mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2025/01/08 12:33:47

Browse source
This commit is contained in:
motikan2010-bot 2025-01-08 21:33:47 +09:00
parent 1b219b7c29
commit 58b98ff416
40 changed files with 516 additions and 120 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2014/CVE-2014-3153.json
View file

@ -239,7 +239,7 @@
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 3,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -252,7 +252,7 @@
"towelroot"
],
"visibility": "public",
"forks": 3,
"forks": 2,
"watchers": 11,
"score": 0,
"subscribers_count": 2

31
2015/CVE-2015-9251.json
View file

@ -60,5 +60,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 913764460,
"name": "CVE-2015-9251",
"full_name": "hackgiver\/CVE-2015-9251",
"owner": {
"login": "hackgiver",
"id": 142176983,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142176983?v=4",
"html_url": "https:\/\/github.com\/hackgiver",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/hackgiver\/CVE-2015-9251",
"description": "This repository contains a Proof of Concept (PoC) for CVE-2015-9251, a vulnerability in jQuery versions prior to 3.0.0 that allows attackers to perform Cross-Site Scripting (XSS) attacks under certain conditions.",
"fork": false,
"created_at": "2025-01-08T10:03:02Z",
"updated_at": "2025-01-08T10:19:33Z",
"pushed_at": "2025-01-08T10:19:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2016/CVE-2016-1287.json
View file

@ -45,10 +45,10 @@
"description": "Verification tools for CVE-2016-1287",
"fork": false,
"created_at": "2016-09-08T19:43:18Z",
"updated_at": "2023-11-17T06:44:26Z",
"updated_at": "2025-01-08T08:02:02Z",
"pushed_at": "2017-03-15T20:25:40Z",
"stargazers_count": 32,
"watchers_count": 32,
"stargazers_count": 33,
"watchers_count": 33,
"has_discussions": false,
"forks_count": 19,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 32,
"watchers": 33,
"score": 0,
"subscribers_count": 51
}

8
2017/CVE-2017-11882.json
View file

@ -76,10 +76,10 @@
"description": "CVE-2017-11882 from https:\/\/github.com\/embedi\/CVE-2017-11882",
"fork": false,
"created_at": "2017-11-21T05:55:53Z",
"updated_at": "2025-01-04T08:49:03Z",
"updated_at": "2025-01-08T07:33:05Z",
"pushed_at": "2017-11-29T03:33:53Z",
"stargazers_count": 540,
"watchers_count": 540,
"stargazers_count": 541,
"watchers_count": 541,
"has_discussions": false,
"forks_count": 252,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 252,
"watchers": 540,
"watchers": 541,
"score": 0,
"subscribers_count": 28
},

8
2018/CVE-2018-19320.json
View file

@ -76,10 +76,10 @@
"description": "Unsigned driver loader using CVE-2018-19320",
"fork": false,
"created_at": "2022-11-12T05:48:13Z",
"updated_at": "2025-01-07T03:46:57Z",
"updated_at": "2025-01-08T09:25:21Z",
"pushed_at": "2023-04-09T13:50:29Z",
"stargazers_count": 219,
"watchers_count": 219,
"stargazers_count": 220,
"watchers_count": 220,
"has_discussions": false,
"forks_count": 58,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 58,
"watchers": 219,
"watchers": 220,
"score": 0,
"subscribers_count": 10
}

8
2019/CVE-2019-19030.json
View file

@ -14,10 +14,10 @@
"description": "Exploit for CVE-2019-19030 that affects Harbor versions <1.10.3 and <2.0.1. Can also be used to enumerate and pull public projects from higher versions.",
"fork": false,
"created_at": "2024-06-12T11:46:57Z",
"updated_at": "2024-08-29T11:44:02Z",
"updated_at": "2025-01-08T06:36:09Z",
"pushed_at": "2024-08-29T11:43:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

