url": "https:\/\/github.com\/HACHp1\/webmin_docker_and_exp",
+ "description": "Dockerfiles for CVE-2019-15107(webmin RCE) recurrence including v1.890 and v1.920 with Exp for each version.",
+ "fork": false,
+ "created_at": "2019-08-22T08:48:07Z",
+ "updated_at": "2019-08-29T11:15:41Z",
+ "pushed_at": "2019-08-22T08:58:55Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 203787157,
+ "name": "CVE-2019-15107",
+ "full_name": "ketlerd\/CVE-2019-15107",
+ "owner": {
+ "login": "ketlerd",
+ "id": 4441136,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4441136?v=4",
+ "html_url": "https:\/\/github.com\/ketlerd"
+ },
+ "html_url": "https:\/\/github.com\/ketlerd\/CVE-2019-15107",
+ "description": "Implementation of CVE-2019-15107 exploit in python",
+ "fork": false,
+ "created_at": "2019-08-22T12:07:16Z",
+ "updated_at": "2019-12-17T15:16:20Z",
+ "pushed_at": "2019-08-24T01:37:01Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 203983183,
+ "name": "CVE-2019-15107",
+ "full_name": "AdministratorGithub\/CVE-2019-15107",
+ "owner": {
+ "login": "AdministratorGithub",
+ "id": 19834937,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19834937?v=4",
+ "html_url": "https:\/\/github.com\/AdministratorGithub"
+ },
+ "html_url": "https:\/\/github.com\/AdministratorGithub\/CVE-2019-15107",
+ "description": "CVE-2019-15107 webmin python3",
+ "fork": false,
+ "created_at": "2019-08-23T11:10:01Z",
+ "updated_at": "2019-12-17T15:16:20Z",
+ "pushed_at": "2019-08-23T11:11:43Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 2,
+ "forks": 2,
+ "watchers": 3,
+ "score": 0
+ },
+ {
+ "id": 204250667,
+ "name": "CVE-2019-15107",
+ "full_name": "taygergix\/CVE-2019-15107",
+ "owner": {
+ "login": "taygergix",
+ "id": 36177626,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/36177626?v=4",
+ "html_url": "https:\/\/github.com\/taygergix"
+ },
+ "html_url": "https:\/\/github.com\/taygergix\/CVE-2019-15107",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-08-25T05:31:11Z",
+ "updated_at": "2020-02-14T08:42:33Z",
+ "pushed_at": "2019-08-25T06:03:31Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 210371345,
"name": "Make-and-Break",
diff --git a/2019/CVE-2019-15126.json b/2019/CVE-2019-15126.json
index a71afc1f64..dc4ffab7e1 100644
--- a/2019/CVE-2019-15126.json
+++ b/2019/CVE-2019-15126.json
@@ -40,8 +40,8 @@
"pushed_at": "2020-03-22T19:46:04Z",
"stargazers_count": 111,
"watchers_count": 111,
- "forks_count": 28,
- "forks": 28,
+ "forks_count": 29,
+ "forks": 29,
"watchers": 111,
"score": 0
},
diff --git a/2019/CVE-2019-17564.json b/2019/CVE-2019-17564.json
index 0ff8ec15de..1aa7d4cc16 100644
--- a/2019/CVE-2019-17564.json
+++ b/2019/CVE-2019-17564.json
@@ -1,4 +1,73 @@
[
+ {
+ "id": 239930294,
+ "name": "CVE-2019-17564",
+ "full_name": "r00t4dm\/CVE-2019-17564",
+ "owner": {
+ "login": "r00t4dm",
+ "id": 36941976,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/36941976?v=4",
+ "html_url": "https:\/\/github.com\/r00t4dm"
+ },
+ "html_url": "https:\/\/github.com\/r00t4dm\/CVE-2019-17564",
+ "description": null,
+ "fork": false,
+ "created_at": "2020-02-12T04:55:51Z",
+ "updated_at": "2020-02-12T07:41:08Z",
+ "pushed_at": "2020-02-12T07:41:06Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 240153600,
+ "name": "CVE-2019-17564",
+ "full_name": "Jaky5155\/CVE-2019-17564",
+ "owner": {
+ "login": "Jaky5155",
+ "id": 47801640,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/47801640?v=4",
+ "html_url": "https:\/\/github.com\/Jaky5155"
+ },
+ "html_url": "https:\/\/github.com\/Jaky5155\/CVE-2019-17564",
+ "description": "CVE-2019-17564 Apache Dubbo deserialization RCE",
+ "fork": false,
+ "created_at": "2020-02-13T01:40:50Z",
+ "updated_at": "2020-02-17T01:07:16Z",
+ "pushed_at": "2020-02-13T01:42:21Z",
+ "stargazers_count": 3,
+ "watchers_count": 3,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 3,
+ "score": 0
+ },
+ {
+ "id": 240413864,
+ "name": "CVE-2019-17564",
+ "full_name": "Hu3sky\/CVE-2019-17564",
+ "owner": {
+ "login": "Hu3sky",
+ "id": 37403964,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/37403964?v=4",
+ "html_url": "https:\/\/github.com\/Hu3sky"
+ },
+ "html_url": "https:\/\/github.com\/Hu3sky\/CVE-2019-17564",
+ "description": "CVE-2019-17564 : Apache Dubbo Deserialization Remote Code Execution",
+ "fork": false,
+ "created_at": "2020-02-14T02:41:31Z",
+ "updated_at": "2020-02-14T03:38:04Z",
+ "pushed_at": "2020-02-14T02:45:11Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
{
"id": 241072507,
"name": "CVE-2019-17564",
diff --git a/2019/CVE-2019-17570.json b/2019/CVE-2019-17570.json
index e22562aa6b..7c16f824a8 100644
--- a/2019/CVE-2019-17570.json
+++ b/2019/CVE-2019-17570.json
@@ -21,5 +21,28 @@
"forks": 0,
"watchers": 1,
"score": 0
+ },
+ {
+ "id": 235991076,
+ "name": "xmlrpc-common-deserialization",
+ "full_name": "orangecertcc\/xmlrpc-common-deserialization",
+ "owner": {
+ "login": "orangecertcc",
+ "id": 48210684,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/48210684?v=4",
+ "html_url": "https:\/\/github.com\/orangecertcc"
+ },
+ "html_url": "https:\/\/github.com\/orangecertcc\/xmlrpc-common-deserialization",
+ "description": "CVE-2019-17570 details and proof of concept",
+ "fork": false,
+ "created_at": "2020-01-24T11:32:18Z",
+ "updated_at": "2020-03-24T05:44:54Z",
+ "pushed_at": "2020-01-31T15:33:06Z",
+ "stargazers_count": 57,
+ "watchers_count": 57,
+ "forks_count": 6,
+ "forks": 6,
+ "watchers": 57,
+ "score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-18634.json b/2019/CVE-2019-18634.json
index 19e5e7ea3a..edf4bae659 100644
--- a/2019/CVE-2019-18634.json
+++ b/2019/CVE-2019-18634.json
@@ -45,6 +45,29 @@
"watchers": 29,
"score": 0
},
+ {
+ "id": 240249499,
+ "name": "CVE-2019-18634",
+ "full_name": "N1et\/CVE-2019-18634",
+ "owner": {
+ "login": "N1et",
+ "id": 34748334,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/34748334?v=4",
+ "html_url": "https:\/\/github.com\/N1et"
+ },
+ "html_url": "https:\/\/github.com\/N1et\/CVE-2019-18634",
+ "description": "Exploit for CVE-2019-18634",
+ "fork": false,
+ "created_at": "2020-02-13T11:57:38Z",
+ "updated_at": "2020-02-14T22:48:40Z",
+ "pushed_at": "2020-02-13T12:18:13Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
{
"id": 245932147,
"name": "CVE-2019-18634",
diff --git a/2019/CVE-2019-19356.json b/2019/CVE-2019-19356.json
index 5a51a83820..100e242222 100644
--- a/2019/CVE-2019-19356.json
+++ b/2019/CVE-2019-19356.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 227586233,
+ "name": "CVE-2019-19356",
+ "full_name": "shadowgatt\/CVE-2019-19356",
+ "owner": {
+ "login": "shadowgatt",
+ "id": 45848149,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/45848149?v=4",
+ "html_url": "https:\/\/github.com\/shadowgatt"
+ },
+ "html_url": "https:\/\/github.com\/shadowgatt\/CVE-2019-19356",
+ "description": "Netis router RCE exploit ( CVE-2019-19356)",
+ "fork": false,
+ "created_at": "2019-12-12T11:01:23Z",
+ "updated_at": "2020-03-18T10:52:13Z",
+ "pushed_at": "2020-02-10T17:53:30Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 2,
+ "score": 0
+ },
{
"id": 247021488,
"name": "CVE-2019-19356",
diff --git a/2019/CVE-2019-19781.json b/2019/CVE-2019-19781.json
index d20de1fef4..205a0be71f 100644
--- a/2019/CVE-2019-19781.json
+++ b/2019/CVE-2019-19781.json
@@ -68,6 +68,29 @@
"watchers": 474,
"score": 0
},
+ {
+ "id": 233152918,
+ "name": "check-cve-2019-19781",
+ "full_name": "cisagov\/check-cve-2019-19781",
+ "owner": {
+ "login": "cisagov",
+ "id": 18539691,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/18539691?v=4",
+ "html_url": "https:\/\/github.com\/cisagov"
+ },
+ "html_url": "https:\/\/github.com\/cisagov\/check-cve-2019-19781",
+ "description": "Test a host for susceptibility to CVE-2019-19781",
+ "fork": false,
+ "created_at": "2020-01-11T00:26:16Z",
+ "updated_at": "2020-03-04T15:17:18Z",
+ "pushed_at": "2020-01-31T17:06:55Z",
+ "stargazers_count": 91,
+ "watchers_count": 91,
+ "forks_count": 24,
+ "forks": 24,
+ "watchers": 91,
+ "score": 0
+ },
{
"id": 233168483,
"name": "CVE-2019-19781",
@@ -275,6 +298,29 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 233473212,
+ "name": "CVE-2019-19781",
+ "full_name": "x1sec\/CVE-2019-19781",
+ "owner": {
+ "login": "x1sec",
+ "id": 11153104,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11153104?v=4",
+ "html_url": "https:\/\/github.com\/x1sec"
+ },
+ "html_url": "https:\/\/github.com\/x1sec\/CVE-2019-19781",
+ "description": "DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781",
+ "fork": false,
+ "created_at": "2020-01-12T23:13:56Z",
+ "updated_at": "2020-02-25T22:54:47Z",
+ "pushed_at": "2020-02-05T11:45:25Z",
+ "stargazers_count": 38,
+ "watchers_count": 38,
+ "forks_count": 9,
+ "forks": 9,
+ "watchers": 38,
+ "score": 0
+ },
{
"id": 233493025,
"name": "CVE-2019-19781",
@@ -367,6 +413,29 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 233943421,
+ "name": "cve-2019-19781-web",
+ "full_name": "zenturacp\/cve-2019-19781-web",
+ "owner": {
+ "login": "zenturacp",
+ "id": 37262317,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37262317?v=4",
+ "html_url": "https:\/\/github.com\/zenturacp"
+ },
+ "html_url": "https:\/\/github.com\/zenturacp\/cve-2019-19781-web",
+ "description": null,
+ "fork": false,
+ "created_at": "2020-01-14T21:54:08Z",
+ "updated_at": "2020-01-28T22:56:43Z",
+ "pushed_at": "2020-01-28T22:56:41Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 234053519,
"name": "CVE-2019-19781-Checker",
@@ -482,6 +551,29 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 234315880,
+ "name": "ADC-19781",
+ "full_name": "j81blog\/ADC-19781",
+ "owner": {
+ "login": "j81blog",
+ "id": 15254164,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15254164?v=4",
+ "html_url": "https:\/\/github.com\/j81blog"
+ },
+ "html_url": "https:\/\/github.com\/j81blog\/ADC-19781",
+ "description": "Check ADC for CVE-2019-19781",
+ "fork": false,
+ "created_at": "2020-01-16T12:33:00Z",
+ "updated_at": "2020-02-09T20:51:16Z",
+ "pushed_at": "2020-02-02T10:48:22Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 1,
+ "score": 0
+ },
{
"id": 234474221,
"name": "Citrix_CVE-2019-19781",
@@ -712,6 +804,75 @@
"watchers": 0,
"score": 0
},
+ {
+ "id": 235755055,
+ "name": "CVE-2019-19781-DFIR-Notes",
+ "full_name": "Azeemering\/CVE-2019-19781-DFIR-Notes",
+ "owner": {
+ "login": "Azeemering",
+ "id": 31852867,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/31852867?v=4",
+ "html_url": "https:\/\/github.com\/Azeemering"
+ },
+ "html_url": "https:\/\/github.com\/Azeemering\/CVE-2019-19781-DFIR-Notes",
+ "description": "My Citrix ADC NetScaler CVE-2019-19781 Vulnerability DFIR notes. ",
+ "fork": false,
+ "created_at": "2020-01-23T08:41:51Z",
+ "updated_at": "2020-01-24T10:45:10Z",
+ "pushed_at": "2020-01-24T10:45:08Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 235820941,
+ "name": "citrixvulncheck",
+ "full_name": "0xams\/citrixvulncheck",
+ "owner": {
+ "login": "0xams",
+ "id": 50754216,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/50754216?v=4",
+ "html_url": "https:\/\/github.com\/0xams"
+ },
+ "html_url": "https:\/\/github.com\/0xams\/citrixvulncheck",
+ "description": "a script to look for CVE-2019-19781 Vulnerability within a domain and it's subdomains",
+ "fork": false,
+ "created_at": "2020-01-23T15:13:04Z",
+ "updated_at": "2020-01-30T05:00:45Z",
+ "pushed_at": "2020-01-30T05:00:44Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 236726768,
+ "name": "CVE-2019-19781",
+ "full_name": "RaulCalvoLaorden\/CVE-2019-19781",
+ "owner": {
+ "login": "RaulCalvoLaorden",
+ "id": 25440046,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25440046?v=4",
+ "html_url": "https:\/\/github.com\/RaulCalvoLaorden"
+ },
+ "html_url": "https:\/\/github.com\/RaulCalvoLaorden\/CVE-2019-19781",
+ "description": "Python CVE-2019-19781 exploit",
+ "fork": false,
+ "created_at": "2020-01-28T12:09:51Z",
+ "updated_at": "2020-01-28T21:23:04Z",
+ "pushed_at": "2020-01-28T15:30:20Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
{
"id": 245795935,
"name": "webcvescanner",
diff --git a/2019/CVE-2019-19844.json b/2019/CVE-2019-19844.json
index 6eed6bb8c2..4597ca39a6 100644
--- a/2019/CVE-2019-19844.json
+++ b/2019/CVE-2019-19844.json
@@ -22,6 +22,29 @@
"watchers": 92,
"score": 0
},
+ {
+ "id": 230083007,
+ "name": "django_cve201919844",
+ "full_name": "andripwn\/django_cve201919844",
+ "owner": {
+ "login": "andripwn",
+ "id": 52893492,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52893492?v=4",
+ "html_url": "https:\/\/github.com\/andripwn"
+ },
+ "html_url": "https:\/\/github.com\/andripwn\/django_cve201919844",
+ "description": "PoC for CVE-2019-19844 ( https:\/\/www.djangoproject.com\/weblog\/2019\/dec\/18\/security-releases\/ )",
+ "fork": false,
+ "created_at": "2019-12-25T10:05:48Z",
+ "updated_at": "2020-02-28T19:42:59Z",
+ "pushed_at": "2020-02-15T03:19:41Z",
+ "stargazers_count": 6,
+ "watchers_count": 6,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 6,
+ "score": 0
+ },
{
"id": 234739158,
"name": "CVE_2019_19844",
diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json
index f898c65219..d17ed07a2f 100644
--- a/2019/CVE-2019-2618.json
+++ b/2019/CVE-2019-2618.json
@@ -1,4 +1,96 @@
[
+ {
+ "id": 181875107,
+ "name": "CVE-2019-2618",
+ "full_name": "pyn3rd\/CVE-2019-2618",
+ "owner": {
+ "login": "pyn3rd",
+ "id": 41412951,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4",
+ "html_url": "https:\/\/github.com\/pyn3rd"
+ },
+ "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2019-2618",
+ "description": "Weblogic Unrestricted File Upload",
+ "fork": false,
+ "created_at": "2019-04-17T11:12:32Z",
+ "updated_at": "2020-01-30T15:19:28Z",
+ "pushed_at": "2019-04-17T11:13:29Z",
+ "stargazers_count": 44,
+ "watchers_count": 44,
+ "forks_count": 11,
+ "forks": 11,
+ "watchers": 44,
+ "score": 0
+ },
+ {
+ "id": 181885950,
+ "name": "cve-2019-2618",
+ "full_name": "jas502n\/cve-2019-2618",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/cve-2019-2618",
+ "description": "Weblogic Upload Vuln(Need username password)-CVE-2019-2618",
+ "fork": false,
+ "created_at": "2019-04-17T12:23:24Z",
+ "updated_at": "2020-03-22T19:07:19Z",
+ "pushed_at": "2019-04-17T15:05:09Z",
+ "stargazers_count": 140,
+ "watchers_count": 140,
+ "forks_count": 49,
+ "forks": 49,
+ "watchers": 140,
+ "score": 0
+ },
+ {
+ "id": 185175648,
+ "name": "CVE-2019-2618-",
+ "full_name": "wsfengfan\/CVE-2019-2618-",
+ "owner": {
+ "login": "wsfengfan",
+ "id": 33821840,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/33821840?v=4",
+ "html_url": "https:\/\/github.com\/wsfengfan"
+ },
+ "html_url": "https:\/\/github.com\/wsfengfan\/CVE-2019-2618-",
+ "description": "CVE-2019-2618-自己编写",
+ "fork": false,
+ "created_at": "2019-05-06T10:33:26Z",
+ "updated_at": "2019-07-17T08:53:14Z",
+ "pushed_at": "2019-07-17T08:53:13Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 193069571,
+ "name": "WeblogicScan",
+ "full_name": "dr0op\/WeblogicScan",
+ "owner": {
+ "login": "dr0op",
+ "id": 21166816,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/21166816?v=4",
+ "html_url": "https:\/\/github.com\/dr0op"
+ },
+ "html_url": "https:\/\/github.com\/dr0op\/WeblogicScan",
+ "description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持",
+ "fork": false,
+ "created_at": "2019-06-21T09:22:43Z",
+ "updated_at": "2020-03-23T19:08:59Z",
+ "pushed_at": "2019-06-24T06:06:48Z",
+ "stargazers_count": 500,
+ "watchers_count": 500,
+ "forks_count": 113,
+ "forks": 113,
+ "watchers": 500,
+ "score": 0
+ },
{
"id": 219771562,
"name": "cve-2019-2618",
diff --git a/2019/CVE-2019-2725.json b/2019/CVE-2019-2725.json
index 516a28caf7..de6da2fd94 100644
--- a/2019/CVE-2019-2725.json
+++ b/2019/CVE-2019-2725.json
@@ -1,4 +1,326 @@
[
+ {
+ "id": 148616806,
+ "name": "javaserializetools",
+ "full_name": "shack2\/javaserializetools",
+ "owner": {
+ "login": "shack2",
+ "id": 26374431,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26374431?v=4",
+ "html_url": "https:\/\/github.com\/shack2"
+ },
+ "html_url": "https:\/\/github.com\/shack2\/javaserializetools",
+ "description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。",
+ "fork": false,
+ "created_at": "2018-09-13T09:44:18Z",
+ "updated_at": "2020-03-20T14:02:09Z",
+ "pushed_at": "2019-08-28T12:05:45Z",
+ "stargazers_count": 181,
+ "watchers_count": 181,
+ "forks_count": 62,
+ "forks": 62,
+ "watchers": 181,
+ "score": 0
+ },
+ {
+ "id": 183346706,
+ "name": "CNVD-C-2019-48814-CNNVD-201904-961",
+ "full_name": "SkyBlueEternal\/CNVD-C-2019-48814-CNNVD-201904-961",
+ "owner": {
+ "login": "SkyBlueEternal",
+ "id": 46418185,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46418185?v=4",
+ "html_url": "https:\/\/github.com\/SkyBlueEternal"
+ },
+ "html_url": "https:\/\/github.com\/SkyBlueEternal\/CNVD-C-2019-48814-CNNVD-201904-961",
+ "description": "CVE-2019-2725poc汇总 更新绕过CVE-2017-10271补丁POC",
+ "fork": false,
+ "created_at": "2019-04-25T03:07:53Z",
+ "updated_at": "2020-03-26T14:53:54Z",
+ "pushed_at": "2019-04-29T02:06:00Z",
+ "stargazers_count": 97,
+ "watchers_count": 97,
+ "forks_count": 35,
+ "forks": 35,
+ "watchers": 97,
+ "score": 0
+ },
+ {
+ "id": 183843413,
+ "name": "CNTA-2019-0014xCVE-2019-2725",
+ "full_name": "iceMatcha\/CNTA-2019-0014xCVE-2019-2725",
+ "owner": {
+ "login": "iceMatcha",
+ "id": 18480525,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/18480525?v=4",
+ "html_url": "https:\/\/github.com\/iceMatcha"
+ },
+ "html_url": "https:\/\/github.com\/iceMatcha\/CNTA-2019-0014xCVE-2019-2725",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-04-28T02:18:42Z",
+ "updated_at": "2019-08-26T16:41:04Z",
+ "pushed_at": "2019-05-13T10:14:01Z",
+ "stargazers_count": 10,
+ "watchers_count": 10,
+ "forks_count": 8,
+ "forks": 8,
+ "watchers": 10,
+ "score": 0
+ },
+ {
+ "id": 184489534,
+ "name": "cve-2019-2725",
+ "full_name": "lasensio\/cve-2019-2725",
+ "owner": {
+ "login": "lasensio",
