mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-16 04:42:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/10/01 12:28:06

Browse source
This commit is contained in:
motikan2010-bot 2023-10-01 21:28:06 +09:00
parent 5d3931f83b
commit 598ebd418d
21 changed files with 172 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2018/CVE-2018-8120.json
View file

@ -48,7 +48,7 @@
"stargazers_count": 489,
"watchers_count": 489,
"has_discussions": false,
"forks_count": 206,
"forks_count": 207,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -58,7 +58,7 @@
"exploit"
],
"visibility": "public",
"forks": 206,
"forks": 207,
"watchers": 489,
"score": 0,
"subscribers_count": 22

8
2019/CVE-2019-12586.json
View file

@ -13,10 +13,10 @@
"description": "Proof of Concept of ESP32\/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)",
"fork": false,
"created_at": "2019-09-03T15:08:49Z",
"updated_at": "2023-09-28T11:05:48Z",
"updated_at": "2023-10-01T11:47:25Z",
"pushed_at": "2019-09-08T06:09:11Z",
"stargazers_count": 771,
"watchers_count": 771,
"stargazers_count": 772,
"watchers_count": 772,
"has_discussions": false,
"forks_count": 69,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 69,
"watchers": 771,
"watchers": 772,
"score": 0,
"subscribers_count": 33
}

8
2019/CVE-2019-13272.json
View file

@ -13,10 +13,10 @@
"description": "Linux 4.10 < 5.1.17 PTRACE_TRACEME local root",
"fork": false,
"created_at": "2019-07-31T04:51:43Z",
"updated_at": "2023-09-28T11:04:38Z",
"updated_at": "2023-10-01T09:14:23Z",
"pushed_at": "2019-08-01T16:02:59Z",
"stargazers_count": 311,
"watchers_count": 311,
"stargazers_count": 313,
"watchers_count": 313,
"has_discussions": false,
"forks_count": 117,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 117,
"watchers": 311,
"watchers": 313,
"score": 0,
"subscribers_count": 8
},

4
2020/CVE-2020-0796.json
View file

@ -1041,7 +1041,7 @@
"stargazers_count": 1276,
"watchers_count": 1276,
"has_discussions": false,
"forks_count": 368,
"forks_count": 369,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -1053,7 +1053,7 @@
"smbghost"
],
"visibility": "public",
"forks": 368,
"forks": 369,
"watchers": 1276,
"score": 0,
"subscribers_count": 34

16
2021/CVE-2021-21972.json
View file

@ -90,10 +90,10 @@
"description": "CVE-2021-21972 Exploit",
"fork": false,
"created_at": "2021-02-24T11:14:58Z",
"updated_at": "2023-09-28T11:25:14Z",
"updated_at": "2023-10-01T10:06:16Z",
"pushed_at": "2023-06-08T04:01:33Z",
"stargazers_count": 455,
"watchers_count": 455,
"stargazers_count": 454,
"watchers_count": 454,
"has_discussions": false,
"forks_count": 151,
"allow_forking": true,
@ -104,7 +104,7 @@
],
"visibility": "public",
"forks": 151,
"watchers": 455,
"watchers": 454,
"score": 0,
"subscribers_count": 8
},
@ -851,10 +851,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2023-09-28T11:43:11Z",
"updated_at": "2023-10-01T08:44:15Z",
"pushed_at": "2023-09-30T15:44:32Z",
"stargazers_count": 1102,
"watchers_count": 1102,
"stargazers_count": 1103,
"watchers_count": 1103,
"has_discussions": false,
"forks_count": 142,
"allow_forking": true,
@ -870,7 +870,7 @@
],
"visibility": "public",
"forks": 142,
"watchers": 1102,
"watchers": 1103,
"score": 0,
"subscribers_count": 11
}

8
2022/CVE-2022-0847.json
View file

@ -2051,14 +2051,14 @@
{
"id": 528203239,
"name": "CVE-2022-0847",
"full_name": "c0ntempt\/CVE-2022-0847",
"full_name": "cont3mpt\/CVE-2022-0847",
"owner": {
"login": "c0ntempt",
"login": "cont3mpt",
"id": 102446929,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102446929?v=4",
"html_url": "https:\/\/github.com\/c0ntempt"
"html_url": "https:\/\/github.com\/cont3mpt"
},
"html_url": "https:\/\/github.com\/c0ntempt\/CVE-2022-0847",
"html_url": "https:\/\/github.com\/cont3mpt\/CVE-2022-0847",
"description": null,
"fork": false,
"created_at": "2022-08-24T00:06:15Z",

30
2022/CVE-2022-1015.json
View file

@ -238,5 +238,35 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 698913839,
"name": "CVE-2022-1015",
"full_name": "0range1337\/CVE-2022-1015",
"owner": {
"login": "0range1337",
"id": 146405672,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146405672?v=4",
"html_url": "https:\/\/github.com\/0range1337"
},
"html_url": "https:\/\/github.com\/0range1337\/CVE-2022-1015",
"description": null,
"fork": false,
"created_at": "2023-10-01T11:18:48Z",
"updated_at": "2023-10-01T11:18:48Z",
"pushed_at": "2023-10-01T11:18:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2022/CVE-2022-22954.json
View file