12
2019/CVE-2019-2215.json
View file

@ -81,13 +81,13 @@
"stargazers_count": 111,
"watchers_count": 111,
"has_discussions": false,
"forks_count": 48,
"forks_count": 49,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 48,
"forks": 49,
"watchers": 111,
"score": 0,
"subscribers_count": 9
@ -233,10 +233,10 @@
"description": "Triggering and Analyzing Android Kernel Vulnerability CVE-2019-2215",
"fork": false,
"created_at": "2020-06-07T15:03:07Z",
"updated_at": "2024-12-04T12:15:00Z",
"updated_at": "2025-01-08T09:10:38Z",
"pushed_at": "2022-09-04T14:16:50Z",
"stargazers_count": 58,
"watchers_count": 58,
"stargazers_count": 59,
"watchers_count": 59,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -250,7 +250,7 @@
],
"visibility": "public",
"forks": 17,
"watchers": 58,
"watchers": 59,
"score": 0,
"subscribers_count": 3
},

8
2020/CVE-2020-0796.json
View file

@ -1398,10 +1398,10 @@
"description": "CVE-2020-0796 Remote Code Execution POC",
"fork": false,
"created_at": "2020-04-20T14:35:48Z",
"updated_at": "2024-12-30T21:29:49Z",
"updated_at": "2025-01-08T06:51:43Z",
"pushed_at": "2020-06-09T20:46:45Z",
"stargazers_count": 541,
"watchers_count": 541,
"stargazers_count": 542,
"watchers_count": 542,
"has_discussions": false,
"forks_count": 171,
"allow_forking": true,
@ -1416,7 +1416,7 @@
],
"visibility": "public",
"forks": 171,
"watchers": 541,
"watchers": 542,
"score": 0,
"subscribers_count": 25
},

8
2020/CVE-2020-15368.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2020-15368, aka \"How to exploit a vulnerable driver\"",
"fork": false,
"created_at": "2021-06-29T04:38:24Z",
"updated_at": "2025-01-08T02:41:48Z",
"updated_at": "2025-01-08T10:50:56Z",
"pushed_at": "2022-04-14T03:17:44Z",
"stargazers_count": 448,
"watchers_count": 448,
"stargazers_count": 449,
"watchers_count": 449,
"has_discussions": false,
"forks_count": 46,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 46,
"watchers": 448,
"watchers": 449,
"score": 0,
"subscribers_count": 6
},

2
2021/CVE-2021-37580.json
View file

@ -45,7 +45,7 @@
"description": "CVE-2021-37580的poc",
"fork": false,
"created_at": "2021-11-17T13:26:46Z",
"updated_at": "2024-08-12T20:18:10Z",
"updated_at": "2025-01-08T11:25:54Z",
"pushed_at": "2023-06-18T01:19:09Z",
"stargazers_count": 37,
"watchers_count": 37,

18
2021/CVE-2021-44228.json
View file

@ -935,10 +935,10 @@
"description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ",
"fork": false,
"created_at": "2021-12-10T23:19:28Z",
"updated_at": "2024-12-30T03:30:40Z",
"updated_at": "2025-01-08T07:46:36Z",
"pushed_at": "2024-02-12T22:37:25Z",
"stargazers_count": 1812,
"watchers_count": 1812,
"stargazers_count": 1813,
"watchers_count": 1813,
"has_discussions": false,
"forks_count": 530,
"allow_forking": true,
@ -952,7 +952,7 @@
],
"visibility": "public",
"forks": 530,
"watchers": 1812,
"watchers": 1813,
"score": 0,
"subscribers_count": 26
},
@ -3749,10 +3749,10 @@
"description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ",
"fork": false,
"created_at": "2021-12-13T03:57:50Z",
"updated_at": "2025-01-07T13:58:10Z",
"updated_at": "2025-01-08T06:23:15Z",
"pushed_at": "2022-11-23T18:23:24Z",
"stargazers_count": 3404,
"watchers_count": 3404,
"stargazers_count": 3405,
"watchers_count": 3405,
"has_discussions": true,
"forks_count": 739,
"allow_forking": true,
@ -3761,7 +3761,7 @@
"topics": [],
"visibility": "public",
"forks": 739,
"watchers": 3404,
"watchers": 3405,
"score": 0,
"subscribers_count": 55
},
@ -7264,7 +7264,7 @@
"fork": false,
"created_at": "2021-12-15T21:09:00Z",
"updated_at": "2023-06-22T04:46:02Z",
"pushed_at": "2024-12-25T06:55:32Z",
"pushed_at": "2025-01-08T06:45:48Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,