+ "id": 17970238,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17970238?v=4",
+ "html_url": "https:\/\/github.com\/lasensio"
+ },
+ "html_url": "https:\/\/github.com\/lasensio\/cve-2019-2725",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-01T22:25:14Z",
+ "updated_at": "2020-01-27T15:30:18Z",
+ "pushed_at": "2019-05-01T23:00:39Z",
+ "stargazers_count": 17,
+ "watchers_count": 17,
+ "forks_count": 14,
+ "forks": 14,
+ "watchers": 17,
+ "score": 0
+ },
+ {
+ "id": 184651903,
+ "name": "CVE-2019-2725",
+ "full_name": "davidmthomsen\/CVE-2019-2725",
+ "owner": {
+ "login": "davidmthomsen",
+ "id": 22969004,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22969004?v=4",
+ "html_url": "https:\/\/github.com\/davidmthomsen"
+ },
+ "html_url": "https:\/\/github.com\/davidmthomsen\/CVE-2019-2725",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-02T21:09:36Z",
+ "updated_at": "2019-05-02T21:12:00Z",
+ "pushed_at": "2019-05-02T21:11:59Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 2,
+ "forks": 2,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 185003239,
+ "name": "CVE-2019-2725",
+ "full_name": "leerina\/CVE-2019-2725",
+ "owner": {
+ "login": "leerina",
+ "id": 12816285,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12816285?v=4",
+ "html_url": "https:\/\/github.com\/leerina"
+ },
+ "html_url": "https:\/\/github.com\/leerina\/CVE-2019-2725",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-05T08:34:20Z",
+ "updated_at": "2019-05-24T03:17:10Z",
+ "pushed_at": "2019-05-05T08:39:49Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 2,
+ "score": 0
+ },
+ {
+ "id": 185956531,
+ "name": "cve-2019-2725",
+ "full_name": "zhusx110\/cve-2019-2725",
+ "owner": {
+ "login": "zhusx110",
+ "id": 40231749,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/40231749?v=4",
+ "html_url": "https:\/\/github.com\/zhusx110"
+ },
+ "html_url": "https:\/\/github.com\/zhusx110\/cve-2019-2725",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-05-10T09:07:58Z",
+ "updated_at": "2019-06-17T03:26:56Z",
+ "pushed_at": "2019-05-10T09:09:53Z",
+ "stargazers_count": 7,
+ "watchers_count": 7,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 7,
+ "score": 0
+ },
+ {
+ "id": 189132043,
+ "name": "CVE-2019-2725",
+ "full_name": "lufeirider\/CVE-2019-2725",
+ "owner": {
+ "login": "lufeirider",
+ "id": 13599188,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/13599188?v=4",
+ "html_url": "https:\/\/github.com\/lufeirider"
+ },
+ "html_url": "https:\/\/github.com\/lufeirider\/CVE-2019-2725",
+ "description": "CVE-2019-2725 命令回显",
+ "fork": false,
+ "created_at": "2019-05-29T01:57:05Z",
+ "updated_at": "2020-03-27T05:20:23Z",
+ "pushed_at": "2019-08-08T09:48:20Z",
+ "stargazers_count": 317,
+ "watchers_count": 317,
+ "forks_count": 140,
+ "forks": 140,
+ "watchers": 317,
+ "score": 0
+ },
+ {
+ "id": 190637885,
+ "name": "cve-2019-2725",
+ "full_name": "CVCLabs\/cve-2019-2725",
+ "owner": {
+ "login": "CVCLabs",
+ "id": 40604527,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/40604527?v=4",
+ "html_url": "https:\/\/github.com\/CVCLabs"
+ },
+ "html_url": "https:\/\/github.com\/CVCLabs\/cve-2019-2725",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-06-06T19:27:09Z",
+ "updated_at": "2019-06-06T19:27:29Z",
+ "pushed_at": "2019-06-06T19:27:27Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 191100816,
+ "name": "CVE-2019-2725",
+ "full_name": "TopScrew\/CVE-2019-2725",
+ "owner": {
+ "login": "TopScrew",
+ "id": 35072495,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/35072495?v=4",
+ "html_url": "https:\/\/github.com\/TopScrew"
+ },
+ "html_url": "https:\/\/github.com\/TopScrew\/CVE-2019-2725",
+ "description": "CVE-2019-2725命令回显+webshell上传+最新绕过",
+ "fork": false,
+ "created_at": "2019-06-10T05:12:44Z",
+ "updated_at": "2020-03-27T07:43:45Z",
+ "pushed_at": "2019-06-21T03:33:05Z",
+ "stargazers_count": 121,
+ "watchers_count": 121,
+ "forks_count": 50,
+ "forks": 50,
+ "watchers": 121,
+ "score": 0
+ },
+ {
+ "id": 191266797,
+ "name": "CVE-2019-2725",
+ "full_name": "welove88888\/CVE-2019-2725",
+ "owner": {
+ "login": "welove88888",
+ "id": 29443226,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29443226?v=4",
+ "html_url": "https:\/\/github.com\/welove88888"
+ },
+ "html_url": "https:\/\/github.com\/welove88888\/CVE-2019-2725",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-06-11T00:49:56Z",
+ "updated_at": "2019-07-13T06:03:34Z",
+ "pushed_at": "2019-06-11T00:50:11Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 192078128,
+ "name": "CVE-2019-2725",
+ "full_name": "jiansiting\/CVE-2019-2725",
+ "owner": {
+ "login": "jiansiting",
+ "id": 28823754,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4",
+ "html_url": "https:\/\/github.com\/jiansiting"
+ },
+ "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-2725",
+ "description": "weblogic绕过和wls远程执行",
+ "fork": false,
+ "created_at": "2019-06-15T12:51:19Z",
+ "updated_at": "2020-01-30T15:19:55Z",
+ "pushed_at": "2019-06-15T12:53:21Z",
+ "stargazers_count": 31,
+ "watchers_count": 31,
+ "forks_count": 31,
+ "forks": 31,
+ "watchers": 31,
+ "score": 0
+ },
+ {
+ "id": 192157128,
+ "name": "CVE-2019-2725",
+ "full_name": "kerlingcode\/CVE-2019-2725",
+ "owner": {
+ "login": "kerlingcode",
+ "id": 21171415,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/21171415?v=4",
+ "html_url": "https:\/\/github.com\/kerlingcode"
+ },
+ "html_url": "https:\/\/github.com\/kerlingcode\/CVE-2019-2725",
+ "description": "CVE-2019-2725 bypass pocscan and exp ",
+ "fork": false,
+ "created_at": "2019-06-16T06:17:09Z",
+ "updated_at": "2020-03-17T08:04:13Z",
+ "pushed_at": "2019-06-21T01:44:11Z",
+ "stargazers_count": 10,
+ "watchers_count": 10,
+ "forks_count": 8,
+ "forks": 8,
+ "watchers": 10,
+ "score": 0
+ },
+ {
+ "id": 193466146,
+ "name": "Weblogic",
+ "full_name": "black-mirror\/Weblogic",
+ "owner": {
+ "login": "black-mirror",
+ "id": 42571043,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/42571043?v=4",
+ "html_url": "https:\/\/github.com\/black-mirror"
+ },
+ "html_url": "https:\/\/github.com\/black-mirror\/Weblogic",
+ "description": "Weblogic CVE-2019-2725 CVE-2019-2729 Getshell 命令执行 ",
+ "fork": false,
+ "created_at": "2019-06-24T08:33:07Z",
+ "updated_at": "2020-03-06T04:18:50Z",
+ "pushed_at": "2019-07-15T06:03:15Z",
+ "stargazers_count": 40,
+ "watchers_count": 40,
+ "forks_count": 18,
+ "forks": 18,
+ "watchers": 40,
+ "score": 0
+ },
{
"id": 203902761,
"name": "CVE-2019-2725",
diff --git a/2019/CVE-2019-3396.json b/2019/CVE-2019-3396.json
index a976b114e7..0eecbae45b 100644
--- a/2019/CVE-2019-3396.json
+++ b/2019/CVE-2019-3396.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 180277406,
+ "name": "CVE-2019-3396",
+ "full_name": "dothanthitiendiettiende\/CVE-2019-3396",
+ "owner": {
+ "login": "dothanthitiendiettiende",
+ "id": 29480786,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29480786?v=4",
+ "html_url": "https:\/\/github.com\/dothanthitiendiettiende"
+ },
+ "html_url": "https:\/\/github.com\/dothanthitiendiettiende\/CVE-2019-3396",
+ "description": "Confluence Widget Connector RCE",
+ "fork": false,
+ "created_at": "2019-04-09T03:26:06Z",
+ "updated_at": "2019-04-09T11:34:37Z",
+ "pushed_at": "2019-04-09T03:25:46Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 4,
+ "forks": 4,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 180298650,
"name": "CVE-2019-3396",
@@ -22,6 +45,52 @@
"watchers": 20,
"score": 0
},
+ {
+ "id": 180306648,
+ "name": "CVE-2019-3396",
+ "full_name": "shadowsock5\/CVE-2019-3396",
+ "owner": {
+ "login": "shadowsock5",
+ "id": 30398606,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/30398606?v=4",
+ "html_url": "https:\/\/github.com\/shadowsock5"
+ },
+ "html_url": "https:\/\/github.com\/shadowsock5\/CVE-2019-3396",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-04-09T07:09:32Z",
+ "updated_at": "2019-09-02T09:24:29Z",
+ "pushed_at": "2019-04-09T11:06:58Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 3,
+ "forks": 3,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 180483984,
+ "name": "CVE-2019-3396_EXP",
+ "full_name": "Yt1g3r\/CVE-2019-3396_EXP",
+ "owner": {
+ "login": "Yt1g3r",
+ "id": 12625147,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12625147?v=4",
+ "html_url": "https:\/\/github.com\/Yt1g3r"
+ },
+ "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2019-3396_EXP",
+ "description": "CVE-2019-3396 confluence SSTI RCE",
+ "fork": false,
+ "created_at": "2019-04-10T02:15:47Z",
+ "updated_at": "2020-03-24T04:44:37Z",
+ "pushed_at": "2019-04-12T01:46:33Z",
+ "stargazers_count": 148,
+ "watchers_count": 148,
+ "forks_count": 62,
+ "forks": 62,
+ "watchers": 148,
+ "score": 0
+ },
{
"id": 180484942,
"name": "CVE-2019-3396",
@@ -45,6 +114,144 @@
"watchers": 99,
"score": 0
},
+ {
+ "id": 180485239,
+ "name": "CVE-2019-3396",
+ "full_name": "pyn3rd\/CVE-2019-3396",
+ "owner": {
+ "login": "pyn3rd",
+ "id": 41412951,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4",
+ "html_url": "https:\/\/github.com\/pyn3rd"
+ },
+ "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2019-3396",
+ "description": "Confluence Widget Connector RCE",
+ "fork": false,
+ "created_at": "2019-04-10T02:24:29Z",
+ "updated_at": "2019-11-29T06:43:00Z",
+ "pushed_at": "2019-04-10T02:26:45Z",
+ "stargazers_count": 31,
+ "watchers_count": 31,
+ "forks_count": 14,
+ "forks": 14,
+ "watchers": 31,
+ "score": 0
+ },
+ {
+ "id": 180528467,
+ "name": "CVE-2019-3396",
+ "full_name": "s1xg0d\/CVE-2019-3396",
+ "owner": {
+ "login": "s1xg0d",
+ "id": 8321329,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8321329?v=4",
+ "html_url": "https:\/\/github.com\/s1xg0d"
+ },
+ "html_url": "https:\/\/github.com\/s1xg0d\/CVE-2019-3396",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-04-10T07:39:42Z",
+ "updated_at": "2019-05-13T11:39:51Z",
+ "pushed_at": "2019-05-13T11:39:49Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 180627265,
+ "name": "CVE-2019-3396",
+ "full_name": "quanpt103\/CVE-2019-3396",
+ "owner": {
+ "login": "quanpt103",
+ "id": 45188297,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/45188297?v=4",
+ "html_url": "https:\/\/github.com\/quanpt103"
+ },
+ "html_url": "https:\/\/github.com\/quanpt103\/CVE-2019-3396",
+ "description": "Confluence Widget Connector RCE - ptquan",
+ "fork": false,
+ "created_at": "2019-04-10T17:05:10Z",
+ "updated_at": "2019-04-10T17:06:24Z",
+ "pushed_at": "2019-04-10T17:06:22Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 183862751,
+ "name": "confluence_CVE-2019-3396",
+ "full_name": "vntest11\/confluence_CVE-2019-3396",
+ "owner": {
+ "login": "vntest11",
+ "id": 46453327,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/46453327?v=4",
+ "html_url": "https:\/\/github.com\/vntest11"
+ },
+ "html_url": "https:\/\/github.com\/vntest11\/confluence_CVE-2019-3396",
+ "description": " Confluence Widget Connector path traversal (CVE-2019-3396)",
+ "fork": false,
+ "created_at": "2019-04-28T05:59:21Z",
+ "updated_at": "2019-04-28T06:40:38Z",
+ "pushed_at": "2019-04-28T06:40:36Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 194643451,
+ "name": "test1",
+ "full_name": "tanw923\/test1",
+ "owner": {
+ "login": "tanw923",
+ "id": 49778932,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/49778932?v=4",
+ "html_url": "https:\/\/github.com\/tanw923"
+ },
+ "html_url": "https:\/\/github.com\/tanw923\/test1",
+ "description": "https:\/\/github.com\/Yt1g3r\/CVE-2019-3396_EXP.git",
+ "fork": false,
+ "created_at": "2019-07-01T09:35:17Z",
+ "updated_at": "2019-07-02T15:24:32Z",
+ "pushed_at": "2019-07-02T15:24:30Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 203499284,
+ "name": "CVE-2019-3396-confluence-poc",
+ "full_name": "skommando\/CVE-2019-3396-confluence-poc",
+ "owner": {
+ "login": "skommando",
+ "id": 22767889,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22767889?v=4",
+ "html_url": "https:\/\/github.com\/skommando"
+ },
+ "html_url": "https:\/\/github.com\/skommando\/CVE-2019-3396-confluence-poc",
+ "description": "CVE-2019-3396 漏洞验证txt与模板文件。",
+ "fork": false,
+ "created_at": "2019-08-21T03:30:53Z",
+ "updated_at": "2019-08-21T06:10:16Z",
+ "pushed_at": "2019-08-21T06:09:25Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 218002069,
"name": "CVE-2019-3396TEST",
diff --git a/2019/CVE-2019-5418.json b/2019/CVE-2019-5418.json
index c8b51b895f..0dc100c8e1 100644
--- a/2019/CVE-2019-5418.json
+++ b/2019/CVE-2019-5418.json
@@ -1,4 +1,73 @@
[
+ {
+ "id": 175966226,
+ "name": "CVE-2019-5418",
+ "full_name": "mpgn\/CVE-2019-5418",
+ "owner": {
+ "login": "mpgn",
+ "id": 5891788,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4",
+ "html_url": "https:\/\/github.com\/mpgn"
+ },
+ "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-5418",
+ "description": "CVE-2019-5418 - File Content Disclosure on Ruby on Rails",
+ "fork": false,
+ "created_at": "2019-03-16T11:58:18Z",
+ "updated_at": "2020-03-04T13:44:52Z",
+ "pushed_at": "2019-03-25T07:19:58Z",
+ "stargazers_count": 152,
+ "watchers_count": 152,
+ "forks_count": 13,
+ "forks": 13,
+ "watchers": 152,
+ "score": 0
+ },
+ {
+ "id": 176323109,
+ "name": "CVE-2019-5418",
+ "full_name": "omarkurt\/CVE-2019-5418",
+ "owner": {
+ "login": "omarkurt",
+ "id": 1712468,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1712468?v=4",
+ "html_url": "https:\/\/github.com\/omarkurt"
+ },
+ "html_url": "https:\/\/github.com\/omarkurt\/CVE-2019-5418",
+ "description": "File Content Disclosure on Rails Test Case - CVE-2019-5418",
+ "fork": false,
+ "created_at": "2019-03-18T16:09:13Z",
+ "updated_at": "2019-08-26T16:40:57Z",
+ "pushed_at": "2019-03-18T16:15:25Z",
+ "stargazers_count": 4,
+ "watchers_count": 4,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 4,
+ "score": 0
+ },
+ {
+ "id": 176545257,
+ "name": "CVE-2019-5418-Scanner",
+ "full_name": "brompwnie\/CVE-2019-5418-Scanner",
+ "owner": {
+ "login": "brompwnie",
+ "id": 8638589,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8638589?v=4",
+ "html_url": "https:\/\/github.com\/brompwnie"
+ },
+ "html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-5418-Scanner",
+ "description": "A multi-threaded Golang scanner to identify Ruby endpoints vulnerable to CVE-2019-5418",
+ "fork": false,
+ "created_at": "2019-03-19T15:38:01Z",
+ "updated_at": "2020-01-11T19:10:23Z",
+ "pushed_at": "2019-03-21T17:26:06Z",
+ "stargazers_count": 27,
+ "watchers_count": 27,
+ "forks_count": 12,
+ "forks": 12,
+ "watchers": 27,
+ "score": 0
+ },
{
"id": 177236589,
"name": "Rails-doubletap-RCE",
@@ -22,6 +91,52 @@
"watchers": 93,
"score": 0
},
+ {
+ "id": 178527770,
+ "name": "CVE-2019-5418",
+ "full_name": "takeokunn\/CVE-2019-5418",
+ "owner": {
+ "login": "takeokunn",
+ "id": 11222510,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11222510?v=4",
+ "html_url": "https:\/\/github.com\/takeokunn"
+ },
+ "html_url": "https:\/\/github.com\/takeokunn\/CVE-2019-5418",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-03-30T07:40:11Z",
+ "updated_at": "2019-10-24T19:07:56Z",
+ "pushed_at": "2019-03-30T07:54:58Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 2,
+ "forks": 2,
+ "watchers": 2,
+ "score": 0
+ },
+ {
+ "id": 178909066,
+ "name": "RailroadBandit",
+ "full_name": "Bad3r\/RailroadBandit",
+ "owner": {
+ "login": "Bad3r",
+ "id": 25513724,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25513724?v=4",
+ "html_url": "https:\/\/github.com\/Bad3r"
+ },
+ "html_url": "https:\/\/github.com\/Bad3r\/RailroadBandit",
+ "description": "a demo for Ruby on Rails CVE-2019-5418",
+ "fork": false,
+ "created_at": "2019-04-01T17:02:57Z",
+ "updated_at": "2019-04-11T22:45:53Z",
+ "pushed_at": "2019-04-11T22:45:52Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 212888337,
"name": "CVE-2019-5418-Rails3",
diff --git a/2019/CVE-2019-5736.json b/2019/CVE-2019-5736.json
index d2f2e7f7c9..97ce2aa0d0 100644
--- a/2019/CVE-2019-5736.json
+++ b/2019/CVE-2019-5736.json
@@ -1,4 +1,395 @@
[
+ {
+ "id": 170398859,
+ "name": "cve-2019-5736-poc",
+ "full_name": "q3k\/cve-2019-5736-poc",
+ "owner": {
+ "login": "q3k",
+ "id": 315234,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/315234?v=4",
+ "html_url": "https:\/\/github.com\/q3k"
+ },
+ "html_url": "https:\/\/github.com\/q3k\/cve-2019-5736-poc",
+ "description": "Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)",
+ "fork": false,
+ "created_at": "2019-02-12T22:07:47Z",
+ "updated_at": "2020-03-25T00:44:45Z",
+ "pushed_at": "2019-02-20T15:35:34Z",
+ "stargazers_count": 178,
+ "watchers_count": 178,
+ "forks_count": 61,
+ "forks": 61,
+ "watchers": 178,
+ "score": 0
+ },
+ {
+ "id": 170445833,
+ "name": "CVE-2019-5736-PoC",
+ "full_name": "Frichetten\/CVE-2019-5736-PoC",
+ "owner": {
+ "login": "Frichetten",
+ "id": 10386884,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10386884?v=4",
+ "html_url": "https:\/\/github.com\/Frichetten"
+ },
+ "html_url": "https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC",
+ "description": "PoC for CVE-2019-5736",
+ "fork": false,
+ "created_at": "2019-02-13T05:26:32Z",
+ "updated_at": "2020-03-25T02:44:09Z",
+ "pushed_at": "2019-02-19T11:45:13Z",
+ "stargazers_count": 380,
+ "watchers_count": 380,
+ "forks_count": 91,
+ "forks": 91,
+ "watchers": 380,
+ "score": 0
+ },
+ {
+ "id": 170613828,
+ "name": "CVE-2019-5736",
+ "full_name": "jas502n\/CVE-2019-5736",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-5736",
+ "description": "runc容器逃逸漏洞预警",
+ "fork": false,
+ "created_at": "2019-02-14T02:30:12Z",
+ "updated_at": "2020-02-03T01:45:33Z",
+ "pushed_at": "2019-02-14T02:40:55Z",
+ "stargazers_count": 14,
+ "watchers_count": 14,
+ "forks_count": 3,
+ "forks": 3,
+ "watchers": 14,
+ "score": 0
+ },
+ {
+ "id": 170656576,
+ "name": "CVE-2019-5736",
+ "full_name": "denmilu\/CVE-2019-5736",
+ "owner": {
+ "login": "denmilu",
+ "id": 2469038,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4",
+ "html_url": "https:\/\/github.com\/denmilu"