@ -766,10 +766,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2023-09-28T11:43:11Z",
"updated_at": "2023-10-01T08:44:15Z",
"pushed_at": "2023-09-30T15:44:32Z",
"stargazers_count": 1102,
"watchers_count": 1102,
"stargazers_count": 1103,
"watchers_count": 1103,
"has_discussions": false,
"forks_count": 142,
"allow_forking": true,
@ -785,7 +785,7 @@
],
"visibility": "public",
"forks": 142,
"watchers": 1102,
"watchers": 1103,
"score": 0,
"subscribers_count": 11
},

8
2022/CVE-2022-30591.json
View file

@ -13,10 +13,10 @@
"description": "Attacks against QUIC (CVE-2022-30591)",
"fork": false,
"created_at": "2022-06-30T18:25:23Z",
"updated_at": "2023-09-26T06:36:30Z",
"updated_at": "2023-10-01T10:56:27Z",
"pushed_at": "2022-12-31T01:55:15Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 7,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
}

2
2022/CVE-2022-42889.json
View file

@ -1424,7 +1424,7 @@
"fork": false,
"created_at": "2023-09-22T17:17:26Z",
"updated_at": "2023-09-22T17:17:44Z",
"pushed_at": "2023-09-27T19:17:27Z",
"pushed_at": "2023-10-01T07:52:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2023/CVE-2023-20562.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-08-21T00:31:50Z",
"updated_at": "2023-09-28T11:46:49Z",
"updated_at": "2023-10-01T10:15:28Z",
"pushed_at": "2023-08-21T00:33:08Z",
"stargazers_count": 44,
"watchers_count": 44,
"stargazers_count": 45,
"watchers_count": 45,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 44,
"watchers": 45,
"score": 0,
"subscribers_count": 1
},

16
2023/CVE-2023-29357.json
View file

@ -13,10 +13,10 @@
"description": "Microsoft SharePoint Server Elevation of Privilege Vulnerability",
"fork": false,
"created_at": "2023-09-26T16:18:41Z",
"updated_at": "2023-10-01T03:08:28Z",
"updated_at": "2023-10-01T10:54:42Z",
"pushed_at": "2023-09-26T19:04:21Z",
"stargazers_count": 125,
"watchers_count": 125,
"stargazers_count": 127,
"watchers_count": 127,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 20,
"watchers": 125,
"watchers": 127,
"score": 0,
"subscribers_count": 2
},
@ -50,10 +50,10 @@
"description": null,
"fork": false,
"created_at": "2023-09-30T23:17:04Z",
"updated_at": "2023-10-01T04:41:31Z",
"updated_at": "2023-10-01T11:48:05Z",
"pushed_at": "2023-10-01T06:23:28Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -62,7 +62,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 11,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-29360.json
View file

@ -13,10 +13,10 @@
"description": "Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver",
"fork": false,
"created_at": "2023-09-24T21:59:23Z",
"updated_at": "2023-09-30T08:46:33Z",
"updated_at": "2023-10-01T09:01:37Z",
"pushed_at": "2023-09-26T09:49:37Z",
"stargazers_count": 42,
"watchers_count": 42,
"stargazers_count": 43,
"watchers_count": 43,
"has_discussions": false,
"forks_count": 14,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 14,
"watchers": 42,
"watchers": 43,
"score": 0,
"subscribers_count": 1
}

4
2023/CVE-2023-34040.json
View file

@ -48,13 +48,13 @@
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1

8
2023/CVE-2023-34362.json
View file

@ -43,10 +43,10 @@
"description": "MOVEit CVE-2023-34362",
"fork": false,
"created_at": "2023-06-09T19:07:32Z",
"updated_at": "2023-09-19T16:42:28Z",
"updated_at": "2023-10-01T10:31:09Z",
"pushed_at": "2023-06-26T20:24:32Z",
"stargazers_count": 121,
"watchers_count": 121,
"stargazers_count": 122,
"watchers_count": 122,
"has_discussions": false,
"forks_count": 28,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 28,
"watchers": 121,
"watchers": 122,
"score": 0,
"subscribers_count": 5
},

8
2023/CVE-2023-36845.json
View file

@ -13,10 +13,10 @@
"description": "A tool to discover Juniper firewalls vulnerable to CVE-2023-36845",
"fork": false,
"created_at": "2023-09-16T09:11:21Z",
"updated_at": "2023-09-28T09:44:19Z",
"updated_at": "2023-10-01T07:16:23Z",
"pushed_at": "2023-09-17T09:14:32Z",
"stargazers_count": 45,
"watchers_count": 45,
"stargazers_count": 46,
"watchers_count": 46,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -27,7 +27,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 45,
"watchers": 46,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-38146.json
View file