8
2022/CVE-2022-0337.json
View file

@ -14,10 +14,10 @@
"description": "🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337",
"fork": false,
"created_at": "2022-03-19T08:10:46Z",
"updated_at": "2025-01-06T03:02:01Z",
"updated_at": "2025-01-08T10:55:34Z",
"pushed_at": "2022-09-04T17:28:56Z",
"stargazers_count": 328,
"watchers_count": 328,
"stargazers_count": 329,
"watchers_count": 329,
"has_discussions": false,
"forks_count": 34,
"allow_forking": true,
@ -42,7 +42,7 @@
],
"visibility": "public",
"forks": 34,
"watchers": 328,
"watchers": 329,
"score": 0,
"subscribers_count": 6
},

31
2022/CVE-2022-0847.json
View file

@ -2928,5 +2928,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 913704023,
"name": "Dirty-Pipe-Exploit",
"full_name": "mithunmadhukuttan\/Dirty-Pipe-Exploit",
"owner": {
"login": "mithunmadhukuttan",
"id": 104143246,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104143246?v=4",
"html_url": "https:\/\/github.com\/mithunmadhukuttan",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/mithunmadhukuttan\/Dirty-Pipe-Exploit",
"description": "The **Dirty Pipe exploit (CVE-2022-0847)** is a Linux kernel vulnerability (v5.8+) allowing unprivileged attackers to overwrite arbitrary files via a flaw in the pipe mechanism. This leads to privilege escalation, granting root access. Similar to Dirty Cow but easier to exploit. Fix: Update to a patched kernel version.",
"fork": false,
"created_at": "2025-01-08T07:40:20Z",
"updated_at": "2025-01-08T07:41:44Z",
"pushed_at": "2025-01-08T07:41:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2022/CVE-2022-29464.json
View file

@ -605,10 +605,10 @@
"description": "CVE-2022-29464 Exploit",
"fork": false,
"created_at": "2022-07-05T08:27:04Z",
"updated_at": "2023-11-12T16:10:10Z",
"updated_at": "2025-01-08T06:52:13Z",
"pushed_at": "2023-11-29T17:37:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -617,7 +617,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},

8
2022/CVE-2022-3699.json
View file

@ -14,10 +14,10 @@
"description": "Lenovo Diagnostics Driver EoP - Arbitrary R\/W",
"fork": false,
"created_at": "2022-11-09T14:15:30Z",
"updated_at": "2024-12-08T17:04:10Z",
"updated_at": "2025-01-08T09:12:45Z",
"pushed_at": "2022-12-05T23:36:42Z",
"stargazers_count": 170,
"watchers_count": 170,
"stargazers_count": 171,
"watchers_count": 171,
"has_discussions": false,
"forks_count": 47,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 47,
"watchers": 170,
"watchers": 171,
"score": 0,
"subscribers_count": 5
},

12
2022/CVE-2022-38694.json
View file

@ -14,12 +14,12 @@
"description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692",
"fork": false,
"created_at": "2023-06-10T08:31:26Z",
"updated_at": "2025-01-04T04:33:25Z",
"updated_at": "2025-01-08T09:32:28Z",
"pushed_at": "2024-08-01T15:09:15Z",
"stargazers_count": 316,
"watchers_count": 316,
"stargazers_count": 318,
"watchers_count": 318,
"has_discussions": true,
"forks_count": 46,
"forks_count": 47,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -28,8 +28,8 @@
"unisoc"
],
"visibility": "public",
"forks": 46,
"watchers": 316,
"forks": 47,
"watchers": 318,
"score": 0,
"subscribers_count": 8
},