+ },
+ "html_url": "https:\/\/github.com\/denmilu\/CVE-2019-5736",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-02-14T08:37:25Z",
+ "updated_at": "2019-02-14T08:37:36Z",
+ "pushed_at": "2019-02-14T08:37:34Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 170656601,
+ "name": "cve-2019-5736-poc",
+ "full_name": "denmilu\/cve-2019-5736-poc",
+ "owner": {
+ "login": "denmilu",
+ "id": 2469038,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4",
+ "html_url": "https:\/\/github.com\/denmilu"
+ },
+ "html_url": "https:\/\/github.com\/denmilu\/cve-2019-5736-poc",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-02-14T08:37:39Z",
+ "updated_at": "2019-02-14T08:37:49Z",
+ "pushed_at": "2019-02-14T08:37:48Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 170836971,
+ "name": "cve-2019-5736-poc",
+ "full_name": "agppp\/cve-2019-5736-poc",
+ "owner": {
+ "login": "agppp",
+ "id": 10527860,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10527860?v=4",
+ "html_url": "https:\/\/github.com\/agppp"
+ },
+ "html_url": "https:\/\/github.com\/agppp\/cve-2019-5736-poc",
+ "description": "getshell test",
+ "fork": false,
+ "created_at": "2019-02-15T09:22:27Z",
+ "updated_at": "2019-02-15T09:49:47Z",
+ "pushed_at": "2019-02-15T09:49:46Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 171378829,
+ "name": "cve-2019-5736",
+ "full_name": "Matthew-Stacks\/cve-2019-5736",
+ "owner": {
+ "login": "Matthew-Stacks",
+ "id": 36444487,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/36444487?v=4",
+ "html_url": "https:\/\/github.com\/Matthew-Stacks"
+ },
+ "html_url": "https:\/\/github.com\/Matthew-Stacks\/cve-2019-5736",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-02-19T00:48:35Z",
+ "updated_at": "2020-01-24T04:09:35Z",
+ "pushed_at": "2019-02-24T21:35:14Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 171499608,
+ "name": "poc-cve-2019-5736",
+ "full_name": "ebdecastro\/poc-cve-2019-5736",
+ "owner": {
+ "login": "ebdecastro",
+ "id": 46558799,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46558799?v=4",
+ "html_url": "https:\/\/github.com\/ebdecastro"
+ },
+ "html_url": "https:\/\/github.com\/ebdecastro\/poc-cve-2019-5736",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-02-19T15:34:18Z",
+ "updated_at": "2019-06-04T10:53:26Z",
+ "pushed_at": "2019-02-19T15:37:34Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 1,
+ "score": 0
+ },
+ {
+ "id": 171668415,
+ "name": "RunC-CVE-2019-5736",
+ "full_name": "twistlock\/RunC-CVE-2019-5736",
+ "owner": {
+ "login": "twistlock",
+ "id": 12218272,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/12218272?v=4",
+ "html_url": "https:\/\/github.com\/twistlock"
+ },
+ "html_url": "https:\/\/github.com\/twistlock\/RunC-CVE-2019-5736",
+ "description": "CVE-2019-5736 POCs",
+ "fork": false,
+ "created_at": "2019-02-20T12:23:13Z",
+ "updated_at": "2020-02-24T13:24:23Z",
+ "pushed_at": "2020-02-08T12:44:15Z",
+ "stargazers_count": 43,
+ "watchers_count": 43,
+ "forks_count": 13,
+ "forks": 13,
+ "watchers": 43,
+ "score": 0
+ },
+ {
+ "id": 172158413,
+ "name": "CVE-2019-5736-PoC",
+ "full_name": "k-onishi\/CVE-2019-5736-PoC",
+ "owner": {
+ "login": "k-onishi",
+ "id": 41312202,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41312202?v=4",
+ "html_url": "https:\/\/github.com\/k-onishi"
+ },
+ "html_url": "https:\/\/github.com\/k-onishi\/CVE-2019-5736-PoC",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-02-23T01:45:26Z",
+ "updated_at": "2019-09-25T11:24:16Z",
+ "pushed_at": "2019-02-23T13:20:19Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 2,
+ "score": 0
+ },
+ {
+ "id": 172198595,
+ "name": "CVE-2019-5736-PoC-0",
+ "full_name": "k-onishi\/CVE-2019-5736-PoC-0",
+ "owner": {
+ "login": "k-onishi",
+ "id": 41312202,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41312202?v=4",
+ "html_url": "https:\/\/github.com\/k-onishi"
+ },
+ "html_url": "https:\/\/github.com\/k-onishi\/CVE-2019-5736-PoC-0",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-02-23T09:59:21Z",
+ "updated_at": "2019-02-23T09:59:53Z",
+ "pushed_at": "2019-02-23T09:59:51Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 174545720,
+ "name": "CVE-2019-5736-PoC",
+ "full_name": "zyriuse75\/CVE-2019-5736-PoC",
+ "owner": {
+ "login": "zyriuse75",
+ "id": 225690,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/225690?v=4",
+ "html_url": "https:\/\/github.com\/zyriuse75"
+ },
+ "html_url": "https:\/\/github.com\/zyriuse75\/CVE-2019-5736-PoC",
+ "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-5736 poc of CVE-2019-5736 ",
+ "fork": false,
+ "created_at": "2019-03-08T13:50:57Z",
+ "updated_at": "2019-03-08T13:50:59Z",
+ "pushed_at": "2019-03-08T13:50:58Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 177891884,
+ "name": "CVE-2019-5736",
+ "full_name": "stillan00b\/CVE-2019-5736",
+ "owner": {
+ "login": "stillan00b",
+ "id": 48630837,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/48630837?v=4",
+ "html_url": "https:\/\/github.com\/stillan00b"
+ },
+ "html_url": "https:\/\/github.com\/stillan00b\/CVE-2019-5736",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-03-27T00:52:49Z",
+ "updated_at": "2019-03-27T01:05:08Z",
+ "pushed_at": "2019-03-27T01:05:07Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 181238407,
+ "name": "cve-2019-5736-exp",
+ "full_name": "milloni\/cve-2019-5736-exp",
+ "owner": {
+ "login": "milloni",
+ "id": 2845035,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/2845035?v=4",
+ "html_url": "https:\/\/github.com\/milloni"
+ },
+ "html_url": "https:\/\/github.com\/milloni\/cve-2019-5736-exp",
+ "description": "Exploit for CVE-2019-5736 runc vulnerability",
+ "fork": false,
+ "created_at": "2019-04-13T23:18:54Z",
+ "updated_at": "2019-04-16T18:18:42Z",
+ "pushed_at": "2019-04-14T21:39:41Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 185733954,
+ "name": "Docker-Runc-Exploit",
+ "full_name": "13paulmurith\/Docker-Runc-Exploit",
+ "owner": {
+ "login": "13paulmurith",
+ "id": 26403285,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26403285?v=4",
+ "html_url": "https:\/\/github.com\/13paulmurith"
+ },
+ "html_url": "https:\/\/github.com\/13paulmurith\/Docker-Runc-Exploit",
+ "description": "Docker runc CVE-2019-5736 exploit Dockerfile. Credits : https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC.git",
+ "fork": false,
+ "created_at": "2019-05-09T05:45:21Z",
+ "updated_at": "2019-05-09T05:47:46Z",
+ "pushed_at": "2019-05-09T05:47:45Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 194520468,
+ "name": "CVE-2019-5736-POC",
+ "full_name": "RyanNgWH\/CVE-2019-5736-POC",
+ "owner": {
+ "login": "RyanNgWH",
+ "id": 44436551,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44436551?v=4",
+ "html_url": "https:\/\/github.com\/RyanNgWH"
+ },
+ "html_url": "https:\/\/github.com\/RyanNgWH\/CVE-2019-5736-POC",
+ "description": "Proof of concept code for breaking out of docker via runC",
+ "fork": false,
+ "created_at": "2019-06-30T13:42:14Z",
+ "updated_at": "2019-06-30T16:33:39Z",
+ "pushed_at": "2019-06-30T16:33:37Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 0,
+ "score": 0
+ },
+ {
+ "id": 200632359,
+ "name": "cve-2019-5736-study",
+ "full_name": "Lee-SungYoung\/cve-2019-5736-study",
+ "owner": {
+ "login": "Lee-SungYoung",
+ "id": 34130740,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/34130740?v=4",
+ "html_url": "https:\/\/github.com\/Lee-SungYoung"
+ },
+ "html_url": "https:\/\/github.com\/Lee-SungYoung\/cve-2019-5736-study",
+ "description": null,
+ "fork": false,
+ "created_at": "2019-08-05T10:15:52Z",
+ "updated_at": "2019-08-05T10:16:32Z",
+ "pushed_at": "2019-08-05T10:16:31Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ },
{
"id": 214599324,
"name": "cve-2019-5736-poc",
diff --git a/2019/CVE-2019-6690.json b/2019/CVE-2019-6690.json
index 85421f4652..43ea50ecf7 100644
--- a/2019/CVE-2019-6690.json
+++ b/2019/CVE-2019-6690.json
@@ -21,5 +21,28 @@
"forks": 1,
"watchers": 1,
"score": 0
+ },
+ {
+ "id": 179225702,
+ "name": "CVE-2019-6690",
+ "full_name": "brianwrf\/CVE-2019-6690",
+ "owner": {
+ "login": "brianwrf",
+ "id": 8141813,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4",
+ "html_url": "https:\/\/github.com\/brianwrf"
+ },
+ "html_url": "https:\/\/github.com\/brianwrf\/CVE-2019-6690",
+ "description": "It is a simple PoC of Improper Input Validation in python-gnupg 0.4.3 (CVE-2019-6690).",
+ "fork": false,
+ "created_at": "2019-04-03T06:34:48Z",
+ "updated_at": "2019-04-08T14:49:17Z",
+ "pushed_at": "2019-04-03T07:57:14Z",
+ "stargazers_count": 6,
+ "watchers_count": 6,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 6,
+ "score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-7238.json b/2019/CVE-2019-7238.json
index 4fb9bc4b40..ff31dc206f 100644
--- a/2019/CVE-2019-7238.json
+++ b/2019/CVE-2019-7238.json
@@ -1,4 +1,73 @@
[
+ {
+ "id": 172401532,
+ "name": "CVE-2019-7238",
+ "full_name": "mpgn\/CVE-2019-7238",
+ "owner": {
+ "login": "mpgn",
+ "id": 5891788,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4",
+ "html_url": "https:\/\/github.com\/mpgn"
+ },
+ "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-7238",
+ "description": "🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻",
+ "fork": false,
+ "created_at": "2019-02-24T23:09:43Z",
+ "updated_at": "2020-03-25T08:37:57Z",
+ "pushed_at": "2019-02-25T07:37:07Z",
+ "stargazers_count": 118,
+ "watchers_count": 118,
+ "forks_count": 34,
+ "forks": 34,
+ "watchers": 118,
+ "score": 0
+ },
+ {
+ "id": 187840869,
+ "name": "CVE-2019-7238",
+ "full_name": "jas502n\/CVE-2019-7238",
+ "owner": {
+ "login": "jas502n",
+ "id": 16593068,
+ "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
+ "html_url": "https:\/\/github.com\/jas502n"
+ },
+ "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-7238",
+ "description": "Nexus Repository Manager 3 Remote Code Execution without authentication < 3.15.0",
+ "fork": false,
+ "created_at": "2019-05-21T13:16:02Z",
+ "updated_at": "2020-03-25T08:37:57Z",
+ "pushed_at": "2019-08-19T17:33:56Z",
+ "stargazers_count": 44,
+ "watchers_count": 44,
+ "forks_count": 14,
+ "forks": 14,
+ "watchers": 44,
+ "score": 0
+ },
+ {
+ "id": 199046172,
+ "name": "nexus_rce_CVE-2019-7238",
+ "full_name": "verctor\/nexus_rce_CVE-2019-7238",
+ "owner": {
+ "login": "verctor",
+ "id": 24811125,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24811125?v=4",
+ "html_url": "https:\/\/github.com\/verctor"
+ },
+ "html_url": "https:\/\/github.com\/verctor\/nexus_rce_CVE-2019-7238",
+ "description": "Some debug notes and exploit(not blind)",
+ "fork": false,
+ "created_at": "2019-07-26T16:08:40Z",
+ "updated_at": "2020-02-03T08:03:44Z",
+ "pushed_at": "2019-07-28T02:32:07Z",
+ "stargazers_count": 28,
+ "watchers_count": 28,
+ "forks_count": 5,
+ "forks": 5,
+ "watchers": 28,
+ "score": 0
+ },
{
"id": 233010845,
"name": "CVE-2019-7238_Nexus_RCE_Tool",
diff --git a/2019/CVE-2019-8449.json b/2019/CVE-2019-8449.json
index 52a62f3557..3187fba06d 100644
--- a/2019/CVE-2019-8449.json
+++ b/2019/CVE-2019-8449.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 237801987,
+ "name": "CVE-2019-8449",
+ "full_name": "mufeedvh\/CVE-2019-8449",
+ "owner": {
+ "login": "mufeedvh",
+ "id": 26198477,
+ "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26198477?v=4",
+ "html_url": "https:\/\/github.com\/mufeedvh"
+ },
+ "html_url": "https:\/\/github.com\/mufeedvh\/CVE-2019-8449",
+ "description": "CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4",
+ "fork": false,
+ "created_at": "2020-02-02T16:42:32Z",
+ "updated_at": "2020-03-10T10:19:17Z",
+ "pushed_at": "2020-02-03T15:11:25Z",
+ "stargazers_count": 57,
+ "watchers_count": 57,
+ "forks_count": 11,
+ "forks": 11,
+ "watchers": 57,
+ "score": 0
+ },
{
"id": 240484095,
"name": "CVE-2019-8449",
diff --git a/2019/CVE-2019-9621.json b/2019/CVE-2019-9621.json
index e1c74ce45d..1886141f92 100644
--- a/2019/CVE-2019-9621.json
+++ b/2019/CVE-2019-9621.json
@@ -13,13 +13,13 @@
"description": "Zimbra邮件系统漏洞 XXE\/RCE\/SSRF\/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)",
"fork": false,
"created_at": "2019-05-06T15:47:20Z",
- "updated_at": "2020-03-27T09:08:30Z",
+ "updated_at": "2020-03-27T15:59:25Z",
"pushed_at": "2019-05-08T16:22:58Z",
- "stargazers_count": 39,
- "watchers_count": 39,
+ "stargazers_count": 40,
+ "watchers_count": 40,
"forks_count": 22,
"forks": 22,
- "watchers": 39,
+ "watchers": 40,
"score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-9810.json b/2019/CVE-2019-9810.json
index bce2bceae2..bc18b7f656 100644
--- a/2019/CVE-2019-9810.json
+++ b/2019/CVE-2019-9810.json
@@ -1,4 +1,27 @@
[
+ {
+ "id": 177500802,
+ "name": "CVE-2019-9810-PoC",
+ "full_name": "xuechiyaobai\/CVE-2019-9810-PoC",
+ "owner": {
+ "login": "xuechiyaobai",
+ "id": 8443947,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8443947?v=4",
+ "html_url": "https:\/\/github.com\/xuechiyaobai"
+ },
+ "html_url": "https:\/\/github.com\/xuechiyaobai\/CVE-2019-9810-PoC",
+ "description": "Array.prototype.slice wrong alias information.",
+ "fork": false,
+ "created_at": "2019-03-25T02:33:18Z",
+ "updated_at": "2020-02-16T05:56:49Z",
+ "pushed_at": "2019-03-25T02:41:43Z",
+ "stargazers_count": 68,
+ "watchers_count": 68,
+ "forks_count": 15,
+ "forks": 15,
+ "watchers": 68,
+ "score": 0
+ },
{
"id": 185060837,
"name": "CVE-2019-9810",
diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json
index 8c78185603..f5cfa0d878 100644
--- a/2020/CVE-2020-0796.json
+++ b/2020/CVE-2020-0796.json
@@ -82,13 +82,13 @@
"description": "Powershell SMBv3 Compression checker",
"fork": false,
"created_at": "2020-03-11T09:13:48Z",
- "updated_at": "2020-03-25T03:28:34Z",
+ "updated_at": "2020-03-28T00:38:44Z",
"pushed_at": "2020-03-21T20:57:03Z",
- "stargazers_count": 18,
- "watchers_count": 18,
+ "stargazers_count": 19,
+ "watchers_count": 19,
"forks_count": 7,
"forks": 7,
- "watchers": 18,
+ "watchers": 19,
"score": 0
},
{
@@ -109,8 +109,8 @@
"pushed_at": "2020-03-13T09:54:16Z",
"stargazers_count": 399,
"watchers_count": 399,
- "forks_count": 108,
- "forks": 108,
+ "forks_count": 109,
+ "forks": 109,
"watchers": 399,
"score": 0
},
@@ -427,13 +427,13 @@
"description": "PoC for triggering buffer overflow via CVE-2020-0796",
"fork": false,
"created_at": "2020-03-12T18:34:40Z",
- "updated_at": "2020-03-27T03:55:34Z",
+ "updated_at": "2020-03-28T00:44:34Z",
"pushed_at": "2020-03-14T10:04:59Z",
- "stargazers_count": 175,
- "watchers_count": 175,
+ "stargazers_count": 176,
+ "watchers_count": 176,
"forks_count": 62,
"forks": 62,
- "watchers": 175,
+ "watchers": 176,
"score": 0
},
{
diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json
index 3d178abdc6..c8741aca69 100644
--- a/2020/CVE-2020-1938.json
+++ b/2020/CVE-2020-1938.json
@@ -312,13 +312,13 @@
"description": "Ghostcat read file\/code execute,CNVD-2020-10487(CVE-2020-1938) ",
"fork": false,
"created_at": "2020-02-22T16:16:20Z",
- "updated_at": "2020-03-25T08:37:57Z",
+ "updated_at": "2020-03-28T02:30:12Z",
"pushed_at": "2020-03-09T14:51:43Z",
- "stargazers_count": 62,
- "watchers_count": 62,
+ "stargazers_count": 64,
+ "watchers_count": 64,
"forks_count": 23,
"forks": 23,
- "watchers": 62,
+ "watchers": 64,
"score": 0
},
{
diff --git a/2020/CVE-2020-7961.json b/2020/CVE-2020-7961.json
index 9e7cdc4d29..602f2f0f37 100644
--- a/2020/CVE-2020-7961.json
+++ b/2020/CVE-2020-7961.json
@@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2020-03-26T01:34:38Z",
- "updated_at": "2020-03-27T16:38:52Z",
- "pushed_at": "2020-03-26T06:49:17Z",
- "stargazers_count": 46,
- "watchers_count": 46,
- "forks_count": 12,
- "forks": 12,
- "watchers": 46,
+ "updated_at": "2020-03-28T02:40:40Z",
+ "pushed_at": "2020-03-27T23:52:21Z",
+ "stargazers_count": 48,
+ "watchers_count": 48,
+ "forks_count": 13,
+ "forks": 13,
+ "watchers": 48,
"score": 0
}
]
\ No newline at end of file
diff --git a/README.md b/README.md
index 9522e251ab..a1703b55fd 100644
--- a/README.md
+++ b/README.md
@@ -636,6 +636,7 @@ Insufficient validation of environment variables in the telnet client supplied i
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.
+- [mpgn/CVE-2019-0192](https://github.com/mpgn/CVE-2019-0192)
- [Rapidsafeguard/Solr-RCE-CVE-2019-0192](https://github.com/Rapidsafeguard/Solr-RCE-CVE-2019-0192)
### CVE-2019-0193
@@ -644,7 +645,18 @@ In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows
In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true.
+- [xConsoIe/CVE-2019-0193](https://github.com/xConsoIe/CVE-2019-0193)
+- [jas502n/CVE-2019-0193](https://github.com/jas502n/CVE-2019-0193)
- [1135/solr_exploit](https://github.com/1135/solr_exploit)
+- [jaychouzzk/CVE-2019-0193-exp](https://github.com/jaychouzzk/CVE-2019-0193-exp)
+
+### CVE-2019-0211
+
+
+In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
+
+
+- [ozkanbilge/Apache-Exploit-2019](https://github.com/ozkanbilge/Apache-Exploit-2019)
### CVE-2019-0227
@@ -661,56 +673,143 @@ When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in
- [pyn3rd/CVE-2019-0232](https://github.com/pyn3rd/CVE-2019-0232)
+- [jas502n/CVE-2019-0232](https://github.com/jas502n/CVE-2019-0232)
+- [CherishHair/CVE-2019-0232-EXP](https://github.com/CherishHair/CVE-2019-0232-EXP)
- [setrus/CVE-2019-0232](https://github.com/setrus/CVE-2019-0232)
+### CVE-2019-0539
+
+
+A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568.
+
+
+- [0x43434343/CVE-2019-0539](https://github.com/0x43434343/CVE-2019-0539)
+
### CVE-2019-0604
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.
+- [linhlhq/CVE-2019-0604](https://github.com/linhlhq/CVE-2019-0604)
+- [denmilu/CVE-2019-0604_sharepoint_CVE](https://github.com/denmilu/CVE-2019-0604_sharepoint_CVE)
- [k8gege/CVE-2019-0604](https://github.com/k8gege/CVE-2019-0604)
- [m5050/CVE-2019-0604](https://github.com/m5050/CVE-2019-0604)
- [boxhg/CVE-2019-0604](https://github.com/boxhg/CVE-2019-0604)
+### CVE-2019-0678
+
+
+An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.
