Auto Update 2023/10/17 18:45:39

This commit is contained in:
motikan2010-bot 2023-10-18 03:45:39 +09:00
parent 8d5de484cc
commit 5a1d616fee
67 changed files with 476 additions and 835 deletions

View file

@ -343,6 +343,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

View file

@ -1133,13 +1133,13 @@
"stargazers_count": 21,
"watchers_count": 21,
"has_discussions": false,
"forks_count": 8,
"forks_count": 9,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 8,
"forks": 9,
"watchers": 21,
"score": 0,
"subscribers_count": 3

View file

@ -1,32 +0,0 @@
[
{
"id": 56461631,
"name": "cfengine-CVE-2016-2118",
"full_name": "nickanderson\/cfengine-CVE-2016-2118",
"owner": {
"login": "nickanderson",
"id": 202896,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/202896?v=4",
"html_url": "https:\/\/github.com\/nickanderson"
},
"html_url": "https:\/\/github.com\/nickanderson\/cfengine-CVE-2016-2118",
"description": "An example detection and remediation policy.",
"fork": false,
"created_at": "2016-04-17T22:22:04Z",
"updated_at": "2016-04-18T02:57:44Z",
"pushed_at": "2016-04-19T14:24:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
}
]

View file

@ -1,32 +0,0 @@
[
{
"id": 56758577,
"name": "CVE-2016-3141",
"full_name": "peternguyen93\/CVE-2016-3141",
"owner": {
"login": "peternguyen93",
"id": 1802870,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1802870?v=4",
"html_url": "https:\/\/github.com\/peternguyen93"
},
"html_url": "https:\/\/github.com\/peternguyen93\/CVE-2016-3141",
"description": "CVE-2016-3141",
"fork": false,
"created_at": "2016-04-21T08:59:05Z",
"updated_at": "2023-03-11T18:41:15Z",
"pushed_at": "2016-04-23T15:55:01Z",
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 15,
"score": 0,
"subscribers_count": 3
}
]

View file

@ -447,10 +447,10 @@
"description": "Dirty Cow exploit - CVE-2016-5195",
"fork": false,
"created_at": "2016-11-25T21:08:01Z",
"updated_at": "2023-10-16T08:02:12Z",
"updated_at": "2023-10-17T13:07:33Z",
"pushed_at": "2021-04-08T11:35:12Z",
"stargazers_count": 767,
"watchers_count": 767,
"stargazers_count": 768,
"watchers_count": 768,
"has_discussions": false,
"forks_count": 437,
"allow_forking": true,
@ -463,7 +463,7 @@
],
"visibility": "public",
"forks": 437,
"watchers": 767,
"watchers": 768,
"score": 0,
"subscribers_count": 11
},

View file

@ -163,10 +163,10 @@
"description": "CVE-2017-7921-EXP Hikvision camera",
"fork": false,
"created_at": "2022-07-20T07:07:07Z",
"updated_at": "2023-08-07T10:19:54Z",
"updated_at": "2023-10-17T18:05:41Z",
"pushed_at": "2022-07-20T09:37:27Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -175,7 +175,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 5,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

View file

@ -124,13 +124,13 @@
"stargazers_count": 82,
"watchers_count": 82,
"has_discussions": false,
"forks_count": 29,
"forks_count": 28,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 29,
"forks": 28,
"watchers": 82,
"score": 0,
"subscribers_count": 1

View file

@ -13,10 +13,10 @@
"description": "Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018",
"fork": false,
"created_at": "2018-08-08T14:41:20Z",
"updated_at": "2023-09-29T19:01:16Z",
"updated_at": "2023-10-17T16:41:34Z",
"pushed_at": "2018-08-17T23:31:46Z",
"stargazers_count": 173,
"watchers_count": 173,
"stargazers_count": 174,
"watchers_count": 174,
"has_discussions": false,
"forks_count": 33,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 33,
"watchers": 173,
"watchers": 174,
"score": 0,
"subscribers_count": 12
}