8
2023/CVE-2023-21036.json
View file

@ -52,10 +52,10 @@
"description": "Detection and sanitization for Acropalypse Now - CVE-2023-21036",
"fork": false,
"created_at": "2023-03-22T14:59:42Z",
"updated_at": "2024-09-06T13:10:33Z",
"updated_at": "2025-01-08T10:05:57Z",
"pushed_at": "2023-05-15T12:12:33Z",
"stargazers_count": 78,
"watchers_count": 78,
"stargazers_count": 79,
"watchers_count": 79,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -64,7 +64,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 78,
"watchers": 79,
"score": 0,
"subscribers_count": 10
},

31
2023/CVE-2023-21768.json
View file

@ -347,5 +347,36 @@
"watchers": 13,
"score": 0,
"subscribers_count": 2
},
{
"id": 910182976,
"name": "CVE-2023-21768",
"full_name": "IlanDudnik\/CVE-2023-21768",
"owner": {
"login": "IlanDudnik",
"id": 16364955,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16364955?v=4",
"html_url": "https:\/\/github.com\/IlanDudnik",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/IlanDudnik\/CVE-2023-21768",
"description": "Exploit implementation with IO Rings for CVE-2023-21768",
"fork": false,
"created_at": "2024-12-30T17:27:56Z",
"updated_at": "2025-01-08T12:00:22Z",
"pushed_at": "2025-01-08T11:57:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2023/CVE-2023-41772.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 11,
"score": 0,
"subscribers_count": 1

12
2023/CVE-2023-45866.json
View file

@ -14,19 +14,19 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
"updated_at": "2025-01-08T05:55:25Z",
"updated_at": "2025-01-08T11:53:56Z",
"pushed_at": "2024-08-18T08:26:46Z",
"stargazers_count": 1370,
"watchers_count": 1370,
"stargazers_count": 1372,
"watchers_count": 1372,
"has_discussions": false,
"forks_count": 233,
"forks_count": 234,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 233,
"watchers": 1370,
"forks": 234,
"watchers": 1372,
"score": 0,
"subscribers_count": 21
},

33
2023/CVE-2023-48795.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 913695968,
"name": "CVE-2023-48795",
"full_name": "TrixSec\/CVE-2023-48795",
"owner": {
"login": "TrixSec",
"id": 157342883,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/157342883?v=4",
"html_url": "https:\/\/github.com\/TrixSec",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/TrixSec\/CVE-2023-48795",
"description": "A Python-based tool to check for vulnerabilities in OpenSSH installations on local or remote systems by scanning specific IPs. It checks if the OpenSSH version is affected by CVE-2023-48795",
"fork": false,
"created_at": "2025-01-08T07:19:23Z",
"updated_at": "2025-01-08T07:29:16Z",
"pushed_at": "2025-01-08T07:29:13Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

33
2024/CVE-2024-11613.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 913765661,
"name": "CVE-2024-11613-wp-file-upload",
"full_name": "Sachinart\/CVE-2024-11613-wp-file-upload",
"owner": {
"login": "Sachinart",
"id": 18497191,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18497191?v=4",
"html_url": "https:\/\/github.com\/Sachinart",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Sachinart\/CVE-2024-11613-wp-file-upload",
"description": "Exploit by Chirag Artani for CVE-2024-11613 in WordPress File Upload",
"fork": false,
"created_at": "2025-01-08T10:06:00Z",
"updated_at": "2025-01-08T10:15:52Z",
"pushed_at": "2025-01-08T10:15:49Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2024/CVE-2024-12849.json
View file

@ -45,8 +45,8 @@
"description": null,
"fork": false,
"created_at": "2025-01-07T16:57:48Z",
"updated_at": "2025-01-07T17:20:00Z",
"pushed_at": "2025-01-07T17:19:56Z",
"updated_at": "2025-01-08T06:46:21Z",
"pushed_at": "2025-01-08T06:46:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

4
2024/CVE-2024-21762.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 95,
"watchers_count": 95,
"has_discussions": false,
"forks_count": 14,
"forks_count": 15,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 14,
"forks": 15,
"watchers": 95,
"score": 0,
"subscribers_count": 6