+
+
+- [c0d3G33k/CVE-2019-0678](https://github.com/c0d3G33k/CVE-2019-0678)
+
### CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
+- [hook-s3c/CVE-2019-0708-poc](https://github.com/hook-s3c/CVE-2019-0708-poc)
+- [SherlockSec/CVE-2019-0708](https://github.com/SherlockSec/CVE-2019-0708)
+- [yetiddbb/CVE-2019-0708-PoC](https://github.com/yetiddbb/CVE-2019-0708-PoC)
+- [p0p0p0/CVE-2019-0708-exploit](https://github.com/p0p0p0/CVE-2019-0708-exploit)
+- [rockmelodies/CVE-2019-0708-Exploit](https://github.com/rockmelodies/CVE-2019-0708-Exploit)
- [matengfei000/CVE-2019-0708](https://github.com/matengfei000/CVE-2019-0708)
+- [xiyangzuishuai/Dark-Network-CVE-2019-0708](https://github.com/xiyangzuishuai/Dark-Network-CVE-2019-0708)
+- [temp-user-2014/CVE-2019-0708](https://github.com/temp-user-2014/CVE-2019-0708)
- [areusecure/CVE-2019-0708](https://github.com/areusecure/CVE-2019-0708)
+- [pry0cc/cve-2019-0708-2](https://github.com/pry0cc/cve-2019-0708-2)
- [sbkcbig/CVE-2019-0708-EXPloit](https://github.com/sbkcbig/CVE-2019-0708-EXPloit)
- [sbkcbig/CVE-2019-0708-EXPloit-3389](https://github.com/sbkcbig/CVE-2019-0708-EXPloit-3389)
- [YSheldon/MS_T120](https://github.com/YSheldon/MS_T120)
+- [k8gege/CVE-2019-0708](https://github.com/k8gege/CVE-2019-0708)
- [hotdog777714/RDS_CVE-2019-0708](https://github.com/hotdog777714/RDS_CVE-2019-0708)
+- [jiansiting/CVE-2019-0708](https://github.com/jiansiting/CVE-2019-0708)
+- [NullByteSuiteDevs/CVE-2019-0708](https://github.com/NullByteSuiteDevs/CVE-2019-0708)
+- [heaphopopotamus/CVE-2019-0708](https://github.com/heaphopopotamus/CVE-2019-0708)
+- [thugcrowd/CVE-2019-0708](https://github.com/thugcrowd/CVE-2019-0708)
- [omaidf/CVE-2019-0708-PoC](https://github.com/omaidf/CVE-2019-0708-PoC)
+- [blacksunwen/CVE-2019-0708](https://github.com/blacksunwen/CVE-2019-0708)
+- [infenet/CVE-2019-0708](https://github.com/infenet/CVE-2019-0708)
+- [n0auth/CVE-2019-0708](https://github.com/n0auth/CVE-2019-0708)
- [gildaaa/CVE-2019-0708](https://github.com/gildaaa/CVE-2019-0708)
- [sbkcbig/CVE-2019-0708-Poc-exploit](https://github.com/sbkcbig/CVE-2019-0708-Poc-exploit)
+- [HackerJ0e/CVE-2019-0708](https://github.com/HackerJ0e/CVE-2019-0708)
+- [syriusbughunt/CVE-2019-0708](https://github.com/syriusbughunt/CVE-2019-0708)
- [Barry-McCockiner/CVE-2019-0708](https://github.com/Barry-McCockiner/CVE-2019-0708)
- [ShadowBrokers-ExploitLeak/CVE-2019-0708](https://github.com/ShadowBrokers-ExploitLeak/CVE-2019-0708)
+- [shumtheone/CVE-2019-0708](https://github.com/shumtheone/CVE-2019-0708)
- [safly/CVE-2019-0708](https://github.com/safly/CVE-2019-0708)
+- [Jaky5155/cve-2019-0708-exp](https://github.com/Jaky5155/cve-2019-0708-exp)
+- [fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status](https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status)
+- [303sec/CVE-2019-0708](https://github.com/303sec/CVE-2019-0708)
+- [f8al/CVE-2019-0708-POC](https://github.com/f8al/CVE-2019-0708-POC)
+- [blockchainguard/CVE-2019-0708](https://github.com/blockchainguard/CVE-2019-0708)
+- [haoge8090/CVE-2019-0708](https://github.com/haoge8090/CVE-2019-0708)
- [branbot1000/CVE-2019-0708](https://github.com/branbot1000/CVE-2019-0708)
- [yushiro/CVE-2019-0708](https://github.com/yushiro/CVE-2019-0708)
+- [bilawalzardaer/CVE-2019-0708](https://github.com/bilawalzardaer/CVE-2019-0708)
+- [skyshell20082008/CVE-2019-0708-PoC-Hitting-Path](https://github.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path)
+- [ttsite/CVE-2019-0708-](https://github.com/ttsite/CVE-2019-0708-)
+- [ttsite/CVE-2019-0708](https://github.com/ttsite/CVE-2019-0708)
+- [biggerwing/CVE-2019-0708-poc](https://github.com/biggerwing/CVE-2019-0708-poc)
+- [n1xbyte/CVE-2019-0708](https://github.com/n1xbyte/CVE-2019-0708)
+- [freeide/CVE-2019-0708](https://github.com/freeide/CVE-2019-0708)
- [edvacco/CVE-2019-0708-POC](https://github.com/edvacco/CVE-2019-0708-POC)
+- [pry0cc/BlueKeepTracker](https://github.com/pry0cc/BlueKeepTracker)
- [zjw88282740/CVE-2019-0708-win7](https://github.com/zjw88282740/CVE-2019-0708-win7)
- [zerosum0x0/CVE-2019-0708](https://github.com/zerosum0x0/CVE-2019-0708)
- [herhe/CVE-2019-0708poc](https://github.com/herhe/CVE-2019-0708poc)
+- [l9c/rdp0708scanner](https://github.com/l9c/rdp0708scanner)
- [major203/cve-2019-0708-scan](https://github.com/major203/cve-2019-0708-scan)
+- [SugiB3o/Check-vuln-CVE-2019-0708](https://github.com/SugiB3o/Check-vuln-CVE-2019-0708)
+- [gobysec/CVE-2019-0708](https://github.com/gobysec/CVE-2019-0708)
+- [adalenv/CVE-2019-0708-Tool](https://github.com/adalenv/CVE-2019-0708-Tool)
- [smallFunction/CVE-2019-0708-POC](https://github.com/smallFunction/CVE-2019-0708-POC)
+- [freeide/CVE-2019-0708-PoC-Exploit](https://github.com/freeide/CVE-2019-0708-PoC-Exploit)
+- [robertdavidgraham/rdpscan](https://github.com/robertdavidgraham/rdpscan)
- [closethe/CVE-2019-0708-POC](https://github.com/closethe/CVE-2019-0708-POC)
+- [krivegasa/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit](https://github.com/krivegasa/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit)
+- [Rostelecom-CERT/bluekeepscan](https://github.com/Rostelecom-CERT/bluekeepscan)
+- [Leoid/CVE-2019-0708](https://github.com/Leoid/CVE-2019-0708)
+- [ht0Ruial/CVE-2019-0708Poc-BatchScanning](https://github.com/ht0Ruial/CVE-2019-0708Poc-BatchScanning)
+- [oneoy/BlueKeep](https://github.com/oneoy/BlueKeep)
- [infiniti-team/CVE-2019-0708](https://github.com/infiniti-team/CVE-2019-0708)
- [haishanzheng/CVE-2019-0708-generate-hosts](https://github.com/haishanzheng/CVE-2019-0708-generate-hosts)
+- [Ekultek/BlueKeep](https://github.com/Ekultek/BlueKeep)
+- [UraSecTeam/CVE-2019-0708](https://github.com/UraSecTeam/CVE-2019-0708)
+- [Gh0st0ne/rdpscan-BlueKeep](https://github.com/Gh0st0ne/rdpscan-BlueKeep)
- [algo7/bluekeep_CVE-2019-0708_poc_to_exploit](https://github.com/algo7/bluekeep_CVE-2019-0708_poc_to_exploit)
+- [JasonLOU/CVE-2019-0708](https://github.com/JasonLOU/CVE-2019-0708)
+- [shun-gg/CVE-2019-0708](https://github.com/shun-gg/CVE-2019-0708)
+- [AdministratorGithub/CVE-2019-0708](https://github.com/AdministratorGithub/CVE-2019-0708)
+- [umarfarook882/CVE-2019-0708](https://github.com/umarfarook882/CVE-2019-0708)
+- [HynekPetrak/detect_bluekeep.py](https://github.com/HynekPetrak/detect_bluekeep.py)
+- [Wileysec/CVE-2019-0708-Batch-Blue-Screen](https://github.com/Wileysec/CVE-2019-0708-Batch-Blue-Screen)
+- [Pa55w0rd/CVE-2019-0708](https://github.com/Pa55w0rd/CVE-2019-0708)
- [at0mik/CVE-2019-0708-PoC](https://github.com/at0mik/CVE-2019-0708-PoC)
+- [cream492/CVE-2019-0708-Msf--](https://github.com/cream492/CVE-2019-0708-Msf--)
+- [wdfcc/CVE-2019-0708](https://github.com/wdfcc/CVE-2019-0708)
+- [cvencoder/cve-2019-0708](https://github.com/cvencoder/cve-2019-0708)
+- [ze0r/CVE-2019-0708-exp](https://github.com/ze0r/CVE-2019-0708-exp)
- [mekhalleh/cve-2019-0708](https://github.com/mekhalleh/cve-2019-0708)
+- [cve-2019-0708-poc/cve-2019-0708](https://github.com/cve-2019-0708-poc/cve-2019-0708)
+- [andripwn/CVE-2019-0708](https://github.com/andripwn/CVE-2019-0708)
- [0xeb-bp/bluekeep](https://github.com/0xeb-bp/bluekeep)
+- [ntkernel0/CVE-2019-0708](https://github.com/ntkernel0/CVE-2019-0708)
+- [dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-](https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-)
- [turingcompl33t/bluekeep](https://github.com/turingcompl33t/bluekeep)
- [fade-vivida/CVE-2019-0708-test](https://github.com/fade-vivida/CVE-2019-0708-test)
- [skommando/CVE-2019-0708](https://github.com/skommando/CVE-2019-0708)
+- [RickGeex/msf-module-CVE-2019-0708](https://github.com/RickGeex/msf-module-CVE-2019-0708)
- [wqsemc/CVE-2019-0708](https://github.com/wqsemc/CVE-2019-0708)
- [mai-lang-chai/CVE-2019-0708-RCE](https://github.com/mai-lang-chai/CVE-2019-0708-RCE)
+- [Micr067/CVE-2019-0708RDP-MSF](https://github.com/Micr067/CVE-2019-0708RDP-MSF)
+- [adkinguzi/CVE-2019-0708-BlueKeep](https://github.com/adkinguzi/CVE-2019-0708-BlueKeep)
+- [FrostsaberX/CVE-2019-0708](https://github.com/FrostsaberX/CVE-2019-0708)
+- [qinggegeya/CVE-2019-0708-EXP-MSF-](https://github.com/qinggegeya/CVE-2019-0708-EXP-MSF-)
- [Straight-wood/CVE-2019-0708](https://github.com/Straight-wood/CVE-2019-0708)
- [0xFlag/CVE-2019-0708-test](https://github.com/0xFlag/CVE-2019-0708-test)
- [1aa87148377/CVE-2019-0708](https://github.com/1aa87148377/CVE-2019-0708)
@@ -732,6 +831,91 @@ A remote code execution vulnerability exists when Windows Hyper-V on a host serv
- [YHZX2013/CVE-2019-0709](https://github.com/YHZX2013/CVE-2019-0709)
+- [qq431169079/CVE-2019-0709](https://github.com/qq431169079/CVE-2019-0709)
+
+### CVE-2019-0768
+
+
+A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761.
+
+
+- [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit)
+
+### CVE-2019-0785
+
+
+A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.
+
+
+- [Jaky5155/CVE-2019-0785](https://github.com/Jaky5155/CVE-2019-0785)
+
+### CVE-2019-0803
+
+
+An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.
+
+
+- [ExpLife0011/CVE-2019-0803](https://github.com/ExpLife0011/CVE-2019-0803)
+
+### CVE-2019-0808
+
+
+An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
+
+
+- [ze0r/cve-2019-0808-poc](https://github.com/ze0r/cve-2019-0808-poc)
+- [rakesh143/CVE-2019-0808](https://github.com/rakesh143/CVE-2019-0808)
+- [exodusintel/CVE-2019-0808](https://github.com/exodusintel/CVE-2019-0808)
+
+### CVE-2019-0841
+
+
+An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
+
+
+- [rogue-kdc/CVE-2019-0841](https://github.com/rogue-kdc/CVE-2019-0841)
+- [denmilu/CVE-2019-0841](https://github.com/denmilu/CVE-2019-0841)
+- [0x00-0x00/CVE-2019-0841-BYPASS](https://github.com/0x00-0x00/CVE-2019-0841-BYPASS)
+
+### CVE-2019-0859
+
+
+An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
+
+
+- [Sheisback/CVE-2019-0859-1day-Exploit](https://github.com/Sheisback/CVE-2019-0859-1day-Exploit)
+
+### CVE-2019-0888
+
+
+A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory, aka 'ActiveX Data Objects (ADO) Remote Code Execution Vulnerability'.
+
+
+- [sophoslabs/CVE-2019-0888](https://github.com/sophoslabs/CVE-2019-0888)
+
+### CVE-2019-0986
+
+
+An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
+
+
+- [padovah4ck/CVE-2019-0986](https://github.com/padovah4ck/CVE-2019-0986)
+
+### CVE-2019-10008
+
+
+Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and privilege escalation because an established guest session is automatically converted into an established administrator session when the guest user enters the administrator username, with an arbitrary incorrect password, in an mc/ login attempt within a different browser tab.
+
+
+- [FlameOfIgnis/CVE-2019-10008](https://github.com/FlameOfIgnis/CVE-2019-10008)
+
+### CVE-2019-1002101
+
+
+The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0.
+
+
+- [brompwnie/CVE-2019-1002101-Helpers](https://github.com/brompwnie/CVE-2019-1002101-Helpers)
### CVE-2019-1003000
@@ -740,6 +924,9 @@ A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier
- [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development)
+- [adamyordan/cve-2019-1003000-jenkins-rce-poc](https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc)
+- [0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins](https://github.com/0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins)
+- [1NTheKut/CVE-2019-1003000_RCE-DETECTION](https://github.com/1NTheKut/CVE-2019-1003000_RCE-DETECTION)
### CVE-2019-10086
@@ -757,15 +944,38 @@ In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was rep
- [motikan2010/CVE-2019-10092_Docker](https://github.com/motikan2010/CVE-2019-10092_Docker)
+### CVE-2019-1010298
+
+
+Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.
+
+
+- [RKX1209/CVE-2019-1010298](https://github.com/RKX1209/CVE-2019-1010298)
+
### CVE-2019-10149
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
+- [bananaphones/exim-rce-quickfix](https://github.com/bananaphones/exim-rce-quickfix)
+- [cowbe0x004/eximrce-CVE-2019-10149](https://github.com/cowbe0x004/eximrce-CVE-2019-10149)
+- [MNEMO-CERT/PoC--CVE-2019-10149_Exim](https://github.com/MNEMO-CERT/PoC--CVE-2019-10149_Exim)
+- [aishee/CVE-2019-10149-quick](https://github.com/aishee/CVE-2019-10149-quick)
+- [AzizMea/CVE-2019-10149-privilege-escalation](https://github.com/AzizMea/CVE-2019-10149-privilege-escalation)
+- [Brets0150/StickyExim](https://github.com/Brets0150/StickyExim)
+- [ChrissHack/exim.exp](https://github.com/ChrissHack/exim.exp)
- [darsigovrustam/CVE-2019-10149](https://github.com/darsigovrustam/CVE-2019-10149)
- [Diefunction/CVE-2019-10149](https://github.com/Diefunction/CVE-2019-10149)
+### CVE-2019-10207
+
+
+A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.
+
+
+- [butterflyhack/CVE-2019-10207](https://github.com/butterflyhack/CVE-2019-10207)
+
### CVE-2019-10392
@@ -782,6 +992,7 @@ A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle a
- [Ridter/CVE-2019-1040](https://github.com/Ridter/CVE-2019-1040)
+- [lazaars/UltraRealy_with_CVE-2019-1040](https://github.com/lazaars/UltraRealy_with_CVE-2019-1040)
- [fox-it/cve-2019-1040-scanner](https://github.com/fox-it/cve-2019-1040-scanner)
- [wzxmt/CVE-2019-1040](https://github.com/wzxmt/CVE-2019-1040)
@@ -793,6 +1004,48 @@ A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin a
- [vesche/CVE-2019-10475](https://github.com/vesche/CVE-2019-10475)
+### CVE-2019-1064
+
+
+An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.
+
+
+- [RythmStick/CVE-2019-1064](https://github.com/RythmStick/CVE-2019-1064)
+- [0x00-0x00/CVE-2019-1064](https://github.com/0x00-0x00/CVE-2019-1064)
+- [attackgithub/CVE-2019-1064](https://github.com/attackgithub/CVE-2019-1064)
+
+### CVE-2019-10678
+
+
+Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.
+
+
+- [cved-sources/cve-2019-10678](https://github.com/cved-sources/cve-2019-10678)
+
+### CVE-2019-10685
+
+
+A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0.
+
+
+- [alt3kx/CVE-2019-10685](https://github.com/alt3kx/CVE-2019-10685)
+
+### CVE-2019-1069
+
+
+An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'.
+
+
+- [S3cur3Th1sSh1t/SharpPolarBear](https://github.com/S3cur3Th1sSh1t/SharpPolarBear)
+
+### CVE-2019-10708
+
+
+S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter.
+
+
+- [stavhaygn/CVE-2019-10708](https://github.com/stavhaygn/CVE-2019-10708)
+
### CVE-2019-10758
@@ -802,6 +1055,38 @@ mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints
- [masahiro331/CVE-2019-10758](https://github.com/masahiro331/CVE-2019-10758)
- [lp008/CVE-2019-10758](https://github.com/lp008/CVE-2019-10758)
+### CVE-2019-10869
+
+
+Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters.
+
+
+- [KTN1990/CVE-2019-10869](https://github.com/KTN1990/CVE-2019-10869)
+
+### CVE-2019-10915
+
+
+A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
+
+
+- [jiansiting/CVE-2019-10915](https://github.com/jiansiting/CVE-2019-10915)
+
+### CVE-2019-1096
+
+
+An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
+
+
+- [ze0r/cve-2019-1096-poc](https://github.com/ze0r/cve-2019-1096-poc)
+
+### CVE-2019-10999
+
+
+The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1.14.09 and below), DCS-5020L (1.15.12 and below), DCS-5025L (1.03.07 and below), DCS-5030L (1.04.10 and below), DCS-930L (2.16.01 and below), DCS-931L (1.14.11 and below), DCS-932L (2.17.01 and below), DCS-933L (1.14.11 and below), and DCS-934L (1.05.04 and below).
+
+
+- [fuzzywalls/CVE-2019-10999](https://github.com/fuzzywalls/CVE-2019-10999)
+
### CVE-2019-11043
@@ -825,6 +1110,22 @@ In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in
- [k8gege/CVE-2019-11043](https://github.com/k8gege/CVE-2019-11043)
- [moniik/CVE-2019-11043_env](https://github.com/moniik/CVE-2019-11043_env)
+### CVE-2019-11061
+
+
+A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
+
+
+- [tim124058/ASUS-SmartHome-Exploit](https://github.com/tim124058/ASUS-SmartHome-Exploit)
+
+### CVE-2019-11076
+
+
+Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request.
+
+
+- [livehybrid/poc-cribl-rce](https://github.com/livehybrid/poc-cribl-rce)
+
### CVE-2019-1108
@@ -841,6 +1142,47 @@ Improper conditions check in voltage settings for some Intel(R) Processors may a
- [zkenjar/v0ltpwn](https://github.com/zkenjar/v0ltpwn)
+### CVE-2019-11223
+
+
+An Unrestricted File Upload Vulnerability in the SupportCandy plugin through 2.0.0 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
+
+
+- [AngelCtulhu/CVE-2019-11223](https://github.com/AngelCtulhu/CVE-2019-11223)
+
+### CVE-2019-1125
+
+
+An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.
+
+
+- [bitdefender/swapgs-attack-poc](https://github.com/bitdefender/swapgs-attack-poc)
+
+### CVE-2019-1132
+
+
+An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
+
+
+- [Vlad-tri/CVE-2019-1132](https://github.com/Vlad-tri/CVE-2019-1132)
+- [petercc/CVE-2019-1132](https://github.com/petercc/CVE-2019-1132)
+
+### CVE-2019-11358
+
+
+jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
+
+
+- [bitnesswise/jquery-prototype-pollution-fix](https://github.com/bitnesswise/jquery-prototype-pollution-fix)
+
+### CVE-2019-11477
+
+
+Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
+
+
+- [sasqwatch/cve-2019-11477-poc](https://github.com/sasqwatch/cve-2019-11477-poc)
+
### CVE-2019-11510
@@ -848,15 +1190,38 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7
- [projectzeroindia/CVE-2019-11510](https://github.com/projectzeroindia/CVE-2019-11510)
+- [ladyleet1337/Pulse](https://github.com/ladyleet1337/Pulse)
+- [imjdl/CVE-2019-11510-poc](https://github.com/imjdl/CVE-2019-11510-poc)
+- [es0/CVE-2019-11510_poc](https://github.com/es0/CVE-2019-11510_poc)
+- [r00tpgp/http-pulse_ssl_vpn.nse](https://github.com/r00tpgp/http-pulse_ssl_vpn.nse)
+- [jas502n/CVE-2019-11510-1](https://github.com/jas502n/CVE-2019-11510-1)
+- [jason3e7/CVE-2019-11510](https://github.com/jason3e7/CVE-2019-11510)
- [BishopFox/pwn-pulse](https://github.com/BishopFox/pwn-pulse)
- [aqhmal/pulsexploit](https://github.com/aqhmal/pulsexploit)
+### CVE-2019-11523
+
+
+Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list (which includes RFID codes and passcodes in cleartext), or update/create users. The same attack can be executed on a local network and over the internet (if the device is exposed on a public IP address).
+
+
+- [wizlab-it/anviz-m3-rfid-cve-2019-11523-poc](https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc)
+
+### CVE-2019-11539
+
+
+In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.
+
+
+- [0xDezzy/CVE-2019-11539](https://github.com/0xDezzy/CVE-2019-11539)
+
### CVE-2019-11580
Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x), from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability.
+- [jas502n/CVE-2019-11580](https://github.com/jas502n/CVE-2019-11580)
- [hackerSMinh/CVE-2019-11580](https://github.com/hackerSMinh/CVE-2019-11580)
### CVE-2019-11581
@@ -865,6 +1230,7 @@ Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin inco
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability.
+- [jas502n/CVE-2019-11581](https://github.com/jas502n/CVE-2019-11581)
- [kobs0N/CVE-2019-11581](https://github.com/kobs0N/CVE-2019-11581)
### CVE-2019-11687
@@ -875,6 +1241,14 @@ An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Stand
- [kosmokato/bad-dicom](https://github.com/kosmokato/bad-dicom)
+### CVE-2019-11707
+
+
+A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
+
+
+- [vigneshsrao/CVE-2019-11707](https://github.com/vigneshsrao/CVE-2019-11707)
+
### CVE-2019-11708
@@ -891,6 +1265,22 @@ A vulnerability exists where if a user opens a locally saved HTML file, this fil
- [alidnf/CVE-2019-11730](https://github.com/alidnf/CVE-2019-11730)
+### CVE-2019-1181
+
+
+A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1182, CVE-2019-1222, CVE-2019-1226.
+
+
+- [major203/cve-2019-1181](https://github.com/major203/cve-2019-1181)
+
+### CVE-2019-11881
+
+
+A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message.
+
+
+- [MauroEldritch/VanCleef](https://github.com/MauroEldritch/VanCleef)
+
### CVE-2019-11931
@@ -916,6 +1306,7 @@ A double free vulnerability in the DDGifSlurp function in decoding.c in the andr
- [fastmo/CVE-2019-11932](https://github.com/fastmo/CVE-2019-11932)
- [mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit](https://github.com/mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit)
- [SmoZy92/CVE-2019-11932](https://github.com/SmoZy92/CVE-2019-11932)
+- [dashtic172/https-github.com-awakened171](https://github.com/dashtic172/https-github.com-awakened171)
### CVE-2019-12086
@@ -933,6 +1324,14 @@ An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Wins
- [bluefrostsecurity/CVE-2019-1215](https://github.com/bluefrostsecurity/CVE-2019-1215)
+### CVE-2019-12169
+
+
+ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a ".." pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component.
+
+
+- [fuzzlove/ATutor-2.2.4-Language-Exploit](https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit)
+
### CVE-2019-12170
@@ -949,6 +1348,14 @@ A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses
- [d0gukank/CVE-2019-1218](https://github.com/d0gukank/CVE-2019-1218)
+### CVE-2019-12180
+
+
+An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy "Load Script" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the "Save Script" function, which is executed automatically when saving a project.
+
+
+- [0x-nope/CVE-2019-12180](https://github.com/0x-nope/CVE-2019-12180)
+
### CVE-2019-12181
@@ -957,6 +1364,14 @@ A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 f
- [guywhataguy/CVE-2019-12181](https://github.com/guywhataguy/CVE-2019-12181)
+### CVE-2019-12185
+
+
+eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.
+
+
+- [fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE](https://github.com/fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE)
+
### CVE-2019-12189
@@ -974,6 +1389,14 @@ XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9
- [tuyenhva/CVE-2019-12190](https://github.com/tuyenhva/CVE-2019-12190)
+### CVE-2019-12252
+
+
+In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail¬ifyTo=SOLFORWARD&id= substring.
+
+
+- [tuyenhva/CVE-2019-12252](https://github.com/tuyenhva/CVE-2019-12252)
+
### CVE-2019-12255
@@ -988,6 +1411,7 @@ Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). Th
In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability.
+- [HACHp1/LuCI_RCE_exp](https://github.com/HACHp1/LuCI_RCE_exp)
- [roguedream/lede-17.01.3](https://github.com/roguedream/lede-17.01.3)
### CVE-2019-12314
@@ -1004,6 +1428,7 @@ Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path travers
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible.
+- [jas502n/CVE-2019-12384](https://github.com/jas502n/CVE-2019-12384)
- [MagicZer0/Jackson_RCE-CVE-2019-12384](https://github.com/MagicZer0/Jackson_RCE-CVE-2019-12384)
### CVE-2019-12409
@@ -1014,6 +1439,38 @@ The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the
- [jas502n/CVE-2019-12409](https://github.com/jas502n/CVE-2019-12409)
+### CVE-2019-12453
+
+
+In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation.
+
+
+- [undefinedmode/CVE-2019-12453](https://github.com/undefinedmode/CVE-2019-12453)
+
+### CVE-2019-12460
+
+
+Web Port 1.19.1 allows XSS via the /access/setup type parameter.