32
2018/CVE-2018-7842.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 706159595,
"name": "CVE-2018-7842",
"full_name": "yanissec\/CVE-2018-7842",
"owner": {
"login": "yanissec",
"id": 145691912,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4",
"html_url": "https:\/\/github.com\/yanissec"
},
"html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7842",
"description": "CVE-2018-7842",
"fork": false,
"created_at": "2023-10-17T12:19:27Z",
"updated_at": "2023-10-17T12:19:34Z",
"pushed_at": "2023-10-17T12:19:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

View file

@ -403,10 +403,10 @@
"description": "WebLogic Insecure Deserialization - CVE-2019-2725 payload builder & exploit ",
"fork": false,
"created_at": "2019-08-23T01:42:57Z",
"updated_at": "2023-09-28T11:05:26Z",
"updated_at": "2023-10-17T15:31:46Z",
"pushed_at": "2019-09-26T05:46:14Z",
"stargazers_count": 45,
"watchers_count": 45,
"stargazers_count": 46,
"watchers_count": 46,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
@ -415,7 +415,7 @@
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 45,
"watchers": 46,
"score": 0,
"subscribers_count": 6
},

View file

@ -43,10 +43,10 @@
"description": "Decrypt reversible secrets encrypted using the default hardcoded key related to CVE-2020-9289 on FortiAnalyzer\/FortiManager (the only difference with CVE-2019-6693 is the encryption routine).",
"fork": false,
"created_at": "2023-06-30T08:48:37Z",
"updated_at": "2023-08-28T05:54:58Z",
"updated_at": "2023-10-17T15:44:19Z",
"pushed_at": "2023-06-30T08:55:57Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 3
}

View file

@ -454,6 +454,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

View file

@ -1,32 +0,0 @@
[
{
"id": 339823743,
"name": "CVE-2020-0910",
"full_name": "kfmgang\/CVE-2020-0910",
"owner": {
"login": "kfmgang",
"id": 20864985,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20864985?v=4",
"html_url": "https:\/\/github.com\/kfmgang"
},
"html_url": "https:\/\/github.com\/kfmgang\/CVE-2020-0910",
"description": "Exploit PoC RCE - Windows Hyper-V Remote Code Execution Reverse Shell",
"fork": false,
"created_at": "2021-02-17T18:50:02Z",
"updated_at": "2022-11-03T01:08:49Z",
"pushed_at": "2020-04-22T01:10:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

View file

@ -28,65 +28,5 @@
"watchers": 6,
"score": 0,
"subscribers_count": 2
},
{
"id": 326335788,
"name": "CVE-2020-10148-Solarwinds-Orion",
"full_name": "Udyz\/CVE-2020-10148-Solarwinds-Orion",
"owner": {
"login": "Udyz",
"id": 39673284,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39673284?v=4",
"html_url": "https:\/\/github.com\/Udyz"
},
"html_url": "https:\/\/github.com\/Udyz\/CVE-2020-10148-Solarwinds-Orion",
"description": null,
"fork": false,
"created_at": "2021-01-03T05:35:07Z",
"updated_at": "2023-09-28T11:23:36Z",
"pushed_at": "2021-01-03T05:37:15Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 2
},
{
"id": 327010904,
"name": "CVE-2020-10148",
"full_name": "B1anda0\/CVE-2020-10148",
"owner": {
"login": "B1anda0",
"id": 74232513,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74232513?v=4",
"html_url": "https:\/\/github.com\/B1anda0"
},
"html_url": "https:\/\/github.com\/B1anda0\/CVE-2020-10148",
"description": "SolarWinds Orion API 远程代码执行漏洞批量检测脚本",
"fork": false,
"created_at": "2021-01-05T13:42:36Z",
"updated_at": "2023-02-26T04:18:15Z",
"pushed_at": "2021-01-05T13:56:11Z",
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 10,
"score": 0,
"subscribers_count": 1
}
]