33
2024/CVE-2024-27115.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 913334263,
"name": "CVE-2024-27115-Exploit",
"full_name": "theexploiters\/CVE-2024-27115-Exploit",
"owner": {
"login": "theexploiters",
"id": 185040501,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185040501?v=4",
"html_url": "https:\/\/github.com\/theexploiters",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/theexploiters\/CVE-2024-27115-Exploit",
"description": "Exploit For SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)",
"fork": false,
"created_at": "2025-01-07T13:38:34Z",
"updated_at": "2025-01-08T07:50:51Z",
"pushed_at": "2025-01-07T14:16:47Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

20
2024/CVE-2024-35250.json
View file

@ -14,10 +14,10 @@
"description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver",
"fork": false,
"created_at": "2024-10-13T19:30:20Z",
"updated_at": "2025-01-08T03:20:04Z",
"updated_at": "2025-01-08T12:23:54Z",
"pushed_at": "2024-11-29T16:56:23Z",
"stargazers_count": 257,
"watchers_count": 257,
"stargazers_count": 258,
"watchers_count": 258,
"has_discussions": false,
"forks_count": 57,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 57,
"watchers": 257,
"watchers": 258,
"score": 0,
"subscribers_count": 7
},
@ -45,19 +45,19 @@
"description": "Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。) ",
"fork": false,
"created_at": "2024-10-25T10:06:09Z",
"updated_at": "2025-01-08T01:57:03Z",
"updated_at": "2025-01-08T11:26:33Z",
"pushed_at": "2024-10-21T04:15:27Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 13,
"watchers_count": 13,
"has_discussions": false,
"forks_count": 6,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 10,
"forks": 5,
"watchers": 13,
"score": 0,
"subscribers_count": 0
},

31
2024/CVE-2024-38998.json
View file

@ -29,5 +29,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 913713750,
"name": "PP_CVE-2024-38998",
"full_name": "cesarbtakeda\/PP_CVE-2024-38998",
"owner": {
"login": "cesarbtakeda",
"id": 114227831,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114227831?v=4",
"html_url": "https:\/\/github.com\/cesarbtakeda",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/cesarbtakeda\/PP_CVE-2024-38998",
"description": null,
"fork": false,
"created_at": "2025-01-08T08:04:54Z",
"updated_at": "2025-01-08T08:13:26Z",
"pushed_at": "2025-01-08T08:13:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-42327.json
View file

@ -200,10 +200,10 @@
"description": "Zabbix CVE-2024-42327 PoC",
"fork": false,
"created_at": "2025-01-01T18:25:44Z",
"updated_at": "2025-01-08T02:31:14Z",
"updated_at": "2025-01-08T08:05:10Z",
"pushed_at": "2025-01-03T13:49:03Z",
"stargazers_count": 32,
"watchers_count": 32,
"stargazers_count": 34,
"watchers_count": 34,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -212,7 +212,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 32,
"watchers": 34,
"score": 0,
"subscribers_count": 1
}

4
2024/CVE-2024-45519.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 42,
"watchers_count": 42,
"has_discussions": false,
"forks_count": 19,
"forks_count": 20,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 19,
"forks": 20,
"watchers": 42,
"score": 0,
"subscribers_count": 2

31
2024/CVE-2024-4577.json
View file

@ -1678,5 +1678,36 @@
"watchers": 17,
"score": 0,
"subscribers_count": 1
},
{
"id": 913704447,
"name": "CVE-2024-4577",
"full_name": "Dejavu666\/CVE-2024-4577",
"owner": {
"login": "Dejavu666",
"id": 14794918,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14794918?v=4",
"html_url": "https:\/\/github.com\/Dejavu666",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Dejavu666\/CVE-2024-4577",
"description": "CVE-2024-4577 POC",
"fork": false,
"created_at": "2025-01-08T07:41:29Z",
"updated_at": "2025-01-08T11:17:26Z",
"pushed_at": "2025-01-08T11:17:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2024/CVE-2024-4885.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"forks": 6,
"watchers": 15,
"score": 0,
"subscribers_count": 1