+
+
+- [EmreOvunc/WebPort-v1.19.1-Reflected-XSS](https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS)
+
+### CVE-2019-12475
+
+
+In MicroStrategy Web before 10.4.6, there is stored XSS in metric due to insufficient input validation.
+
+
+- [undefinedmode/CVE-2019-12475](https://github.com/undefinedmode/CVE-2019-12475)
+
+### CVE-2019-12476
+
+
+An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. The attack uses a long sequence of crafted keyboard input.
+
+
+- [0katz/CVE-2019-12476](https://github.com/0katz/CVE-2019-12476)
+
### CVE-2019-1253
@@ -1065,6 +1522,31 @@ Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remo
- [MAYASEVEN/CVE-2019-12562](https://github.com/MAYASEVEN/CVE-2019-12562)
+### CVE-2019-12586
+
+
+The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.
+
+
+- [Matheus-Garbelini/esp32_esp8266_attacks](https://github.com/Matheus-Garbelini/esp32_esp8266_attacks)
+
+### CVE-2019-12594
+
+
+DOSBox 0.74-2 has Incorrect Access Control.
+
+
+- [Alexandre-Bartel/CVE-2019-12594](https://github.com/Alexandre-Bartel/CVE-2019-12594)
+
+### CVE-2019-12735
+
+
+getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
+
+
+- [pcy190/ace-vim-neovim](https://github.com/pcy190/ace-vim-neovim)
+- [oldthree3/CVE-2019-12735-VIM-NEOVIM](https://github.com/oldthree3/CVE-2019-12735-VIM-NEOVIM)
+
### CVE-2019-12750
@@ -1073,6 +1555,9 @@ Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec
- [v-p-b/cve-2019-12750](https://github.com/v-p-b/cve-2019-12750)
+### CVE-2019-12796
+- [PeterUpfold/CVE-2019-12796](https://github.com/PeterUpfold/CVE-2019-12796)
+
### CVE-2019-12815
@@ -1098,6 +1583,14 @@ In Webmin through 1.910, any user authorized to the "Package Updates"
- [bkaraceylan/CVE-2019-12840_POC](https://github.com/bkaraceylan/CVE-2019-12840_POC)
- [KrE80r/webmin_cve-2019-12840_poc](https://github.com/KrE80r/webmin_cve-2019-12840_poc)
+### CVE-2019-12889
+
+
+An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must disconnect the computer from the local network / WAN and connect it to an internet facing access point / network. At that point, the attacker can execute the password-reset functionality, which will expose a web browser. Browsing to a site that calls local Windows system functions (e.g., file upload) will expose the local file system. From there an attacker can launch a privileged command shell.
+
+
+- [nulsect0r/CVE-2019-12889](https://github.com/nulsect0r/CVE-2019-12889)
+
### CVE-2019-12890
@@ -1106,6 +1599,14 @@ RedwoodHQ 2.5.5 does not require any authentication for database operations, whi
- [EthicalHackingCOP/CVE-2019-12890](https://github.com/EthicalHackingCOP/CVE-2019-12890)
+### CVE-2019-12949
+
+
+In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server.
+
+
+- [tarantula-team/CVE-2019-12949](https://github.com/tarantula-team/CVE-2019-12949)
+
### CVE-2019-12999
@@ -1128,6 +1629,7 @@ Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrec
Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).
+- [mhaskar/CVE-2019-13024](https://github.com/mhaskar/CVE-2019-13024)
- [get-get-get-get/Centreon-RCE](https://github.com/get-get-get-get/Centreon-RCE)
### CVE-2019-13025
@@ -1138,6 +1640,14 @@ Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access
- [x1tan/CVE-2019-13025](https://github.com/x1tan/CVE-2019-13025)
+### CVE-2019-13027
+
+
+Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter.
+
+
+- [IckoGZ/CVE-2019-13027](https://github.com/IckoGZ/CVE-2019-13027)
+
### CVE-2019-13051
@@ -1146,6 +1656,14 @@ Pi-Hole 4.3 allows Command Injection.
- [pr0tean/CVE-2019-13051](https://github.com/pr0tean/CVE-2019-13051)
+### CVE-2019-13063
+
+
+Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pull any file from the remote victim application). This can be used to steal and obtain sensitive config and other files. This can result in complete compromise of the application. The script parameter is vulnerable to directory traversal and both local and remote file inclusion.
+
+
+- [0x6b7966/CVE-2019-13063-POC](https://github.com/0x6b7966/CVE-2019-13063-POC)
+
### CVE-2019-13086
@@ -1154,6 +1672,14 @@ core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check S
- [lingchuL/CVE_POC_test](https://github.com/lingchuL/CVE_POC_test)
+### CVE-2019-13101
+
+
+An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
+
+
+- [halencarjunior/dlkploit600](https://github.com/halencarjunior/dlkploit600)
+
### CVE-2019-13115
@@ -1162,6 +1688,14 @@ In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exc
- [CSSProject/libssh2-Exploit](https://github.com/CSSProject/libssh2-Exploit)
+### CVE-2019-13143
+
+
+An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the lock. The user ID, name, and MAC address are trivially obtained from APIs found within the Android or iOS application. With only the MAC address of the lock, any attacker can transfer ownership of the lock from the current user, over to the attacker's account. Thus rendering the lock completely inaccessible to the current user.
+
+
+- [securelayer7/pwnfb50](https://github.com/securelayer7/pwnfb50)
+
### CVE-2019-1315
@@ -1176,9 +1710,29 @@ An elevation of privilege vulnerability exists when Windows Error Reporting mana
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
+- [jas502n/CVE-2019-13272](https://github.com/jas502n/CVE-2019-13272)
+- [Cyc1eC/CVE-2019-13272](https://github.com/Cyc1eC/CVE-2019-13272)
+- [bigbigliang-malwarebenchmark/cve-2019-13272](https://github.com/bigbigliang-malwarebenchmark/cve-2019-13272)
+- [oneoy/CVE-2019-13272](https://github.com/oneoy/CVE-2019-13272)
- [Huandtx/CVE-2019-13272](https://github.com/Huandtx/CVE-2019-13272)
- [polosec/CVE-2019-13272](https://github.com/polosec/CVE-2019-13272)
+### CVE-2019-13361
+
+
+Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network.
+
+
+- [lodi-g/CVE-2019-13361](https://github.com/lodi-g/CVE-2019-13361)
+
+### CVE-2019-13403
+
+
+Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.
+
+
+- [B3Bo1d/CVE-2019-13403](https://github.com/B3Bo1d/CVE-2019-13403)
+
### CVE-2019-13404
@@ -1211,6 +1765,14 @@ One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Secur
- [FurqanKhan1/CVE-2019-13498](https://github.com/FurqanKhan1/CVE-2019-13498)
+### CVE-2019-13504
+
+
+There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.
+
+
+- [hazedic/fuzzenv-exiv2](https://github.com/hazedic/fuzzenv-exiv2)
+
### CVE-2019-13574
@@ -1319,6 +1881,23 @@ In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can
- [Sindadziy/cve-2019-14287](https://github.com/Sindadziy/cve-2019-14287)
- [Sindayifu/CVE-2019-14287-CVE-2014-6271](https://github.com/Sindayifu/CVE-2019-14287-CVE-2014-6271)
- [Unam3dd/sudo-vulnerability-CVE-2019-14287](https://github.com/Unam3dd/sudo-vulnerability-CVE-2019-14287)
+- [CMNatic/Dockerized-CVE-2019-14287](https://github.com/CMNatic/Dockerized-CVE-2019-14287)
+
+### CVE-2019-14314
+
+
+A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php.
+
+
+- [imthoe/CVE-2019-14314](https://github.com/imthoe/CVE-2019-14314)
+
+### CVE-2019-14319
+
+
+The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive information by sniffing network traffic.
+
+
+- [MelroyB/CVE-2019-14319](https://github.com/MelroyB/CVE-2019-14319)
### CVE-2019-14325
- [seqred-s-a/cve-2019-14325](https://github.com/seqred-s-a/cve-2019-14325)
@@ -1331,6 +1910,22 @@ The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 appli
- [0x48piraj/CVE-2019-14339](https://github.com/0x48piraj/CVE-2019-14339)
+### CVE-2019-14439
+
+
+A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.
+
+
+- [jas502n/CVE-2019-14439](https://github.com/jas502n/CVE-2019-14439)
+
+### CVE-2019-14514
+
+
+An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest Android operating system inside the MEmu emulator contains a /system/bin/systemd binary that is run with root privileges on startup (this is unrelated to Red Hat's systemd init program, and is a closed-source proprietary tool that seems to be developed by Microvirt). This program opens TCP port 21509, presumably to receive installation-related commands from the host OS. Because everything after the installer:uninstall command is concatenated directly into a system() call, it is possible to execute arbitrary commands by supplying shell metacharacters.
+
+
+- [seqred-s-a/cve-2019-14514](https://github.com/seqred-s-a/cve-2019-14514)
+
### CVE-2019-14529
@@ -1339,6 +1934,30 @@ OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php.
- [Wezery/CVE-2019-14529](https://github.com/Wezery/CVE-2019-14529)
+### CVE-2019-14530
+
+
+An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server.
+
+
+- [Wezery/CVE-2019-14530](https://github.com/Wezery/CVE-2019-14530)
+
+### CVE-2019-14537
+
+
+YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass.
+
+
+- [Wocanilo/CVE-2019-14537](https://github.com/Wocanilo/CVE-2019-14537)
+
+### CVE-2019-14540
+
+
+A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
+
+
+- [LeadroyaL/cve-2019-14540-exploit](https://github.com/LeadroyaL/cve-2019-14540-exploit)
+
### CVE-2019-1458
@@ -1364,6 +1983,14 @@ In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols
- [xooxo/CVE-2019-14745](https://github.com/xooxo/CVE-2019-14745)
+### CVE-2019-14751
+
+
+NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.
+
+
+- [mssalvatore/CVE-2019-14751_PoC](https://github.com/mssalvatore/CVE-2019-14751_PoC)
+
### CVE-2019-1476
@@ -1405,6 +2032,11 @@ The "HTML Include and replace macro" plugin before 1.5.0 for Confluenc
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
+- [jas502n/CVE-2019-15107](https://github.com/jas502n/CVE-2019-15107)
+- [HACHp1/webmin_docker_and_exp](https://github.com/HACHp1/webmin_docker_and_exp)
+- [ketlerd/CVE-2019-15107](https://github.com/ketlerd/CVE-2019-15107)
+- [AdministratorGithub/CVE-2019-15107](https://github.com/AdministratorGithub/CVE-2019-15107)
+- [taygergix/CVE-2019-15107](https://github.com/taygergix/CVE-2019-15107)
- [Rayferrufino/Make-and-Break](https://github.com/Rayferrufino/Make-and-Break)
- [AleWong/WebminRCE-EXP-CVE-2019-15107-](https://github.com/AleWong/WebminRCE-EXP-CVE-2019-15107-)
- [ianxtianxt/CVE-2019-15107](https://github.com/ianxtianxt/CVE-2019-15107)
@@ -1429,6 +2061,14 @@ An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and
- [hexway/r00kie-kr00kie](https://github.com/hexway/r00kie-kr00kie)
- [akabe1/kr00ker](https://github.com/akabe1/kr00ker)
+### CVE-2019-15224
+
+
+The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected.
+
+
+- [chef-cft/inspec_cve_2019_15224](https://github.com/chef-cft/inspec_cve_2019_15224)
+
### CVE-2019-15233
@@ -1445,6 +2085,30 @@ An exploitable local privilege escalation vulnerability exists in the GalaxyClie
- [adenkiewicz/CVE-2019-15511](https://github.com/adenkiewicz/CVE-2019-15511)
+### CVE-2019-15642
+
+
+rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. NOTE: the Webmin_Servers_Index documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must not be granted to un-trusted Webmin users."
+
+
+- [jas502n/CVE-2019-15642](https://github.com/jas502n/CVE-2019-15642)
+
+### CVE-2019-1579
+
+
+Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.
+
+
+- [securifera/CVE-2019-1579](https://github.com/securifera/CVE-2019-1579)
+
+### CVE-2019-15802
+
+
+An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware.
+
+
+- [jasperla/CVE-2019-15802](https://github.com/jasperla/CVE-2019-15802)
+
### CVE-2019-15846
@@ -1514,6 +2178,14 @@ A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allow
- [ianxtianxt/CVE-2019-16279](https://github.com/ianxtianxt/CVE-2019-16279)
+### CVE-2019-16394
+
+
+SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers.
+
+
+- [SilentVoid13/Silent_CVE_2019_16394](https://github.com/SilentVoid13/Silent_CVE_2019_16394)
+
### CVE-2019-16405
@@ -1522,6 +2194,23 @@ Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 1
- [TheCyberGeek/CVE-2019-16405.rb](https://github.com/TheCyberGeek/CVE-2019-16405.rb)
+### CVE-2019-1652
+
+
+A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability.
+
+
+- [0x27/CiscoRV320Dump](https://github.com/0x27/CiscoRV320Dump)
+
+### CVE-2019-1653
+
+
+A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.
+
+
+- [dubfr33/CVE-2019-1653](https://github.com/dubfr33/CVE-2019-1653)
+- [shaheemirza/CiscoSpill](https://github.com/shaheemirza/CiscoSpill)
+
### CVE-2019-16662
@@ -1664,6 +2353,9 @@ Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution
- [SDNDTeam/CVE-2019-17558_Solr_Vul_Tool](https://github.com/SDNDTeam/CVE-2019-17558_Solr_Vul_Tool)
### CVE-2019-17564
+- [r00t4dm/CVE-2019-17564](https://github.com/r00t4dm/CVE-2019-17564)
+- [Jaky5155/CVE-2019-17564](https://github.com/Jaky5155/CVE-2019-17564)
+- [Hu3sky/CVE-2019-17564](https://github.com/Hu3sky/CVE-2019-17564)
- [Exploit-3389/CVE-2019-17564](https://github.com/Exploit-3389/CVE-2019-17564)
- [Dor-Tumarkin/CVE-2019-17564-FastJson-Gadget](https://github.com/Dor-Tumarkin/CVE-2019-17564-FastJson-Gadget)
- [fairyming/CVE-2019-17564](https://github.com/fairyming/CVE-2019-17564)
@@ -1675,6 +2367,7 @@ An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcRes
- [r00t4dm/CVE-2019-17570](https://github.com/r00t4dm/CVE-2019-17570)
+- [orangecertcc/xmlrpc-common-deserialization](https://github.com/orangecertcc/xmlrpc-common-deserialization)
### CVE-2019-17571
@@ -1716,6 +2409,14 @@ An unquoted service path vulnerability in the FortiClient FortiTray component of
- [Ibonok/CVE-2019-17658](https://github.com/Ibonok/CVE-2019-17658)
+### CVE-2019-1821
+
+
+A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system.
+
+
+- [k8gege/CiscoExploit](https://github.com/k8gege/CiscoExploit)
+
### CVE-2019-18371
@@ -1748,6 +2449,7 @@ In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigg
- [Plazmaz/CVE-2019-18634](https://github.com/Plazmaz/CVE-2019-18634)
- [saleemrashid/sudo-cve-2019-18634](https://github.com/saleemrashid/sudo-cve-2019-18634)
+- [N1et/CVE-2019-18634](https://github.com/N1et/CVE-2019-18634)
- [jeandelboux/CVE-2019-18634](https://github.com/jeandelboux/CVE-2019-18634)
### CVE-2019-18873
@@ -1843,6 +2545,7 @@ NLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitro PDF and
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing.
+- [shadowgatt/CVE-2019-19356](https://github.com/shadowgatt/CVE-2019-19356)
- [qq1515406085/CVE-2019-19356](https://github.com/qq1515406085/CVE-2019-19356)
### CVE-2019-19369
@@ -1859,6 +2562,14 @@ freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE comm
### CVE-2019-19511
- [jra89/CVE-2019-19511](https://github.com/jra89/CVE-2019-19511)
+### CVE-2019-19550
+
+
+Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL.
+
+
+- [underprotection/CVE-2019-19550](https://github.com/underprotection/CVE-2019-19550)
+
### CVE-2019-19576
@@ -1942,6 +2653,7 @@ An issue was discovered in Citrix Application Delivery Controller (ADC) and Gate
- [mekoko/CVE-2019-19781](https://github.com/mekoko/CVE-2019-19781)
- [projectzeroindia/CVE-2019-19781](https://github.com/projectzeroindia/CVE-2019-19781)
- [trustedsec/cve-2019-19781](https://github.com/trustedsec/cve-2019-19781)
+- [cisagov/check-cve-2019-19781](https://github.com/cisagov/check-cve-2019-19781)
- [jas502n/CVE-2019-19781](https://github.com/jas502n/CVE-2019-19781)
- [ianxtianxt/CVE-2019-19781](https://github.com/ianxtianxt/CVE-2019-19781)
- [mpgn/CVE-2019-19781](https://github.com/mpgn/CVE-2019-19781)
@@ -1951,15 +2663,18 @@ An issue was discovered in Citrix Application Delivery Controller (ADC) and Gate
- [bufsnake/CVE-2019-19781](https://github.com/bufsnake/CVE-2019-19781)
- [x1sec/citrixmash_scanner](https://github.com/x1sec/citrixmash_scanner)
- [Jabo-SCO/Shitrix-CVE-2019-19781](https://github.com/Jabo-SCO/Shitrix-CVE-2019-19781)
+- [x1sec/CVE-2019-19781](https://github.com/x1sec/CVE-2019-19781)
- [hollerith/CVE-2019-19781](https://github.com/hollerith/CVE-2019-19781)
- [aqhmal/CVE-2019-19781](https://github.com/aqhmal/CVE-2019-19781)
- [MalwareTech/CitrixHoneypot](https://github.com/MalwareTech/CitrixHoneypot)
- [mekhalleh/citrix_dir_traversal_rce](https://github.com/mekhalleh/citrix_dir_traversal_rce)
+- [zenturacp/cve-2019-19781-web](https://github.com/zenturacp/cve-2019-19781-web)
- [zgelici/CVE-2019-19781-Checker](https://github.com/zgelici/CVE-2019-19781-Checker)
- [digitalshadows/CVE-2019-19781_IOCs](https://github.com/digitalshadows/CVE-2019-19781_IOCs)
- [onSec-fr/CVE-2019-19781-Forensic](https://github.com/onSec-fr/CVE-2019-19781-Forensic)
- [DanielWep/CVE-NetScalerFileSystemCheck](https://github.com/DanielWep/CVE-NetScalerFileSystemCheck)
- [Castaldio86/Detect-CVE-2019-19781](https://github.com/Castaldio86/Detect-CVE-2019-19781)
+- [j81blog/ADC-19781](https://github.com/j81blog/ADC-19781)
- [clm123321/Citrix_CVE-2019-19781](https://github.com/clm123321/Citrix_CVE-2019-19781)
- [b510/CVE-2019-19781](https://github.com/b510/CVE-2019-19781)
- [redscan/CVE-2019-19781](https://github.com/redscan/CVE-2019-19781)
@@ -1970,6 +2685,9 @@ An issue was discovered in Citrix Application Delivery Controller (ADC) and Gate
- [citrix/ioc-scanner-CVE-2019-19781](https://github.com/citrix/ioc-scanner-CVE-2019-19781)
- [x1sec/citrix-honeypot](https://github.com/x1sec/citrix-honeypot)
- [L4r1k/CitrixNetscalerAnalysis](https://github.com/L4r1k/CitrixNetscalerAnalysis)
+- [Azeemering/CVE-2019-19781-DFIR-Notes](https://github.com/Azeemering/CVE-2019-19781-DFIR-Notes)
+- [0xams/citrixvulncheck](https://github.com/0xams/citrixvulncheck)
+- [RaulCalvoLaorden/CVE-2019-19781](https://github.com/RaulCalvoLaorden/CVE-2019-19781)
- [nmanzi/webcvescanner](https://github.com/nmanzi/webcvescanner)
### CVE-2019-19844
@@ -1979,8 +2697,17 @@ Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account tak
- [ryu22e/django_cve_2019_19844_poc](https://github.com/ryu22e/django_cve_2019_19844_poc)
+- [andripwn/django_cve201919844](https://github.com/andripwn/django_cve201919844)
- [0xsha/CVE_2019_19844](https://github.com/0xsha/CVE_2019_19844)
+### CVE-2019-1987
+
+
+In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-118143775.
+
+
+- [marcinguy/android-7-9-png-bug](https://github.com/marcinguy/android-7-9-png-bug)
+
### CVE-2019-19871
- [VDISEC/CVE-2019-19871-AuditGuide](https://github.com/VDISEC/CVE-2019-19871-AuditGuide)
@@ -2000,6 +2727,14 @@ The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows
- [m0rph-1/CVE-2019-19943](https://github.com/m0rph-1/CVE-2019-19943)
+### CVE-2019-20059
+
+
+payment_manage.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir_0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. NOTE: this issue exists because of an incomplete fix for CVE-2019-19732.
+
+
+- [jra89/CVE-2019-20059](https://github.com/jra89/CVE-2019-20059)
+
### CVE-2019-20197
@@ -2017,6 +2752,23 @@ netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote au
- [mhaskar/CVE-2019-20224](https://github.com/mhaskar/CVE-2019-20224)
+### CVE-2019-20326
+
+
+A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.
+
+
+- [Fysac/CVE-2019-20326](https://github.com/Fysac/CVE-2019-20326)
+
+### CVE-2019-2107
+
+
+In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844.
+
+
+- [marcinguy/CVE-2019-2107](https://github.com/marcinguy/CVE-2019-2107)
+- [infiniteLoopers/CVE-2019-2107](https://github.com/infiniteLoopers/CVE-2019-2107)
+
### CVE-2019-2196
@@ -2046,12 +2798,33 @@ A use-after-free in binder.c allows an elevation of privilege from an applicatio
- [LIznzn/CVE-2019-2215](https://github.com/LIznzn/CVE-2019-2215)
- [DimitriFourny/cve-2019-2215](https://github.com/DimitriFourny/cve-2019-2215)
+### CVE-2019-2525
+
+
+Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N).
+
+
+- [Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548](https://github.com/Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548)
+- [wotmd/VirtualBox-6.0.0-Exploit-1-day](https://github.com/wotmd/VirtualBox-6.0.0-Exploit-1-day)
+
+### CVE-2019-2615
+
+
+Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
+
+
+- [chiaifan/CVE-2019-2615](https://github.com/chiaifan/CVE-2019-2615)
+
### CVE-2019-2618
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N).