View file

@ -1334,36 +1334,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 325937253,
"name": "zerologon",
"full_name": "wrathfulDiety\/zerologon",
"owner": {
"login": "wrathfulDiety",
"id": 36190613,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36190613?v=4",
"html_url": "https:\/\/github.com\/wrathfulDiety"
},
"html_url": "https:\/\/github.com\/wrathfulDiety\/zerologon",
"description": "zerologon script to exploit CVE-2020-1472 CVSS 10\/10",
"fork": false,
"created_at": "2021-01-01T07:38:58Z",
"updated_at": "2021-01-17T15:08:53Z",
"pushed_at": "2021-01-03T15:43:26Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 327729919,
"name": "ZeroLogon-Exploitation-Check",
@ -1553,6 +1523,36 @@
"score": 0,
"subscribers_count": 2
},
{
"id": 462124353,
"name": "SecuraBV-CVE-2020-1472",
"full_name": "TheJoyOfHacking\/SecuraBV-CVE-2020-1472",
"owner": {
"login": "TheJoyOfHacking",
"id": 99463221,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99463221?v=4",
"html_url": "https:\/\/github.com\/TheJoyOfHacking"
},
"html_url": "https:\/\/github.com\/TheJoyOfHacking\/SecuraBV-CVE-2020-1472",
"description": null,
"fork": false,
"created_at": "2022-02-22T03:33:24Z",
"updated_at": "2022-02-22T03:33:37Z",
"pushed_at": "2022-02-22T03:33:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 462124410,
"name": "dirkjanm-CVE-2020-1472",

View file

@ -1,34 +1,4 @@
[
{
"id": 327323010,
"name": "CVE-2020-17518",
"full_name": "QmF0c3UK\/CVE-2020-17518",
"owner": {
"login": "QmF0c3UK",
"id": 29447678,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29447678?v=4",
"html_url": "https:\/\/github.com\/QmF0c3UK"
},
"html_url": "https:\/\/github.com\/QmF0c3UK\/CVE-2020-17518",
"description": null,
"fork": false,
"created_at": "2021-01-06T13:40:06Z",
"updated_at": "2023-09-28T11:23:42Z",
"pushed_at": "2021-01-06T13:41:04Z",
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 9,
"score": 0,
"subscribers_count": 2
},
{
"id": 328278486,
"name": "CVE-2020-17518",

View file

@ -29,36 +29,6 @@
"score": 0,
"subscribers_count": 2
},
{
"id": 327323355,
"name": "CVE-2020-17519",
"full_name": "QmF0c3UK\/CVE-2020-17519",
"owner": {
"login": "QmF0c3UK",
"id": 29447678,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29447678?v=4",
"html_url": "https:\/\/github.com\/QmF0c3UK"
},
"html_url": "https:\/\/github.com\/QmF0c3UK\/CVE-2020-17519",
"description": null,
"fork": false,
"created_at": "2021-01-06T13:41:24Z",
"updated_at": "2023-09-28T11:23:42Z",
"pushed_at": "2021-01-06T13:41:58Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 2,
"score": 0,
"subscribers_count": 3
},
{
"id": 327361663,
"name": "apache-flink-directory-traversal.nse",

View file

@ -1,32 +0,0 @@
[
{
"id": 327320676,
"name": "apache_kylin",
"full_name": "shanika04\/apache_kylin",
"owner": {
"login": "shanika04",
"id": 73774345,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4",
"html_url": "https:\/\/github.com\/shanika04"
},
"html_url": "https:\/\/github.com\/shanika04\/apache_kylin",
"description": "CVE-2020-1937",
"fork": false,
"created_at": "2021-01-06T13:31:20Z",
"updated_at": "2021-01-06T13:41:05Z",
"pushed_at": "2021-01-06T13:40:54Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
}
]

32
2020/CVE-2020-2501.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 462035961,
"name": "alonzzzo",
"full_name": "Alonzozzz\/alonzzzo",
"owner": {
"login": "Alonzozzz",
"id": 100165245,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100165245?v=4",
"html_url": "https:\/\/github.com\/Alonzozzz"
},
"html_url": "https:\/\/github.com\/Alonzozzz\/alonzzzo",
"description": "Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H\/W rev. Ax with F\/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1",
"fork": false,
"created_at": "2022-02-21T21:22:43Z",
"updated_at": "2022-02-21T21:22:43Z",
"pushed_at": "2022-02-21T21:23:51Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1
}
]