8
2024/CVE-2024-49039.json
View file

@ -14,10 +14,10 @@
"description": "WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler",
"fork": false,
"created_at": "2024-11-19T08:57:18Z",
"updated_at": "2025-01-02T00:58:20Z",
"updated_at": "2025-01-08T09:21:16Z",
"pushed_at": "2024-11-19T09:15:26Z",
"stargazers_count": 116,
"watchers_count": 116,
"stargazers_count": 117,
"watchers_count": 117,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 116,
"watchers": 117,
"score": 0,
"subscribers_count": 2
},

12
2024/CVE-2024-49113.json
View file

@ -14,19 +14,19 @@
"description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113",
"fork": false,
"created_at": "2025-01-01T15:48:38Z",
"updated_at": "2025-01-08T03:27:17Z",
"updated_at": "2025-01-08T12:05:24Z",
"pushed_at": "2025-01-02T16:07:23Z",
"stargazers_count": 397,
"watchers_count": 397,
"stargazers_count": 399,
"watchers_count": 399,
"has_discussions": false,
"forks_count": 93,
"forks_count": 94,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 93,
"watchers": 397,
"forks": 94,
"watchers": 399,
"score": 0,
"subscribers_count": 3
},

33
2024/CVE-2024-50603.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 913813364,
"name": "CVE-2024-50603",
"full_name": "newlinesec\/CVE-2024-50603",
"owner": {
"login": "newlinesec",
"id": 194232279,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/194232279?v=4",
"html_url": "https:\/\/github.com\/newlinesec",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/newlinesec\/CVE-2024-50603",
"description": "CVE-2024-50603-nuclei-poc",
"fork": false,
"created_at": "2025-01-08T12:00:38Z",
"updated_at": "2025-01-08T12:08:49Z",
"pushed_at": "2025-01-08T12:08:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2024/CVE-2024-50623.json
View file

@ -14,19 +14,19 @@
"description": "Cleo Unrestricted file upload and download PoC (CVE-2024-50623)",
"fork": false,
"created_at": "2024-12-11T14:19:55Z",
"updated_at": "2024-12-16T20:09:24Z",
"updated_at": "2025-01-08T08:14:00Z",
"pushed_at": "2024-12-11T14:23:19Z",
"stargazers_count": 19,
"watchers_count": 19,
"stargazers_count": 20,
"watchers_count": 20,
"has_discussions": false,
"forks_count": 6,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 19,
"forks": 7,
"watchers": 20,
"score": 0,
"subscribers_count": 0
},

33
2024/CVE-2024-54498.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 913761355,
"name": "CVE-2024-54498-PoC",
"full_name": "wh1te4ever\/CVE-2024-54498-PoC",
"owner": {
"login": "wh1te4ever",
"id": 88495487,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88495487?v=4",
"html_url": "https:\/\/github.com\/wh1te4ever",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/wh1te4ever\/CVE-2024-54498-PoC",
"description": "Escape macOS Sandbox using sharedfilelistd exploit",
"fork": false,
"created_at": "2025-01-08T09:55:44Z",
"updated_at": "2025-01-08T11:05:12Z",
"pushed_at": "2025-01-08T10:37:17Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

4
2024/CVE-2024-56433.json
View file

@ -14,8 +14,8 @@
"description": "CVE-2024-56433 - shadow-utils Default subordinate ID for local users creates risk of collision",
"fork": false,
"created_at": "2025-01-03T13:11:25Z",
"updated_at": "2025-01-06T12:02:43Z",
"pushed_at": "2025-01-06T12:02:39Z",
"updated_at": "2025-01-08T08:24:17Z",
"pushed_at": "2025-01-08T08:24:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