@ -13,10 +13,10 @@
"description": "Proof-of-Concept for CVE-2023-38146 (\"ThemeBleed\")",
"fork": false,
"created_at": "2023-09-13T04:00:14Z",
"updated_at": "2023-10-01T03:57:26Z",
"updated_at": "2023-10-01T12:12:58Z",
"pushed_at": "2023-09-13T04:50:29Z",
"stargazers_count": 134,
"watchers_count": 134,
"stargazers_count": 136,
"watchers_count": 136,
"has_discussions": false,
"forks_count": 27,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 27,
"watchers": 134,
"watchers": 136,
"score": 0,
"subscribers_count": 3
}

34
2023/CVE-2023-43261.json Normal file
View file

@ -0,0 +1,34 @@
[
{
"id": 697676686,
"name": "CVE-2023-43261",
"full_name": "win3zz\/CVE-2023-43261",
"owner": {
"login": "win3zz",
"id": 12781459,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12781459?v=4",
"html_url": "https:\/\/github.com\/win3zz"
},
"html_url": "https:\/\/github.com\/win3zz\/CVE-2023-43261",
"description": "CVE-2023-43261 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption",
"fork": false,
"created_at": "2023-09-28T08:45:55Z",
"updated_at": "2023-10-01T07:51:34Z",
"pushed_at": "2023-10-01T08:36:06Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2023-43261"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-5074.json
View file

@ -13,10 +13,10 @@
"description": "Mass Exploit - CVE-2023-5074 \/ D-Link D-View < Authentication Bypass",
"fork": false,
"created_at": "2023-09-30T00:07:52Z",
"updated_at": "2023-09-30T01:17:25Z",
"updated_at": "2023-10-01T07:15:40Z",
"pushed_at": "2023-09-30T01:18:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

32
2023/CVE-2023-5324.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 698743355,
"name": "eero-zero-length-ipv6-options-header-dos",
"full_name": "nomis\/eero-zero-length-ipv6-options-header-dos",
"owner": {
"login": "nomis",
"id": 70171,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70171?v=4",
"html_url": "https:\/\/github.com\/nomis"
},
"html_url": "https:\/\/github.com\/nomis\/eero-zero-length-ipv6-options-header-dos",
"description": "eeroOS Ethernet Interface Denial of Service Vulnerability (CVE-2023-5324)",
"fork": false,
"created_at": "2023-09-30T20:32:51Z",
"updated_at": "2023-10-01T08:04:08Z",
"pushed_at": "2023-10-01T08:03:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

11
README.md
View file

@ -733,6 +733,9 @@
- [codeb0ss/CVE-2023-5074-PoC](https://github.com/codeb0ss/CVE-2023-5074-PoC)
### CVE-2023-5324
- [nomis/eero-zero-length-ipv6-options-header-dos](https://github.com/nomis/eero-zero-length-ipv6-options-header-dos)
### CVE-2023-5546
- [obelia01/CVE-2023-5546](https://github.com/obelia01/CVE-2023-5546)
@ -745,7 +748,7 @@
### CVE-2023-20052 (2023-03-01)
<code>On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
<code>On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r \r This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
</code>
- [nokn0wthing/CVE-2023-20052](https://github.com/nokn0wthing/CVE-2023-20052)
@ -3820,6 +3823,9 @@
- [ally-petitt/CVE-2023-43154-PoC](https://github.com/ally-petitt/CVE-2023-43154-PoC)
### CVE-2023-43261
- [win3zz/CVE-2023-43261](https://github.com/win3zz/CVE-2023-43261)
### CVE-2023-43263 (2023-09-26)
<code>A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component.
@ -4256,7 +4262,7 @@
- [eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits)
- [EagleTube/CVE-2022-0847](https://github.com/EagleTube/CVE-2022-0847)
- [yoeelingBin/CVE-2022-0847-Container-Escape](https://github.com/yoeelingBin/CVE-2022-0847-Container-Escape)
- [c0ntempt/CVE-2022-0847](https://github.com/c0ntempt/CVE-2022-0847)
- [cont3mpt/CVE-2022-0847](https://github.com/cont3mpt/CVE-2022-0847)
- [notl0cal/dpipe](https://github.com/notl0cal/dpipe)
- [Gustavo-Nogueira/Dirty-Pipe-Exploits](https://github.com/Gustavo-Nogueira/Dirty-Pipe-Exploits)
- [b4dboy17/Dirty-Pipe-Oneshot](https://github.com/b4dboy17/Dirty-Pipe-Oneshot)
@ -4346,6 +4352,7 @@
- [delsploit/CVE-2022-1015](https://github.com/delsploit/CVE-2022-1015)
- [pivik271/CVE-2022-1015](https://github.com/pivik271/CVE-2022-1015)
- [more-kohii/CVE-2022-1015](https://github.com/more-kohii/CVE-2022-1015)
- [0range1337/CVE-2022-1015](https://github.com/0range1337/CVE-2022-1015)
### CVE-2022-1026 (2022-04-04)