+- [pyn3rd/CVE-2019-2618](https://github.com/pyn3rd/CVE-2019-2618)
+- [jas502n/cve-2019-2618](https://github.com/jas502n/cve-2019-2618)
+- [wsfengfan/CVE-2019-2618-](https://github.com/wsfengfan/CVE-2019-2618-)
+- [dr0op/WeblogicScan](https://github.com/dr0op/WeblogicScan)
- [he1dan/cve-2019-2618](https://github.com/he1dan/cve-2019-2618)
- [ianxtianxt/cve-2019-2618](https://github.com/ianxtianxt/cve-2019-2618)
- [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner)
@@ -2062,6 +2835,20 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
+- [shack2/javaserializetools](https://github.com/shack2/javaserializetools)
+- [SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961](https://github.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961)
+- [iceMatcha/CNTA-2019-0014xCVE-2019-2725](https://github.com/iceMatcha/CNTA-2019-0014xCVE-2019-2725)
+- [lasensio/cve-2019-2725](https://github.com/lasensio/cve-2019-2725)
+- [davidmthomsen/CVE-2019-2725](https://github.com/davidmthomsen/CVE-2019-2725)
+- [leerina/CVE-2019-2725](https://github.com/leerina/CVE-2019-2725)
+- [zhusx110/cve-2019-2725](https://github.com/zhusx110/cve-2019-2725)
+- [lufeirider/CVE-2019-2725](https://github.com/lufeirider/CVE-2019-2725)
+- [CVCLabs/cve-2019-2725](https://github.com/CVCLabs/cve-2019-2725)
+- [TopScrew/CVE-2019-2725](https://github.com/TopScrew/CVE-2019-2725)
+- [welove88888/CVE-2019-2725](https://github.com/welove88888/CVE-2019-2725)
+- [jiansiting/CVE-2019-2725](https://github.com/jiansiting/CVE-2019-2725)
+- [kerlingcode/CVE-2019-2725](https://github.com/kerlingcode/CVE-2019-2725)
+- [black-mirror/Weblogic](https://github.com/black-mirror/Weblogic)
- [pimps/CVE-2019-2725](https://github.com/pimps/CVE-2019-2725)
- [ianxtianxt/CVE-2019-2725](https://github.com/ianxtianxt/CVE-2019-2725)
- [GEIGEI123/CVE-2019-2725-POC](https://github.com/GEIGEI123/CVE-2019-2725-POC)
@@ -2097,18 +2884,52 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
- [jas502n/CVE-2019-2890](https://github.com/jas502n/CVE-2019-2890)
- [ianxtianxt/CVE-2019-2890](https://github.com/ianxtianxt/CVE-2019-2890)
+### CVE-2019-3394
+
+
+There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under <install-directory>/confluence/WEB-INF directory, which may contain configuration files used for integrating with other services, which could potentially leak credentials or other sensitive information such as LDAP credentials. The LDAP credential will be potentially leaked only if the Confluence server is configured to use LDAP as user repository. All versions of Confluence Server from 6.1.0 before 6.6.16 (the fixed version for 6.6.x), from 6.7.0 before 6.13.7 (the fixed version for 6.13.x), and from 6.14.0 before 6.15.8 (the fixed version for 6.15.x) are affected by this vulnerability.
+
+
+- [jas502n/CVE-2019-3394](https://github.com/jas502n/CVE-2019-3394)
+
### CVE-2019-3396
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
+- [dothanthitiendiettiende/CVE-2019-3396](https://github.com/dothanthitiendiettiende/CVE-2019-3396)
- [x-f1v3/CVE-2019-3396](https://github.com/x-f1v3/CVE-2019-3396)
+- [shadowsock5/CVE-2019-3396](https://github.com/shadowsock5/CVE-2019-3396)
+- [Yt1g3r/CVE-2019-3396_EXP](https://github.com/Yt1g3r/CVE-2019-3396_EXP)
- [jas502n/CVE-2019-3396](https://github.com/jas502n/CVE-2019-3396)
+- [pyn3rd/CVE-2019-3396](https://github.com/pyn3rd/CVE-2019-3396)
+- [s1xg0d/CVE-2019-3396](https://github.com/s1xg0d/CVE-2019-3396)
+- [quanpt103/CVE-2019-3396](https://github.com/quanpt103/CVE-2019-3396)
+- [vntest11/confluence_CVE-2019-3396](https://github.com/vntest11/confluence_CVE-2019-3396)
+- [tanw923/test1](https://github.com/tanw923/test1)
+- [skommando/CVE-2019-3396-confluence-poc](https://github.com/skommando/CVE-2019-3396-confluence-poc)
- [JonathanZhou348/CVE-2019-3396TEST](https://github.com/JonathanZhou348/CVE-2019-3396TEST)
- [am6539/CVE-2019-3396](https://github.com/am6539/CVE-2019-3396)
- [W2Ning/CVE-2019-3396](https://github.com/W2Ning/CVE-2019-3396)
+### CVE-2019-3398
+
+
+Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.
+
+
+- [superevr/cve-2019-3398](https://github.com/superevr/cve-2019-3398)
+
+### CVE-2019-3462
+
+
+Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
+
+
+- [tonejito/check_CVE-2019-3462](https://github.com/tonejito/check_CVE-2019-3462)
+- [atilacastro/update-apt-package](https://github.com/atilacastro/update-apt-package)
+
### CVE-2019-3663
@@ -2117,6 +2938,14 @@ Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defen
- [funoverip/mcafee_atd_CVE-2019-3663](https://github.com/funoverip/mcafee_atd_CVE-2019-3663)
+### CVE-2019-3719
+
+
+Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.
+
+
+- [jiansiting/CVE-2019-3719](https://github.com/jiansiting/CVE-2019-3719)
+
### CVE-2019-3778
@@ -2125,6 +2954,22 @@ Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and
- [BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection](https://github.com/BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection)
+### CVE-2019-3799
+
+
+Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
+
+
+- [mpgn/CVE-2019-3799](https://github.com/mpgn/CVE-2019-3799)
+
+### CVE-2019-3847
+
+
+A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf.
+
+
+- [danielthatcher/moodle-login-csrf](https://github.com/danielthatcher/moodle-login-csrf)
+
### CVE-2019-3929
@@ -2133,6 +2978,9 @@ The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco we
- [xfox64x/CVE-2019-3929](https://github.com/xfox64x/CVE-2019-3929)
+### CVE-2019-48814
+- [wucj001/cve-2019-48814](https://github.com/wucj001/cve-2019-48814)
+
### CVE-2019-5010
@@ -2155,10 +3003,24 @@ An exploitable code execution vulnerability exists in the processing of multi-pa
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
+- [mpgn/CVE-2019-5418](https://github.com/mpgn/CVE-2019-5418)
+- [omarkurt/CVE-2019-5418](https://github.com/omarkurt/CVE-2019-5418)
+- [brompwnie/CVE-2019-5418-Scanner](https://github.com/brompwnie/CVE-2019-5418-Scanner)
- [mpgn/Rails-doubletap-RCE](https://github.com/mpgn/Rails-doubletap-RCE)
+- [takeokunn/CVE-2019-5418](https://github.com/takeokunn/CVE-2019-5418)
+- [Bad3r/RailroadBandit](https://github.com/Bad3r/RailroadBandit)
- [ztgrace/CVE-2019-5418-Rails3](https://github.com/ztgrace/CVE-2019-5418-Rails3)
- [random-robbie/CVE-2019-5418](https://github.com/random-robbie/CVE-2019-5418)
+### CVE-2019-5420
+
+
+A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.
+
+
+- [knqyf263/CVE-2019-5420](https://github.com/knqyf263/CVE-2019-5420)
+- [cved-sources/cve-2019-5420](https://github.com/cved-sources/cve-2019-5420)
+
### CVE-2019-5475
@@ -2175,6 +3037,14 @@ The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13
- [mmxsrup/CVE-2019-5489](https://github.com/mmxsrup/CVE-2019-5489)
+### CVE-2019-5624
+
+
+Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapid7 Metasploit Framework version 4.14.0 and prior versions.
+
+
+- [VoidSec/CVE-2019-5624](https://github.com/VoidSec/CVE-2019-5624)
+
### CVE-2019-5630
@@ -2197,10 +3067,35 @@ NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vu
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
+- [q3k/cve-2019-5736-poc](https://github.com/q3k/cve-2019-5736-poc)
+- [Frichetten/CVE-2019-5736-PoC](https://github.com/Frichetten/CVE-2019-5736-PoC)
+- [jas502n/CVE-2019-5736](https://github.com/jas502n/CVE-2019-5736)
+- [denmilu/CVE-2019-5736](https://github.com/denmilu/CVE-2019-5736)
+- [denmilu/cve-2019-5736-poc](https://github.com/denmilu/cve-2019-5736-poc)
+- [agppp/cve-2019-5736-poc](https://github.com/agppp/cve-2019-5736-poc)
+- [Matthew-Stacks/cve-2019-5736](https://github.com/Matthew-Stacks/cve-2019-5736)
+- [ebdecastro/poc-cve-2019-5736](https://github.com/ebdecastro/poc-cve-2019-5736)
+- [twistlock/RunC-CVE-2019-5736](https://github.com/twistlock/RunC-CVE-2019-5736)
+- [k-onishi/CVE-2019-5736-PoC](https://github.com/k-onishi/CVE-2019-5736-PoC)
+- [k-onishi/CVE-2019-5736-PoC-0](https://github.com/k-onishi/CVE-2019-5736-PoC-0)
+- [zyriuse75/CVE-2019-5736-PoC](https://github.com/zyriuse75/CVE-2019-5736-PoC)
+- [stillan00b/CVE-2019-5736](https://github.com/stillan00b/CVE-2019-5736)
+- [milloni/cve-2019-5736-exp](https://github.com/milloni/cve-2019-5736-exp)
+- [13paulmurith/Docker-Runc-Exploit](https://github.com/13paulmurith/Docker-Runc-Exploit)
+- [RyanNgWH/CVE-2019-5736-POC](https://github.com/RyanNgWH/CVE-2019-5736-POC)
+- [Lee-SungYoung/cve-2019-5736-study](https://github.com/Lee-SungYoung/cve-2019-5736-study)
- [chosam2/cve-2019-5736-poc](https://github.com/chosam2/cve-2019-5736-poc)
- [epsteina16/Docker-Escape-Miner](https://github.com/epsteina16/Docker-Escape-Miner)
- [GiverOfGifts/CVE-2019-5736-Custom-Runtime](https://github.com/GiverOfGifts/CVE-2019-5736-Custom-Runtime)
+### CVE-2019-5786
+
+
+Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
+
+
+- [exodusintel/CVE-2019-5786](https://github.com/exodusintel/CVE-2019-5786)
+
### CVE-2019-5825
@@ -2209,6 +3104,17 @@ Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed
- [timwr/CVE-2019-5825](https://github.com/timwr/CVE-2019-5825)
+### CVE-2019-5893
+
+
+Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter.
+
+
+- [EmreOvunc/OpenSource-ERP-SQL-Injection](https://github.com/EmreOvunc/OpenSource-ERP-SQL-Injection)
+
+### CVE-2019-6203
+- [qingxp9/CVE-2019-6203-PoC](https://github.com/qingxp9/CVE-2019-6203-PoC)
+
### CVE-2019-6207
@@ -2218,6 +3124,24 @@ An out-of-bounds read issue existed that led to the disclosure of kernel memory.
- [dothanthitiendiettiende/CVE-2019-6207](https://github.com/dothanthitiendiettiende/CVE-2019-6207)
- [maldiohead/CVE-2019-6207](https://github.com/maldiohead/CVE-2019-6207)
+### CVE-2019-6225
+
+
+A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges.
+
+
+- [fatgrass/OsirisJailbreak12](https://github.com/fatgrass/OsirisJailbreak12)
+- [TrungNguyen1909/CVE-2019-6225-macOS](https://github.com/TrungNguyen1909/CVE-2019-6225-macOS)
+- [raystyle/jailbreak-iOS12](https://github.com/raystyle/jailbreak-iOS12)
+
+### CVE-2019-6249
+
+
+An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add.
+
+
+- [NMTech0x90/CVE-2019-6249_Hucart-cms](https://github.com/NMTech0x90/CVE-2019-6249_Hucart-cms)
+
### CVE-2019-6260
@@ -2226,6 +3150,14 @@ The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and
- [amboar/cve-2019-6260](https://github.com/amboar/cve-2019-6260)
+### CVE-2019-6263
+
+
+An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS.
+
+
+- [praveensutar/CVE-2019-6263-Joomla-POC](https://github.com/praveensutar/CVE-2019-6263-Joomla-POC)
+
### CVE-2019-6329
@@ -2234,6 +3166,69 @@ HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege a
- [ManhNDd/CVE-2019-6329](https://github.com/ManhNDd/CVE-2019-6329)
+### CVE-2019-6340
+
+
+Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
+
+
+- [g0rx/Drupal-SA-CORE-2019-003](https://github.com/g0rx/Drupal-SA-CORE-2019-003)
+- [knqyf263/CVE-2019-6340](https://github.com/knqyf263/CVE-2019-6340)
+- [DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass](https://github.com/DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass)
+- [oways/CVE-2019-6340](https://github.com/oways/CVE-2019-6340)
+- [cved-sources/cve-2019-6340](https://github.com/cved-sources/cve-2019-6340)
+- [d1vious/cve-2019-6340-bits](https://github.com/d1vious/cve-2019-6340-bits)
+- [jas502n/CVE-2019-6340](https://github.com/jas502n/CVE-2019-6340)
+
+### CVE-2019-6440
+
+
+Zemana AntiMalware before 3.0.658 Beta mishandles update logic.
+
+
+- [hexnone/CVE-2019-6440](https://github.com/hexnone/CVE-2019-6440)
+
+### CVE-2019-6446
+
+
+** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources.
+
+
+- [RayScri/CVE-2019-6446](https://github.com/RayScri/CVE-2019-6446)
+
+### CVE-2019-6447
+
+
+The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
+
+
+- [fs0c131y/ESFileExplorerOpenPortVuln](https://github.com/fs0c131y/ESFileExplorerOpenPortVuln)
+
+### CVE-2019-6453
+
+
+mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable).
+
+
+- [proofofcalc/cve-2019-6453-poc](https://github.com/proofofcalc/cve-2019-6453-poc)
+- [andripwn/mIRC-CVE-2019-6453](https://github.com/andripwn/mIRC-CVE-2019-6453)
+
+### CVE-2019-6467
+
+
+A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.
+
+
+- [knqyf263/CVE-2019-6467](https://github.com/knqyf263/CVE-2019-6467)
+
+### CVE-2019-6487
+
+
+TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field.
+
+
+- [afang5472/TP-Link-WDR-Router-Command-injection_POC](https://github.com/afang5472/TP-Link-WDR-Router-Command-injection_POC)
+
### CVE-2019-6690
@@ -2241,6 +3236,7 @@ python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt
- [stigtsp/CVE-2019-6690-python-gnupg-vulnerability](https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerability)
+- [brianwrf/CVE-2019-6690](https://github.com/brianwrf/CVE-2019-6690)
### CVE-2019-6715
@@ -2250,14 +3246,42 @@ pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remot
- [random-robbie/cve-2019-6715](https://github.com/random-robbie/cve-2019-6715)
+### CVE-2019-7216
+
+
+An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php.
+
+
+- [Ekultek/CVE-2019-7216](https://github.com/Ekultek/CVE-2019-7216)
+
+### CVE-2019-7219
+
+
+Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead.
+
+
+- [verifysecurity/CVE-2019-7219](https://github.com/verifysecurity/CVE-2019-7219)
+
### CVE-2019-7238
Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.
+- [mpgn/CVE-2019-7238](https://github.com/mpgn/CVE-2019-7238)
+- [jas502n/CVE-2019-7238](https://github.com/jas502n/CVE-2019-7238)
+- [verctor/nexus_rce_CVE-2019-7238](https://github.com/verctor/nexus_rce_CVE-2019-7238)
- [magicming200/CVE-2019-7238_Nexus_RCE_Tool](https://github.com/magicming200/CVE-2019-7238_Nexus_RCE_Tool)
+### CVE-2019-7304
+
+
+Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
+
+
+- [initstring/dirty_sock](https://github.com/initstring/dirty_sock)
+- [SecuritySi/CVE-2019-7304_DirtySock](https://github.com/SecuritySi/CVE-2019-7304_DirtySock)
+
### CVE-2019-7482
@@ -2286,6 +3310,30 @@ Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the sec
- [whoami0622/CVE-2019-7610](https://github.com/whoami0622/CVE-2019-7610)
+### CVE-2019-7642
+
+
+D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10).
+
+
+- [xw77cve/CVE-2019-7642](https://github.com/xw77cve/CVE-2019-7642)
+
+### CVE-2019-7839
+
+
+ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
+
+
+- [securifera/CVE-2019-7839](https://github.com/securifera/CVE-2019-7839)
+
+### CVE-2019-8389
+
+
+A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file).
+
+
+- [shawarkhanethicalhacker/CVE-2019-8389](https://github.com/shawarkhanethicalhacker/CVE-2019-8389)
+
### CVE-2019-8446
@@ -2300,6 +3348,7 @@ The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows rem
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
+- [mufeedvh/CVE-2019-8449](https://github.com/mufeedvh/CVE-2019-8449)
- [r0lh/CVE-2019-8449](https://github.com/r0lh/CVE-2019-8449)
### CVE-2019-8451
@@ -2313,6 +3362,38 @@ The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 a
- [jas502n/CVE-2019-8451](https://github.com/jas502n/CVE-2019-8451)
- [h0ffayyy/Jira-CVE-2019-8451](https://github.com/h0ffayyy/Jira-CVE-2019-8451)
+### CVE-2019-8513
+
+
+This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.
+
+
+- [genknife/cve-2019-8513](https://github.com/genknife/cve-2019-8513)
+
+### CVE-2019-8540
+
+
+A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.
+
+
+- [maldiohead/CVE-2019-8540](https://github.com/maldiohead/CVE-2019-8540)
+
+### CVE-2019-8565
+
+
+A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges.
+
+
+- [genknife/cve-2019-8565](https://github.com/genknife/cve-2019-8565)
+
+### CVE-2019-8591
+
+
+A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory.
+
+
+- [jsherman212/used_sock](https://github.com/jsherman212/used_sock)
+
### CVE-2019-8601
@@ -2321,6 +3402,9 @@ Multiple memory corruption issues were addressed with improved memory handling.
- [BadAccess11/CVE-2019-8601](https://github.com/BadAccess11/CVE-2019-8601)
+### CVE-2019-8627
+- [maldiohead/CVE-2019-8627](https://github.com/maldiohead/CVE-2019-8627)
+
### CVE-2019-8781
@@ -2330,6 +3414,23 @@ A memory corruption issue was addressed with improved state management. This iss
- [A2nkF/macOS-Kernel-Exploit](https://github.com/A2nkF/macOS-Kernel-Exploit)
- [TrungNguyen1909/CVE-2019-8781-macOS](https://github.com/TrungNguyen1909/CVE-2019-8781-macOS)
+### CVE-2019-8942
+
+
+WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.
+
+
+- [brianwrf/WordPress_4.9.8_RCE_POC](https://github.com/brianwrf/WordPress_4.9.8_RCE_POC)
+- [synacktiv/CVE-2019-8942](https://github.com/synacktiv/CVE-2019-8942)
+
+### CVE-2019-8956
+
+
+In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
+
+
+- [butterflyhack/CVE-2019-8956](https://github.com/butterflyhack/CVE-2019-8956)
+
### CVE-2019-8978
@@ -2338,6 +3439,14 @@ An improper authentication vulnerability can be exploited through a race conditi
- [JoshuaMulliken/CVE-2019-8978](https://github.com/JoshuaMulliken/CVE-2019-8978)
+### CVE-2019-8997
+
+
+An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.
+
+
+- [nxkennedy/CVE-2019-8997](https://github.com/nxkennedy/CVE-2019-8997)
+
### CVE-2019-9153
@@ -2346,6 +3455,14 @@ Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allo
- [ZenyWay/opgp-service-cve-2019-9153](https://github.com/ZenyWay/opgp-service-cve-2019-9153)
+### CVE-2019-9184
+
+
+SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.
+
+
+- [cved-sources/cve-2019-9184](https://github.com/cved-sources/cve-2019-9184)
+
### CVE-2019-9193
@@ -2354,6 +3471,22 @@ Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allo
- [skyship36/CVE-2019-9193](https://github.com/skyship36/CVE-2019-9193)
+### CVE-2019-9194
+
+
+elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
+
+
+- [cved-sources/cve-2019-9194](https://github.com/cved-sources/cve-2019-9194)
+
+### CVE-2019-9202
+
+
+Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues.
+
+
+- [polict/CVE-2019-9202](https://github.com/polict/CVE-2019-9202)
+
### CVE-2019-9465
@@ -2370,6 +3503,22 @@ The Bluetooth BR/EDR specification up to and including version 5.1 permits suffi
- [francozappa/knob](https://github.com/francozappa/knob)
+### CVE-2019-9580
+
+
+In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, it is possible to bypass the CORS protection mechanism via a "null" origin value, potentially leading to XSS.
+
+
+- [mpgn/CVE-2019-9580](https://github.com/mpgn/CVE-2019-9580)
+
+### CVE-2019-9596
+
+
+Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint.
+
+
+- [gerwout/CVE-2019-9596-and-CVE-2019-9597](https://github.com/gerwout/CVE-2019-9596-and-CVE-2019-9597)
+
### CVE-2019-9599
@@ -2378,6 +3527,55 @@ The AirDroid application through 4.2.1.6 for Android allows remote attackers to
- [s4vitar/AirDroidPwner](https://github.com/s4vitar/AirDroidPwner)
+### CVE-2019-9621
+
+
+Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.
+
+
+- [k8gege/ZimbraExploit](https://github.com/k8gege/ZimbraExploit)
+
+### CVE-2019-9653
+
+
+NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php.
+
+
+- [grayoneday/CVE-2019-9653](https://github.com/grayoneday/CVE-2019-9653)
+
+### CVE-2019-9670
+
+
+mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability.
+
+
+- [rek7/Zimbra-RCE](https://github.com/rek7/Zimbra-RCE)
+- [attackgithub/Zimbra-RCE](https://github.com/attackgithub/Zimbra-RCE)
+
+### CVE-2019-9673
+
+
+Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI.
+
+
+- [mgrube/CVE-2019-9673](https://github.com/mgrube/CVE-2019-9673)
+
+### CVE-2019-9729
+
+
+In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow.
+
+
+- [HyperSine/SdoKeyCrypt-sys-local-privilege-elevation](https://github.com/HyperSine/SdoKeyCrypt-sys-local-privilege-elevation)
+
+### CVE-2019-9730
+
+
+Incorrect access control in the CxUtilSvc component of the Synaptics Sound Device drivers prior to version 2.29 allows a local attacker to increase access privileges to the Windows Registry via an unpublished API.
+
+
+- [jthuraisamy/CVE-2019-9730](https://github.com/jthuraisamy/CVE-2019-9730)
+
### CVE-2019-9745
@@ -2394,14 +3592,43 @@ Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, a
- [moonheadobj/CVE-2019-9766](https://github.com/moonheadobj/CVE-2019-9766)
+### CVE-2019-9787
+
+
+WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.