16
2024/CVE-2024-6387.json
View file

@ -1355,10 +1355,10 @@
"description": "PoC - Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (Scanner and Exploit) ",
"fork": false,
"created_at": "2024-07-02T18:32:46Z",
"updated_at": "2024-12-30T01:05:18Z",
"updated_at": "2025-01-08T11:36:17Z",
"pushed_at": "2024-07-05T15:19:28Z",
"stargazers_count": 72,
"watchers_count": 72,
"stargazers_count": 75,
"watchers_count": 75,
"has_discussions": false,
"forks_count": 29,
"allow_forking": true,
@ -1376,7 +1376,7 @@
],
"visibility": "public",
"forks": 29,
"watchers": 72,
"watchers": 75,
"score": 0,
"subscribers_count": 3
},
@ -2180,10 +2180,10 @@
"description": "Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)",
"fork": false,
"created_at": "2024-07-08T11:27:49Z",
"updated_at": "2025-01-07T21:40:36Z",
"updated_at": "2025-01-08T10:43:24Z",
"pushed_at": "2024-08-22T08:50:25Z",
"stargazers_count": 69,
"watchers_count": 69,
"stargazers_count": 71,
"watchers_count": 71,
"has_discussions": false,
"forks_count": 30,
"allow_forking": true,
@ -2192,7 +2192,7 @@
"topics": [],
"visibility": "public",
"forks": 30,
"watchers": 69,
"watchers": 71,
"score": 0,
"subscribers_count": 3
},

35
2024/CVE-2024-9047.json
View file

@ -29,5 +29,40 @@
"watchers": 4,
"score": 0,
"subscribers_count": 2
},
{
"id": 913699164,
"name": "CVE-2024-9047",
"full_name": "verylazytech\/CVE-2024-9047",
"owner": {
"login": "verylazytech",
"id": 172168670,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4",
"html_url": "https:\/\/github.com\/verylazytech",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-9047",
"description": "POC - WordPress File Upload plugin, in the wfu_file_downloader.php file before version <= 4.24.11",
"fork": false,
"created_at": "2025-01-08T07:27:16Z",
"updated_at": "2025-01-08T07:58:06Z",
"pushed_at": "2025-01-08T07:36:19Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2024-9047",
"lfi",
"wordpress-plugin"
],
"visibility": "public",
"forks": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