+
+
+- [rkatogit/cve-2019-9787_csrf_poc](https://github.com/rkatogit/cve-2019-9787_csrf_poc)
+- [PalmTreeForest/CodePath_Week_7-8](https://github.com/PalmTreeForest/CodePath_Week_7-8)
+
### CVE-2019-9810
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
+- [xuechiyaobai/CVE-2019-9810-PoC](https://github.com/xuechiyaobai/CVE-2019-9810-PoC)
- [0vercl0k/CVE-2019-9810](https://github.com/0vercl0k/CVE-2019-9810)
+### CVE-2019-9896
+
+
+In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.
+
+
+- [yasinyilmaz/vuln-chm-hijack](https://github.com/yasinyilmaz/vuln-chm-hijack)
+
+### CVE-2019-9978
+
+
+The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.
+
+
+- [mpgn/CVE-2019-9978](https://github.com/mpgn/CVE-2019-9978)
+- [hash3liZer/CVE-2019-9978](https://github.com/hash3liZer/CVE-2019-9978)
+- [KTN1990/CVE-2019-9978](https://github.com/KTN1990/CVE-2019-9978)
+- [cved-sources/cve-2019-9978](https://github.com/cved-sources/cve-2019-9978)
+
## 2018
### CVE-2018-0101
@@ -2410,7 +3637,6 @@ Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618.
-- [1337g/CVE-2018-0101-DOS-POC](https://github.com/1337g/CVE-2018-0101-DOS-POC)
- [Cymmetria/ciscoasa_honeypot](https://github.com/Cymmetria/ciscoasa_honeypot)
### CVE-2018-0114
@@ -2437,7 +3663,6 @@ A vulnerability in the web interface of the Cisco Adaptive Security Appliance (A
- [milo2012/CVE-2018-0296](https://github.com/milo2012/CVE-2018-0296)
- [yassineaboukir/CVE-2018-0296](https://github.com/yassineaboukir/CVE-2018-0296)
-- [bhenner1/CVE-2018-0296](https://github.com/bhenner1/CVE-2018-0296)
- [irbishop/CVE-2018-0296](https://github.com/irbishop/CVE-2018-0296)
- [qiantu88/CVE-2018-0296](https://github.com/qiantu88/CVE-2018-0296)
@@ -2449,41 +3674,6 @@ Command injection vulnerability in networking of QNAP Q'center Virtual Appliance
- [ntkernel0/CVE-2019-0708](https://github.com/ntkernel0/CVE-2019-0708)
-### CVE-2018-0802
-
-
-Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
-
-
-- [zldww2011/CVE-2018-0802_POC](https://github.com/zldww2011/CVE-2018-0802_POC)
-- [rxwx/CVE-2018-0802](https://github.com/rxwx/CVE-2018-0802)
-- [Ridter/RTF_11882_0802](https://github.com/Ridter/RTF_11882_0802)
-- [denmilu/CVE-2018-0802_CVE-2017-11882](https://github.com/denmilu/CVE-2018-0802_CVE-2017-11882)
-
-### CVE-2018-0824
-
-
-A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
-
-
-- [codewhitesec/UnmarshalPwn](https://github.com/codewhitesec/UnmarshalPwn)
-
-### CVE-2018-0833
-
-
-The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability".
-
-
-- [RealBearcat/CVE-2018-0833](https://github.com/RealBearcat/CVE-2018-0833)
-
-### CVE-2018-0886
-
-
-The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".
-
-
-- [preempt/credssp](https://github.com/preempt/credssp)
-
### CVE-2018-0952
@@ -2492,22 +3682,6 @@ An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Col
- [atredispartners/CVE-2018-0952-SystemCollector](https://github.com/atredispartners/CVE-2018-0952-SystemCollector)
-### CVE-2018-1000001
-
-
-In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
-
-
-- [0x00-0x00/CVE-2018-1000001](https://github.com/0x00-0x00/CVE-2018-1000001)
-
-### CVE-2018-1000006
-
-
-GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16.
-
-
-- [CHYbeta/CVE-2018-1000006-DEMO](https://github.com/CHYbeta/CVE-2018-1000006-DEMO)
-
### CVE-2018-1000030
@@ -2524,14 +3698,6 @@ Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerabili
- [SECFORCE/CVE-2018-1000082-exploit](https://github.com/SECFORCE/CVE-2018-1000082-exploit)
-### CVE-2018-1000117
-
-
-Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
-
-
-- [1337r00t/CVE-2018-1000117-Exploit](https://github.com/1337r00t/CVE-2018-1000117-Exploit)
-
### CVE-2018-1000134
@@ -2549,14 +3715,6 @@ rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerabil
- [s0/rsyslog-librelp-CVE-2018-1000140](https://github.com/s0/rsyslog-librelp-CVE-2018-1000140)
- [s0/rsyslog-librelp-CVE-2018-1000140-fixed](https://github.com/s0/rsyslog-librelp-CVE-2018-1000140-fixed)
-### CVE-2018-1000199
-
-
-The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
-
-
-- [dsfau/CVE-2018-1000199](https://github.com/dsfau/CVE-2018-1000199)
-
### CVE-2018-1000224
@@ -2565,14 +3723,6 @@ Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.
- [zann1x/ITS](https://github.com/zann1x/ITS)
-### CVE-2018-1000529
-
-
-Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8.
-
-
-- [martinfrancois/CVE-2018-1000529](https://github.com/martinfrancois/CVE-2018-1000529)
-
### CVE-2018-1000802
@@ -2601,14 +3751,6 @@ In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect ha
- [bgeesaman/cve-2018-1002105](https://github.com/bgeesaman/cve-2018-1002105)
- [mdnix/cve-2018-1002105](https://github.com/mdnix/cve-2018-1002105)
-### CVE-2018-1010
-
-
-A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016.
-
-
-- [ymgh96/Detecting-the-patch-of-CVE-2018-1010](https://github.com/ymgh96/Detecting-the-patch-of-CVE-2018-1010)
-
### CVE-2018-10118
@@ -2617,25 +3759,6 @@ Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page scree
- [GeunSam2/CVE-2018-10118](https://github.com/GeunSam2/CVE-2018-10118)
-### CVE-2018-1026
-
-
-A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030.
-
-
-- [ymgh96/Detecting-the-CVE-2018-1026-and-its-patch](https://github.com/ymgh96/Detecting-the-CVE-2018-1026-and-its-patch)
-
-### CVE-2018-10299
-
-
-An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two _receivers arguments in conjunction with a large _value argument, as exploited in the wild in April 2018, aka the "batchOverflow" issue.
-
-
-- [phzietsman/batchOverflow](https://github.com/phzietsman/batchOverflow)
-
-### CVE-2018-10467
-- [alt3kx/CVE-2018-10467](https://github.com/alt3kx/CVE-2018-10467)
-
### CVE-2018-10517
@@ -2644,69 +3767,6 @@ In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operatio
- [0x00-0x00/CVE-2018-10517](https://github.com/0x00-0x00/CVE-2018-10517)
-### CVE-2018-10546
-
-
-An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
-
-
-- [dsfau/CVE-2018-10546](https://github.com/dsfau/CVE-2018-10546)
-
-### CVE-2018-1056
-
-
-An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files.
-
-
-- [pollonegro/Gpon-Routers](https://github.com/pollonegro/Gpon-Routers)
-
-### CVE-2018-10561
-
-
-An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
-
-
-- [vhackor/GPON-home-routers-Exploit](https://github.com/vhackor/GPON-home-routers-Exploit)
-
-### CVE-2018-10562
-
-
-An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
-
-
-- [f3d0x0/GPON](https://github.com/f3d0x0/GPON)
-- [649/Pingpon-Exploit](https://github.com/649/Pingpon-Exploit)
-- [Choudai/GPON-LOADER](https://github.com/Choudai/GPON-LOADER)
-- [c0ld1/GPON_RCE](https://github.com/c0ld1/GPON_RCE)
-- [ATpiu/CVE-2018-10562](https://github.com/ATpiu/CVE-2018-10562)
-
-### CVE-2018-10583
-
-
-An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
-
-
-- [TaharAmine/CVE-2018-10583](https://github.com/TaharAmine/CVE-2018-10583)
-
-### CVE-2018-10715
-- [alt3kx/CVE-2018-10715](https://github.com/alt3kx/CVE-2018-10715)
-
-### CVE-2018-10732
-
-
-The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information (i.e., determine if a username is valid) because of profile pictures visibility.
-
-
-- [alt3kx/CVE-2018-10732](https://github.com/alt3kx/CVE-2018-10732)
-
-### CVE-2018-10821
-
-
-Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel.
-
-
-- [BalvinderSingh23/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3](https://github.com/BalvinderSingh23/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3)
-
### CVE-2018-1088
@@ -2774,27 +3834,12 @@ mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch
- [0x00-0x00/CVE-2018-10949](https://github.com/0x00-0x00/CVE-2018-10949)
-### CVE-2018-1111
-
-
-DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
-
-
-- [knqyf263/CVE-2018-1111](https://github.com/knqyf263/CVE-2018-1111)
-- [kkirsche/CVE-2018-1111](https://github.com/kkirsche/CVE-2018-1111)
-
### CVE-2018-11235
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server.
-- [Rogdham/CVE-2018-11235](https://github.com/Rogdham/CVE-2018-11235)
-- [vmotos/CVE-2018-11235](https://github.com/vmotos/CVE-2018-11235)
-- [Choihosu/cve-2018-11235](https://github.com/Choihosu/cve-2018-11235)
-- [CHYbeta/CVE-2018-11235-DEMO](https://github.com/CHYbeta/CVE-2018-11235-DEMO)
-- [Kiss-sh0t/CVE-2018-11235-poc](https://github.com/Kiss-sh0t/CVE-2018-11235-poc)
-- [H0K5/clone_and_pwn](https://github.com/H0K5/clone_and_pwn)
- [knqyf263/CVE-2018-11235](https://github.com/knqyf263/CVE-2018-11235)
- [ygouzerh/CVE-2018-11235](https://github.com/ygouzerh/CVE-2018-11235)
- [qweraqq/CVE-2018-11235-Git-Submodule-CE](https://github.com/qweraqq/CVE-2018-11235-Git-Submodule-CE)
@@ -2804,22 +3849,6 @@ In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before
- [cchang27/CVE-2018-11235-test](https://github.com/cchang27/CVE-2018-11235-test)
- [nthuong95/CVE-2018-11235](https://github.com/nthuong95/CVE-2018-11235)
-### CVE-2018-11236
-
-
-stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
-
-
-- [evilmiracle/CVE-2018-11236](https://github.com/evilmiracle/CVE-2018-11236)
-
-### CVE-2018-11311
-
-
-A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
-
-
-- [EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password](https://github.com/EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password)
-
### CVE-2018-1133
@@ -2829,30 +3858,6 @@ An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question
- [darrynten/MoodleExploit](https://github.com/darrynten/MoodleExploit)
- [M4LV0/MOODLE-3.X-Remote-Code-Execution](https://github.com/M4LV0/MOODLE-3.X-Remote-Code-Execution)
-### CVE-2018-11450
-
-
-A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). If a user visits the login portal through the URL crafted by the attacker, the attacker can insert html/javascript and thus alter/rewrite the login portal page. Siemens PLM Software TEAMCENTER V9.1.3 and newer are not affected.
-
-
-- [LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability](https://github.com/LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability)
-
-### CVE-2018-11510
-
-
-The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
-
-
-- [mefulton/CVE-2018-11510](https://github.com/mefulton/CVE-2018-11510)
-
-### CVE-2018-11517
-
-
-mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010.
-
-
-- [EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure](https://github.com/EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure)
-
### CVE-2018-11564
@@ -2861,14 +3866,6 @@ Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malici
- [GeunSam2/CVE-2018-11564](https://github.com/GeunSam2/CVE-2018-11564)
-### CVE-2018-11631
-
-
-Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic.
-
-
-- [xMagass/bandexploit](https://github.com/xMagass/bandexploit)
-
### CVE-2018-11686
@@ -2997,14 +3994,6 @@ Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products,
- [tafamace/CVE-2018-12418](https://github.com/tafamace/CVE-2018-12418)
-### CVE-2018-12463
-
-
-An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
-
-
-- [alt3kx/CVE-2018-12463](https://github.com/alt3kx/CVE-2018-12463)
-
### CVE-2018-12533
@@ -3045,12 +4034,6 @@ Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.
- [alt3kx/CVE-2018-12596](https://github.com/alt3kx/CVE-2018-12596)
-### CVE-2018-12597
-- [alt3kx/CVE-2018-12597](https://github.com/alt3kx/CVE-2018-12597)
-
-### CVE-2018-12598
-- [alt3kx/CVE-2018-12598](https://github.com/alt3kx/CVE-2018-12598)
-
### CVE-2018-12613
@@ -3067,8 +4050,6 @@ An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker c
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.
-- [CaledoniaProject/CVE-2018-1270](https://github.com/CaledoniaProject/CVE-2018-1270)
-- [genxor/CVE-2018-1270_EXP](https://github.com/genxor/CVE-2018-1270_EXP)
- [tafamace/CVE-2018-1270](https://github.com/tafamace/CVE-2018-1270)
- [Venscor/CVE-2018-1270](https://github.com/Venscor/CVE-2018-1270)
@@ -3078,8 +4059,6 @@ Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 a
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.
-- [knqyf263/CVE-2018-1273](https://github.com/knqyf263/CVE-2018-1273)
-- [wearearima/poc-cve-2018-1273](https://github.com/wearearima/poc-cve-2018-1273)
- [webr0ck/poc-cve-2018-1273](https://github.com/webr0ck/poc-cve-2018-1273)
- [cved-sources/cve-2018-1273](https://github.com/cved-sources/cve-2018-1273)
- [jas502n/cve-2018-1273](https://github.com/jas502n/cve-2018-1273)
@@ -3100,47 +4079,6 @@ In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2,
- [joegallagher4/CVE-2018-1288-](https://github.com/joegallagher4/CVE-2018-1288-)
-### CVE-2018-12895
-
-
-WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.
-
-
-- [bloom-ux/cve-2018-12895-hotfix](https://github.com/bloom-ux/cve-2018-12895-hotfix)
-
-### CVE-2018-12914
-
-
-A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI.
-
-
-- [RealBearcat/CVE-2018-12914](https://github.com/RealBearcat/CVE-2018-12914)
-
-### CVE-2018-1297
-
-
-When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.
-
-
-- [RealBearcat/CVE-2018-1297](https://github.com/RealBearcat/CVE-2018-1297)
-
-### CVE-2018-1304
-
-
-The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.
-
-
-- [knqyf263/CVE-2018-1304](https://github.com/knqyf263/CVE-2018-1304)
-- [thariyarox/tomcat_CVE-2018-1304_testing](https://github.com/thariyarox/tomcat_CVE-2018-1304_testing)
-
-### CVE-2018-1305
-
-
-Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.
-
-
-- [RealBearcat/CVE-2018-1305](https://github.com/RealBearcat/CVE-2018-1305)
-
### CVE-2018-1313
@@ -3165,14 +4103,6 @@ The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-0
- [gluxon/CVE-2018-13257](https://github.com/gluxon/CVE-2018-13257)
-### CVE-2018-1327
-
-
-The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here http://struts.apache.org/plugins/rest/#custom-contenttypehandlers. Another option is to implement a custom XML handler based on the Jackson XML handler from the Apache Struts 2.5.16.
-
-
-- [RealBearcat/S2-056-XStream](https://github.com/RealBearcat/S2-056-XStream)
-
### CVE-2018-13341
@@ -3217,14 +4147,6 @@ An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.
- [shinecome/zip](https://github.com/shinecome/zip)
-### CVE-2018-13784
-
-
-PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.
-
-
-- [ambionics/prestashop-exploits](https://github.com/ambionics/prestashop-exploits)
-
### CVE-2018-13864
@@ -3233,17 +4155,6 @@ A directory traversal vulnerability has been found in the Assets controller in P
- [tafamace/CVE-2018-13864](https://github.com/tafamace/CVE-2018-13864)
-### CVE-2018-14
-- [lckJack/legacySymfony](https://github.com/lckJack/legacySymfony)
-
-### CVE-2018-14083
-
-
-LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash.
-
-
-- [pudding2/CVE-2018-14083](https://github.com/pudding2/CVE-2018-14083)
-
### CVE-2018-14442
@@ -4254,36 +5165,13 @@ In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a
- [us3r777/CVE-2018-20718](https://github.com/us3r777/CVE-2018-20718)
-### CVE-2018-2380
-
-
-SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
-
-
-- [erpscanteam/CVE-2018-2380](https://github.com/erpscanteam/CVE-2018-2380)
-
### CVE-2018-2628
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
-- [forlin/CVE-2018-2628](https://github.com/forlin/CVE-2018-2628)
-- [shengqi158/CVE-2018-2628](https://github.com/shengqi158/CVE-2018-2628)
-- [skydarker/CVE-2018-2628](https://github.com/skydarker/CVE-2018-2628)
-- [jiansiting/weblogic-cve-2018-2628](https://github.com/jiansiting/weblogic-cve-2018-2628)
-- [zjxzjx/CVE-2018-2628-detect](https://github.com/zjxzjx/CVE-2018-2628-detect)
-- [aedoo/CVE-2018-2628-MultiThreading](https://github.com/aedoo/CVE-2018-2628-MultiThreading)
-- [hawk-tiger/CVE-2018-2628](https://github.com/hawk-tiger/CVE-2018-2628)
-- [9uest/CVE-2018-2628](https://github.com/9uest/CVE-2018-2628)
-- [Shadowshusky/CVE-2018-2628all](https://github.com/Shadowshusky/CVE-2018-2628all)
-- [shaoshore/CVE-2018-2628](https://github.com/shaoshore/CVE-2018-2628)
-- [tdy218/ysoserial-cve-2018-2628](https://github.com/tdy218/ysoserial-cve-2018-2628)
-- [s0wr0b1ndef/CVE-2018-2628](https://github.com/s0wr0b1ndef/CVE-2018-2628)
-- [wrysunny/cve-2018-2628](https://github.com/wrysunny/cve-2018-2628)
- [jas502n/CVE-2018-2628](https://github.com/jas502n/CVE-2018-2628)
-- [stevenlinfeng/CVE-2018-2628](https://github.com/stevenlinfeng/CVE-2018-2628)
-- [denmilu/CVE-2018-2628](https://github.com/denmilu/CVE-2018-2628)
- [Nervous/WebLogic-RCE-exploit](https://github.com/Nervous/WebLogic-RCE-exploit)
- [Lighird/CVE-2018-2628](https://github.com/Lighird/CVE-2018-2628)
- [0xMJ/CVE-2018-2628](https://github.com/0xMJ/CVE-2018-2628)
@@ -4295,7 +5183,6 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
-- [erpscanteam/CVE-2018-2636](https://github.com/erpscanteam/CVE-2018-2636)
- [Cymmetria/micros_honeypot](https://github.com/Cymmetria/micros_honeypot)
### CVE-2018-2844
@@ -4312,7 +5199,6 @@ Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (su
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. While the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. Note: Please refer to Doc ID <a href="http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=2386496.1">My Oracle Support Note 2386496.1 for instructions on how to address this issue. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
-- [MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit](https://github.com/MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit)
- [AymanElSherif/oracle-oam-authentication-bypas-exploit](https://github.com/AymanElSherif/oracle-oam-authentication-bypas-exploit)
- [redtimmy/OAMBuster](https://github.com/redtimmy/OAMBuster)
@@ -4322,11 +5208,7 @@ Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
-- [anbai-inc/CVE-2018-2893](https://github.com/anbai-inc/CVE-2018-2893)
-- [ryanInf/CVE-2018-2893](https://github.com/ryanInf/CVE-2018-2893)
-- [bigsizeme/CVE-2018-2893](https://github.com/bigsizeme/CVE-2018-2893)
- [pyn3rd/CVE-2018-2893](https://github.com/pyn3rd/CVE-2018-2893)
-- [qianl0ng/CVE-2018-2893](https://github.com/qianl0ng/CVE-2018-2893)
- [jas502n/CVE-2018-2893](https://github.com/jas502n/CVE-2018-2893)
- [ianxtianxt/CVE-2018-2893](https://github.com/ianxtianxt/CVE-2018-2893)
@@ -4336,8 +5218,6 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
-- [111ddea/cve-2018-2894](https://github.com/111ddea/cve-2018-2894)
-- [LandGrey/CVE-2018-2894](https://github.com/LandGrey/CVE-2018-2894)
- [jas502n/CVE-2018-2894](https://github.com/jas502n/CVE-2018-2894)
### CVE-2018-3191
@@ -4383,22 +5263,12 @@ Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (su
- [ndureiss/e1000_vulnerability_exploit](https://github.com/ndureiss/e1000_vulnerability_exploit)
-### CVE-2018-3608
-
-
-A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes.
-
-
-- [ZhiyuanWang-Chengdu-Qihoo360/Trend_Micro_POC](https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Trend_Micro_POC)
-
### CVE-2018-3639
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
-- [tyhicks/ssbd-tools](https://github.com/tyhicks/ssbd-tools)
-- [malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate](https://github.com/malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate)
- [mmxsrup/CVE-2018-3639](https://github.com/mmxsrup/CVE-2018-3639)
- [Shuiliusheng/CVE-2018-3639-specter-v4-](https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4-)
@@ -4424,7 +5294,6 @@ A privilege escalation detected in flintcms versions <= 1.1.9 allows account
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code.
-- [lucad93/CVE-2018-3810](https://github.com/lucad93/CVE-2018-3810)
- [cved-sources/cve-2018-3810](https://github.com/cved-sources/cve-2018-3810)
### CVE-2018-3811
@@ -4451,16 +5320,6 @@ An issue was discovered in certain Apple products. iOS before 11.2.5 is affected
- [rani-i/bluetoothdPoC](https://github.com/rani-i/bluetoothdPoC)
-- [MTJailed/UnjailMe](https://github.com/MTJailed/UnjailMe)
-- [joedaguy/Exploit11.2](https://github.com/joedaguy/Exploit11.2)
-
-### CVE-2018-4110
-
-
-An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence.
-
-
-- [bencompton/ios11-cookie-set-expire-issue](https://github.com/bencompton/ios11-cookie-set-expire-issue)
### CVE-2018-4121
@@ -4468,8 +5327,6 @@ An issue was discovered in certain Apple products. iOS before 11.3 is affected.
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
-- [FSecureLABS/CVE-2018-4121](https://github.com/FSecureLABS/CVE-2018-4121)
-- [denmilu/CVE-2018-4121](https://github.com/denmilu/CVE-2018-4121)
- [jezzus/CVE-2018-4121](https://github.com/jezzus/CVE-2018-4121)
### CVE-2018-4124
@@ -4480,24 +5337,6 @@ An issue was discovered in certain Apple products. iOS before 11.2.6 is affected
- [ZecOps/TELUGU_CVE-2018-4124_POC](https://github.com/ZecOps/TELUGU_CVE-2018-4124_POC)
-### CVE-2018-4150
-
-
-An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
-
-
-- [Jailbreaks/CVE-2018-4150](https://github.com/Jailbreaks/CVE-2018-4150)
-- [RPwnage/LovelySn0w](https://github.com/RPwnage/LovelySn0w)
-- [littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-](https://github.com/littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-)
-
-### CVE-2018-4185
-
-
-In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.
-
-
-- [bazad/x18-leak](https://github.com/bazad/x18-leak)
-
### CVE-2018-4193
@@ -4506,22 +5345,6 @@ An issue was discovered in certain Apple products. macOS before 10.13.5 is affec
- [Synacktiv-contrib/CVE-2018-4193](https://github.com/Synacktiv-contrib/CVE-2018-4193)
-### CVE-2018-4233
-
-
-An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
-
-
-- [saelo/cve-2018-4233](https://github.com/saelo/cve-2018-4233)
-
-### CVE-2018-4241
-
-
-An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app.
-
-
-- [0neday/multi_path](https://github.com/0neday/multi_path)
-
### CVE-2018-4242
@@ -4530,22 +5353,6 @@ An issue was discovered in certain Apple products. macOS before 10.13.5 is affec
- [yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-](https://github.com/yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-)
-### CVE-2018-4243
-
-
-An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app.
-
-
-- [Jailbreaks/empty_list](https://github.com/Jailbreaks/empty_list)
-
-### CVE-2018-4248
-
-
-An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.
-
-
-- [bazad/xpc-string-leak](https://github.com/bazad/xpc-string-leak)
-
### CVE-2018-4280
@@ -4572,22 +5379,6 @@ In iOS before 11.4, a memory corruption issue exists and was addressed with impr
- [omerporze/toothfairy](https://github.com/omerporze/toothfairy)
-### CVE-2018-4331
-
-
-A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
-
-
-- [bazad/gsscred-race](https://github.com/bazad/gsscred-race)
-
-### CVE-2018-4343
-
-
-A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
-
-
-- [bazad/gsscred-move-uaf](https://github.com/bazad/gsscred-move-uaf)
-
### CVE-2018-4407
@@ -4647,43 +5438,11 @@ A memory corruption issue was addressed with improved memory handling. This issu
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
-- [ydl555/CVE-2018-4878-](https://github.com/ydl555/CVE-2018-4878-)
-- [mdsecactivebreach/CVE-2018-4878](https://github.com/mdsecactivebreach/CVE-2018-4878)
-- [hybridious/CVE-2018-4878](https://github.com/hybridious/CVE-2018-4878)
-- [vysecurity/CVE-2018-4878](https://github.com/vysecurity/CVE-2018-4878)
-- [anbai-inc/CVE-2018-4878](https://github.com/anbai-inc/CVE-2018-4878)
-- [Sch01ar/CVE-2018-4878](https://github.com/Sch01ar/CVE-2018-4878)
- [SyFi/CVE-2018-4878](https://github.com/SyFi/CVE-2018-4878)
-- [ydl555/CVE-2018-4878](https://github.com/ydl555/CVE-2018-4878)
- [B0fH/CVE-2018-4878](https://github.com/B0fH/CVE-2018-4878)
- [Yable/CVE-2018-4878](https://github.com/Yable/CVE-2018-4878)
- [HuanWoWeiLan/SoftwareSystemSecurity-2019](https://github.com/HuanWoWeiLan/SoftwareSystemSecurity-2019)
-### CVE-2018-4901
-
-
-An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the document identity representation. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
-
-
-- [bigric3/CVE-2018-4901](https://github.com/bigric3/CVE-2018-4901)
-
-### CVE-2018-5234
-
-
-The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software.
-
-
-- [embedi/ble_norton_core](https://github.com/embedi/ble_norton_core)
-
-### CVE-2018-5711
-
-
-gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.
-
-
-- [huzhenghui/Test-7-2-0-PHP-CVE-2018-5711](https://github.com/huzhenghui/Test-7-2-0-PHP-CVE-2018-5711)
-- [huzhenghui/Test-7-2-1-PHP-CVE-2018-5711](https://github.com/huzhenghui/Test-7-2-1-PHP-CVE-2018-5711)
-
### CVE-2018-5724
@@ -4700,22 +5459,6 @@ Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potenti
- [ezelf/seatel_terminals](https://github.com/ezelf/seatel_terminals)
-### CVE-2018-5740
-
-
-"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
-
-
-- [sischkg/cve-2018-5740](https://github.com/sischkg/cve-2018-5740)
-
-### CVE-2018-5951
-
-
-An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.
-
-
-- [Nat-Lab/CVE-2018-5951](https://github.com/Nat-Lab/CVE-2018-5951)
-
### CVE-2018-5955
@@ -4732,96 +5475,28 @@ Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer over
- [DavidBuchanan314/NXLoader](https://github.com/DavidBuchanan314/NXLoader)
-- [reswitched/rcm-modchips](https://github.com/reswitched/rcm-modchips)
- [switchjs/fusho](https://github.com/switchjs/fusho)
-### CVE-2018-6376
-
-
-In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.
-
-
-- [knqyf263/CVE-2018-6376](https://github.com/knqyf263/CVE-2018-6376)
-
### CVE-2018-6389
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
-- [yolabingo/wordpress-fix-cve-2018-6389](https://github.com/yolabingo/wordpress-fix-cve-2018-6389)
-- [WazeHell/CVE-2018-6389](https://github.com/WazeHell/CVE-2018-6389)
-- [rastating/modsecurity-cve-2018-6389](https://github.com/rastating/modsecurity-cve-2018-6389)
-- [knqyf263/CVE-2018-6389](https://github.com/knqyf263/CVE-2018-6389)
-- [JulienGadanho/cve-2018-6389-php-patcher](https://github.com/JulienGadanho/cve-2018-6389-php-patcher)
-- [dsfau/wordpress-CVE-2018-6389](https://github.com/dsfau/wordpress-CVE-2018-6389)
-- [Jetserver/CVE-2018-6389-FIX](https://github.com/Jetserver/CVE-2018-6389-FIX)
-- [thechrono13/PoC---CVE-2018-6389](https://github.com/thechrono13/PoC---CVE-2018-6389)
-- [BlackRouter/cve-2018-6389](https://github.com/BlackRouter/cve-2018-6389)
- [alessiogilardi/PoC---CVE-2018-6389](https://github.com/alessiogilardi/PoC---CVE-2018-6389)
-- [JavierOlmedo/wordpress-cve-2018-6389](https://github.com/JavierOlmedo/wordpress-cve-2018-6389)
-- [m3ssap0/wordpress_cve-2018-6389](https://github.com/m3ssap0/wordpress_cve-2018-6389)
- [s0md3v/Shiva](https://github.com/s0md3v/Shiva)
-- [mudhappy/Wordpress-Hack-CVE-2018-6389](https://github.com/mudhappy/Wordpress-Hack-CVE-2018-6389)
-- [armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389](https://github.com/armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389)
- [ItinerisLtd/trellis-cve-2018-6389](https://github.com/ItinerisLtd/trellis-cve-2018-6389)
- [Zazzzles/Wordpress-DOS](https://github.com/Zazzzles/Wordpress-DOS)
- [fakedob/tvsz](https://github.com/fakedob/tvsz)
- [heisenberg-official/Wordpress-DOS-Attack-CVE-2018-6389](https://github.com/heisenberg-official/Wordpress-DOS-Attack-CVE-2018-6389)
- [ianxtianxt/CVE-2018-6389](https://github.com/ianxtianxt/CVE-2018-6389)
-### CVE-2018-6396
-
-
-SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.
-
-
-- [JavierOlmedo/joomla-cve-2018-6396](https://github.com/JavierOlmedo/joomla-cve-2018-6396)
-
-### CVE-2018-6407
-
-
-An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device.
-
-
-- [dreadlocked/ConceptronicIPCam_MultipleVulnerabilities](https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities)
-
-### CVE-2018-6479
-
-
-An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI.
-
-
-- [dreadlocked/netwave-dosvulnerability](https://github.com/dreadlocked/netwave-dosvulnerability)
-
-### CVE-2018-6518
-
-
-Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php.
-
-
-- [faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS](https://github.com/faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS)
-
-### CVE-2018-6546
-
-
-plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user.
-
-
-- [securifera/CVE-2018-6546-Exploit](https://github.com/securifera/CVE-2018-6546-Exploit)
-- [YanZiShuang/CVE-2018-6546](https://github.com/YanZiShuang/CVE-2018-6546)
-
### CVE-2018-6574
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
-- [acole76/cve-2018-6574](https://github.com/acole76/cve-2018-6574)
-- [neargle/CVE-2018-6574-POC](https://github.com/neargle/CVE-2018-6574-POC)
-- [willbo4r/go-get-rce](https://github.com/willbo4r/go-get-rce)
-- [ahmetmanga/go-get-rce](https://github.com/ahmetmanga/go-get-rce)
-- [ahmetmanga/cve-2018-6574](https://github.com/ahmetmanga/cve-2018-6574)
- [michiiii/go-get-exploit](https://github.com/michiiii/go-get-exploit)
- [kenprice/cve-2018-6574](https://github.com/kenprice/cve-2018-6574)
- [redirected/cve-2018-6574](https://github.com/redirected/cve-2018-6574)
@@ -4870,44 +5545,10 @@ Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
-- [c0llision/exim-vuln-poc](https://github.com/c0llision/exim-vuln-poc)
- [beraphin/CVE-2018-6789](https://github.com/beraphin/CVE-2018-6789)
- [synacktiv/Exim-CVE-2018-6789](https://github.com/synacktiv/Exim-CVE-2018-6789)
- [martinclauss/exim-rce-cve-2018-6789](https://github.com/martinclauss/exim-rce-cve-2018-6789)
-### CVE-2018-6791
-
-
-An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder.
-
-
-- [rarar0/KDE_Vuln](https://github.com/rarar0/KDE_Vuln)
-
-### CVE-2018-6890
-
-
-Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3.
-
-
-- [pradeepjairamani/WolfCMS-XSS-POC](https://github.com/pradeepjairamani/WolfCMS-XSS-POC)
-
-### CVE-2018-6892
-
-
-An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
-
-
-- [manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass](https://github.com/manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass)
-- [manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass](https://github.com/manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass)
-
-### CVE-2018-6905
-
-
-The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process.
-
-
-- [pradeepjairamani/TYPO3-XSS-POC](https://github.com/pradeepjairamani/TYPO3-XSS-POC)
-
### CVE-2018-6961
@@ -4925,46 +5566,6 @@ VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650
- [heaphopopotamus/vmxnet3Hunter](https://github.com/heaphopopotamus/vmxnet3Hunter)
-### CVE-2018-7171
-
-
-Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all.
-
-
-- [mechanico/sharingIsCaring](https://github.com/mechanico/sharingIsCaring)
-
-### CVE-2018-7197
-
-
-An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL.
-
-
-- [Alyssa-o-Herrera/CVE-2018-7197](https://github.com/Alyssa-o-Herrera/CVE-2018-7197)
-
-### CVE-2018-7211
-
-
-An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak obfuscation library, allowing man-in-the-middle attackers to discover credentials.
-
-
-- [c3r34lk1ll3r/CVE-2018-7211-PoC](https://github.com/c3r34lk1ll3r/CVE-2018-7211-PoC)
-
-### CVE-2018-7249
-
-
-An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel.
-
-
-- [Elvin9/NotSecDrv](https://github.com/Elvin9/NotSecDrv)
-
-### CVE-2018-7250
-
-
-An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of uninitialized kernel PagedPool data.
-
-
-- [Elvin9/SecDrvPoolLeak](https://github.com/Elvin9/SecDrvPoolLeak)
-
### CVE-2018-7284
@@ -4995,25 +5596,9 @@ FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x befor
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
-- [g0rx/CVE-2018-7600-Drupal-RCE](https://github.com/g0rx/CVE-2018-7600-Drupal-RCE)
- [a2u/CVE-2018-7600](https://github.com/a2u/CVE-2018-7600)
- [dreadlocked/Drupalgeddon2](https://github.com/dreadlocked/Drupalgeddon2)
- [knqyf263/CVE-2018-7600](https://github.com/knqyf263/CVE-2018-7600)
-- [dr-iman/CVE-2018-7600-Drupal-0day-RCE](https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE)
-- [jirojo2/drupalgeddon2](https://github.com/jirojo2/drupalgeddon2)
-- [dwisiswant0/CVE-2018-7600](https://github.com/dwisiswant0/CVE-2018-7600)
-- [thehappydinoa/CVE-2018-7600](https://github.com/thehappydinoa/CVE-2018-7600)
-- [sl4cky/CVE-2018-7600](https://github.com/sl4cky/CVE-2018-7600)
-- [sl4cky/CVE-2018-7600-Masschecker](https://github.com/sl4cky/CVE-2018-7600-Masschecker)
-- [FireFart/CVE-2018-7600](https://github.com/FireFart/CVE-2018-7600)
-- [pimps/CVE-2018-7600](https://github.com/pimps/CVE-2018-7600)
-- [lorddemon/drupalgeddon2](https://github.com/lorddemon/drupalgeddon2)
-- [Sch01ar/CVE-2018-7600](https://github.com/Sch01ar/CVE-2018-7600)
-- [Hestat/drupal-check](https://github.com/Hestat/drupal-check)
-- [fyraiga/CVE-2018-7600-drupalgeddon2-scanner](https://github.com/fyraiga/CVE-2018-7600-drupalgeddon2-scanner)
-- [Damian972/drupalgeddon-2](https://github.com/Damian972/drupalgeddon-2)
-- [Jyozi/CVE-2018-7600](https://github.com/Jyozi/CVE-2018-7600)
-- [happynote3966/CVE-2018-7600](https://github.com/happynote3966/CVE-2018-7600)
- [shellord/CVE-2018-7600-Drupal-RCE](https://github.com/shellord/CVE-2018-7600-Drupal-RCE)
- [r3dxpl0it/CVE-2018-7600](https://github.com/r3dxpl0it/CVE-2018-7600)
- [cved-sources/cve-2018-7600](https://github.com/cved-sources/cve-2018-7600)
@@ -5027,8 +5612,6 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.
-- [1337g/Drupalgedon3](https://github.com/1337g/Drupalgedon3)
-- [happynote3966/CVE-2018-7602](https://github.com/happynote3966/CVE-2018-7602)
- [kastellanos/CVE-2018-7602](https://github.com/kastellanos/CVE-2018-7602)
### CVE-2018-7690
@@ -5047,14 +5630,6 @@ A potential Remote Unauthorized Access in Micro Focus Fortify Software Security
- [alt3kx/CVE-2018-7691](https://github.com/alt3kx/CVE-2018-7691)
-### CVE-2018-7747
-
-
-Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form.
-
-
-- [mindpr00f/CVE-2018-7747](https://github.com/mindpr00f/CVE-2018-7747)
-
### CVE-2018-7750
@@ -5098,14 +5673,6 @@ In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL
- [luckybool1020/CVE-2018-8045](https://github.com/luckybool1020/CVE-2018-8045)
-### CVE-2018-8060
-
-
-HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. This affects IOCTLs higher than 0x85FE2600 with the HWiNFO32 symbolic device name.
-
-
-- [otavioarj/SIOCtl](https://github.com/otavioarj/SIOCtl)
-
### CVE-2018-8065
@@ -5114,30 +5681,6 @@ An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6
- [EgeBalci/CVE-2018-8065](https://github.com/EgeBalci/CVE-2018-8065)
-### CVE-2018-8078
-
-
-YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html.
-
-
-- [AlwaysHereFight/YZMCMSxss](https://github.com/AlwaysHereFight/YZMCMSxss)
-
-### CVE-2018-8090
-
-
-Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading.
-
-
-- [kernelm0de/CVE-2018-8090](https://github.com/kernelm0de/CVE-2018-8090)
-
-### CVE-2018-8108
-
-
-The select component in bui through 2018-03-13 has XSS because it performs an escape operation on already-escaped text, as demonstrated by workGroupList text.
-
-
-- [zlgxzswjy/BUI-select-xss](https://github.com/zlgxzswjy/BUI-select-xss)
-
### CVE-2018-8115
@@ -5152,54 +5695,18 @@ A remote code execution vulnerability exists when the Windows Host Compute Servi
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166.
-- [bigric3/cve-2018-8120](https://github.com/bigric3/cve-2018-8120)
-- [unamer/CVE-2018-8120](https://github.com/unamer/CVE-2018-8120)
-- [ne1llee/cve-2018-8120](https://github.com/ne1llee/cve-2018-8120)
-- [alpha1ab/CVE-2018-8120](https://github.com/alpha1ab/CVE-2018-8120)
-- [areuu/CVE-2018-8120](https://github.com/areuu/CVE-2018-8120)
-- [EVOL4/CVE-2018-8120](https://github.com/EVOL4/CVE-2018-8120)
-- [ozkanbilge/CVE-2018-8120](https://github.com/ozkanbilge/CVE-2018-8120)
- [qiantu88/CVE-2018-8120](https://github.com/qiantu88/CVE-2018-8120)
- [Y0n0Y/cve-2018-8120-exp](https://github.com/Y0n0Y/cve-2018-8120-exp)
-### CVE-2018-8172
-
-
-A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.
-
-
-- [SyFi/CVE-2018-8172](https://github.com/SyFi/CVE-2018-8172)
-
### CVE-2018-8174
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
-- [0x09AL/CVE-2018-8174-msf](https://github.com/0x09AL/CVE-2018-8174-msf)
-- [Yt1g3r/CVE-2018-8174_EXP](https://github.com/Yt1g3r/CVE-2018-8174_EXP)
-- [SyFi/CVE-2018-8174](https://github.com/SyFi/CVE-2018-8174)
-- [orf53975/Rig-Exploit-for-CVE-2018-8174](https://github.com/orf53975/Rig-Exploit-for-CVE-2018-8174)
-- [piotrflorczyk/cve-2018-8174_analysis](https://github.com/piotrflorczyk/cve-2018-8174_analysis)
- [denmilu/CVE-2018-8174-msf](https://github.com/denmilu/CVE-2018-8174-msf)
- [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit)
-### CVE-2018-8208
-
-
-An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214.
-
-
-- [kaisaryousuf/CVE-2018-8208](https://github.com/kaisaryousuf/CVE-2018-8208)
-
-### CVE-2018-8214
-
-
-An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208.
-
-
-- [guwudoor/CVE-2018-8214](https://github.com/guwudoor/CVE-2018-8214)
-
### CVE-2018-8284
@@ -5293,22 +5800,6 @@ Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Je
- [GeunSam2/CVE-2018-8718](https://github.com/GeunSam2/CVE-2018-8718)
-### CVE-2018-8733
-
-
-Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability.
-
-
-- [xfer0/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed](https://github.com/xfer0/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed)
-
-### CVE-2018-8820
-
-
-An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials.
-
-
-- [hateshape/frevvomapexec](https://github.com/hateshape/frevvomapexec)
-
### CVE-2018-8823
@@ -5317,25 +5808,6 @@ modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vert
- [b3rksecurity/CVE-2018-8823](https://github.com/b3rksecurity/CVE-2018-8823)
-### CVE-2018-8897
-
-
-A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.
-
-
-- [nmulasmajic/CVE-2018-8897](https://github.com/nmulasmajic/CVE-2018-8897)
-- [jiazhang0/pop-mov-ss-exploit](https://github.com/jiazhang0/pop-mov-ss-exploit)
-- [can1357/CVE-2018-8897](https://github.com/can1357/CVE-2018-8897)
-- [nmulasmajic/syscall_exploit_CVE-2018-8897](https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897)
-
-### CVE-2018-8941
-
-
-Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi.
-
-
-- [SECFORCE/CVE-2018-8941](https://github.com/SECFORCE/CVE-2018-8941)
-
### CVE-2018-8943
@@ -5344,22 +5816,6 @@ There is a SQL injection in the PHPSHE 1.6 userbank parameter.
- [coolboy0816/CVE-2018-8943](https://github.com/coolboy0816/CVE-2018-8943)
-### CVE-2018-8970
-
-
-The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not.
-
-
-- [tiran/CVE-2018-8970](https://github.com/tiran/CVE-2018-8970)
-
-### CVE-2018-9059
-
-
-Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791.
-
-
-- [manojcode/easy-file-share-7.2-exploit-CVE-2018-9059](https://github.com/manojcode/easy-file-share-7.2-exploit-CVE-2018-9059)
-
### CVE-2018-9075
@@ -5368,14 +5824,6 @@ For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlie
- [beverlymiller818/cve-2018-9075](https://github.com/beverlymiller818/cve-2018-9075)
-### CVE-2018-9160
-
-
-SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.
-
-
-- [mechanico/sickrageWTF](https://github.com/mechanico/sickrageWTF)
-
### CVE-2018-9206
@@ -5463,14 +5911,6 @@ This vulnerability allows remote attackers to execute arbitrary code on vulnerab
- [sharmasandeepkr/cve-2018-9951](https://github.com/sharmasandeepkr/cve-2018-9951)
-### CVE-2018-9958
-
-
-This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620.
-
-
-- [t3rabyt3/CVE-2018-9958--Exploit](https://github.com/t3rabyt3/CVE-2018-9958--Exploit)
-
### CVE-2018-9995
@@ -5478,10 +5918,6 @@ TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in
- [ezelf/CVE-2018-9995_dvr_credentials](https://github.com/ezelf/CVE-2018-9995_dvr_credentials)
-- [zzh217/CVE-2018-9995_Batch_scanning_exp](https://github.com/zzh217/CVE-2018-9995_Batch_scanning_exp)
-- [Huangkey/CVE-2018-9995_check](https://github.com/Huangkey/CVE-2018-9995_check)
-- [gwolfs/CVE-2018-9995-ModifiedByGwolfs](https://github.com/gwolfs/CVE-2018-9995-ModifiedByGwolfs)
-- [shacojx/cve-2018-9995](https://github.com/shacojx/cve-2018-9995)
- [Cyb0r9/DVR-Exploiter](https://github.com/Cyb0r9/DVR-Exploiter)
- [codeholic2k18/CVE-2018-9995](https://github.com/codeholic2k18/CVE-2018-9995)
- [TateYdq/CVE-2018-9995-ModifiedByGwolfs](https://github.com/TateYdq/CVE-2018-9995-ModifiedByGwolfs)
@@ -11475,14 +11911,6 @@ Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 allow remote a
## 2003
-### CVE-2003-0222
-
-
-Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.
-
-
-- [phamthanhsang280477/CVE-2003-0222](https://github.com/phamthanhsang280477/CVE-2003-0222)
-
### CVE-2003-0264
@@ -11492,7 +11920,6 @@ Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execut
- [adenkiewicz/CVE-2003-0264](https://github.com/adenkiewicz/CVE-2003-0264)
- [fyoderxx/slmail-exploit](https://github.com/fyoderxx/slmail-exploit)
- [war4uthor/CVE-2003-0264](https://github.com/war4uthor/CVE-2003-0264)
-- [pwncone/CVE-2003-0264-SLmail-5.5](https://github.com/pwncone/CVE-2003-0264-SLmail-5.5)
## 2002