41
README.md
View file

@ -1075,6 +1075,7 @@
- [longhoangth18/CVE-2024-4577](https://github.com/longhoangth18/CVE-2024-4577)
- [ahmetramazank/CVE-2024-4577](https://github.com/ahmetramazank/CVE-2024-4577)
- [BTtea/CVE-2024-4577-RCE-PoC](https://github.com/BTtea/CVE-2024-4577-RCE-PoC)
- [Dejavu666/CVE-2024-4577](https://github.com/Dejavu666/CVE-2024-4577)
### CVE-2024-4701 (2024-05-10)
@ -1858,6 +1859,7 @@
</code>
- [iSee857/CVE-2024-9047-PoC](https://github.com/iSee857/CVE-2024-9047-PoC)
- [verylazytech/CVE-2024-9047](https://github.com/verylazytech/CVE-2024-9047)
### CVE-2024-9061 (2024-10-16)
@ -2403,6 +2405,13 @@
- [TheN00bBuilder/cve-2024-11477-writeup](https://github.com/TheN00bBuilder/cve-2024-11477-writeup)
### CVE-2024-11613 (2025-01-08)
<code>The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion in all versions up to, and including, 4.24.15 via the 'wfu_file_downloader.php' file. This is due to lack of proper sanitization of the 'source' parameter and allowing a user-defined directory path. This makes it possible for unauthenticated attackers to execute code on the server.
</code>
- [Sachinart/CVE-2024-11613-wp-file-upload](https://github.com/Sachinart/CVE-2024-11613-wp-file-upload)
### CVE-2024-11616 (2024-12-19)
<code>Netskope was made aware of a security vulnerability in Netskope Endpoint DLPs Content Control Driver where a double-fetch issue leads to heap overflow. The vulnerability arises from the fact that the NumberOfBytes argument to ExAllocatePoolWithTag, and the Length argument for RtlCopyMemory, both independently dereference their value from the user supplied input buffer inside the EpdlpSetUsbAction function, known as a double-fetch. If this length value grows to a higher value in between these two calls, it will result in the RtlCopyMemory call copying user-supplied memory contents outside the range of the allocated buffer, resulting in a heap overflow. A malicious attacker will need admin privileges to exploit the issue.\nThis issue affects Endpoint DLP version below R119.
@ -4051,6 +4060,13 @@
- [200101WhoAmI/CVE-2024-27088](https://github.com/200101WhoAmI/CVE-2024-27088)
### CVE-2024-27115 (2024-09-11)
<code>A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publicly accessible folder before verifying any requirements. This leads to the possibility of execution of code on the underlying system when the file is triggered. The vulnerability has been remediated in version 1.52.02.
</code>
- [theexploiters/CVE-2024-27115-Exploit](https://github.com/theexploiters/CVE-2024-27115-Exploit)
### CVE-2024-27130 (2024-05-21)
<code>A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network.\n\nWe have already fixed the vulnerability in the following version:\nQTS 5.1.7.2770 build 20240520 and later\nQuTS hero h5.1.7.2770 build 20240520 and later
@ -5961,6 +5977,7 @@
</code>
- [z3ldr1/PP_CVE-2024-38998](https://github.com/z3ldr1/PP_CVE-2024-38998)
- [cesarbtakeda/PP_CVE-2024-38998](https://github.com/cesarbtakeda/PP_CVE-2024-38998)
### CVE-2024-39031 (2024-07-09)
@ -7474,6 +7491,13 @@
- [RandomRobbieBF/CVE-2024-50510](https://github.com/RandomRobbieBF/CVE-2024-50510)
### CVE-2024-50603 (2025-01-08)
<code>An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_destination_instances, or src_cloud_type for flightpath_connection_test.
</code>
- [newlinesec/CVE-2024-50603](https://github.com/newlinesec/CVE-2024-50603)
### CVE-2024-50623 (2024-10-27)
<code>In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution.
@ -7927,6 +7951,13 @@
- [RandomRobbieBF/CVE-2024-54385](https://github.com/RandomRobbieBF/CVE-2024-54385)
### CVE-2024-54498 (2024-12-11)
<code>A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to break out of its sandbox.
</code>
- [wh1te4ever/CVE-2024-54498-PoC](https://github.com/wh1te4ever/CVE-2024-54498-PoC)
### CVE-2024-54679 (2024-12-05)
<code>CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions.
@ -10167,6 +10198,7 @@
- [Rosayxy/Recreate-cve-2023-21768](https://github.com/Rosayxy/Recreate-cve-2023-21768)
- [ldrx30/CVE-2023-21768](https://github.com/ldrx30/CVE-2023-21768)
- [xboxoneresearch/CVE-2023-21768-dotnet](https://github.com/xboxoneresearch/CVE-2023-21768-dotnet)
- [IlanDudnik/CVE-2023-21768](https://github.com/IlanDudnik/CVE-2023-21768)
### CVE-2023-21823 (2023-02-14)
@ -15880,6 +15912,13 @@
- [horizon3ai/CVE-2023-48788](https://github.com/horizon3ai/CVE-2023-48788)
### CVE-2023-48795 (2023-12-18)
<code>The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
</code>
- [TrixSec/CVE-2023-48795](https://github.com/TrixSec/CVE-2023-48795)
### CVE-2023-48842 (2023-12-01)
<code>D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi.
@ -16912,6 +16951,7 @@
- [muhammad1596/CVE-2022-0847-dirty-pipe-checker](https://github.com/muhammad1596/CVE-2022-0847-dirty-pipe-checker)
- [muhammad1596/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/muhammad1596/CVE-2022-0847-DirtyPipe-Exploits)
- [JustinYe377/CTF-CVE-2022-0847](https://github.com/JustinYe377/CTF-CVE-2022-0847)
- [mithunmadhukuttan/Dirty-Pipe-Exploit](https://github.com/mithunmadhukuttan/Dirty-Pipe-Exploit)
### CVE-2022-0848 (2022-03-04)
@ -47628,6 +47668,7 @@
- [halkichi0308/CVE-2015-9251](https://github.com/halkichi0308/CVE-2015-9251)
- [moften/CVE-2015-9251](https://github.com/moften/CVE-2015-9251)
- [hackgiver/CVE-2015-9251](https://github.com/hackgiver/CVE-2015-9251)
### CVE-2015-10034 (2023-01-09)