View file

@ -1,32 +0,0 @@
[
{
"id": 327073339,
"name": "CVE-2020-25498",
"full_name": "the-girl-who-lived\/CVE-2020-25498",
"owner": {
"login": "the-girl-who-lived",
"id": 42164898,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4",
"html_url": "https:\/\/github.com\/the-girl-who-lived"
},
"html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-25498",
"description": "Stored XSS via CSRF in Beetel 777VR1 Router ",
"fork": false,
"created_at": "2021-01-05T17:38:52Z",
"updated_at": "2021-01-09T06:55:14Z",
"pushed_at": "2021-01-05T19:48:06Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}
]

View file

@ -1,32 +0,0 @@
[
{
"id": 326532749,
"name": "scan_CVE-2020-29583",
"full_name": "ruppde\/scan_CVE-2020-29583",
"owner": {
"login": "ruppde",
"id": 46819580,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46819580?v=4",
"html_url": "https:\/\/github.com\/ruppde"
},
"html_url": "https:\/\/github.com\/ruppde\/scan_CVE-2020-29583",
"description": "Scanner for Zyxel products which are potentially vulnerable due to an undocumented user account (CVE-2020-29583)",
"fork": false,
"created_at": "2021-01-04T00:56:55Z",
"updated_at": "2023-03-15T18:45:41Z",
"pushed_at": "2021-01-04T22:55:37Z",
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 12,
"score": 0,
"subscribers_count": 3
}
]

View file

@ -1,32 +0,0 @@
[
{
"id": 327099437,
"name": "CVE-2020-35262",
"full_name": "the-girl-who-lived\/CVE-2020-35262",
"owner": {
"login": "the-girl-who-lived",
"id": 42164898,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4",
"html_url": "https:\/\/github.com\/the-girl-who-lived"
},
"html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-35262",
"description": "Cross Site Scripting (XSS) in Digisol DG-HR3400 Router",
"fork": false,
"created_at": "2021-01-05T19:32:31Z",
"updated_at": "2023-09-28T11:23:40Z",
"pushed_at": "2021-01-05T19:46:55Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

View file

@ -1,32 +0,0 @@
[
{
"id": 325946157,
"name": "cve-2020-35717",
"full_name": "hmartos\/cve-2020-35717",
"owner": {
"login": "hmartos",
"id": 13253656,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13253656?v=4",
"html_url": "https:\/\/github.com\/hmartos"
},
"html_url": "https:\/\/github.com\/hmartos\/cve-2020-35717",
"description": "Showcase repository for CVE-2020-35717",
"fork": false,
"created_at": "2021-01-01T08:53:53Z",
"updated_at": "2023-03-09T00:13:18Z",
"pushed_at": "2021-01-01T08:54:35Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

View file

@ -179,36 +179,6 @@
"score": 0,
"subscribers_count": 2
},
{
"id": 326194141,
"name": "CVE-2020-7961-Mass",
"full_name": "Udyz\/CVE-2020-7961-Mass",
"owner": {
"login": "Udyz",
"id": 39673284,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39673284?v=4",
"html_url": "https:\/\/github.com\/Udyz"
},
"html_url": "https:\/\/github.com\/Udyz\/CVE-2020-7961-Mass",
"description": "CVE-20207961 Mass exploit for Script Kiddies",
"fork": false,
"created_at": "2021-01-02T13:57:59Z",
"updated_at": "2023-09-28T11:23:35Z",
"pushed_at": "2021-01-03T10:54:20Z",
"stargazers_count": 18,
"watchers_count": 18,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 18,
"score": 0,
"subscribers_count": 3
},
{
"id": 329711989,
"name": "CVE-2020-7961",

View file

@ -89,36 +89,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 326508613,
"name": "CVE-2020-8165",
"full_name": "hybryx\/CVE-2020-8165",
"owner": {
"login": "hybryx",
"id": 43386553,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43386553?v=4",
"html_url": "https:\/\/github.com\/hybryx"
},
"html_url": "https:\/\/github.com\/hybryx\/CVE-2020-8165",
"description": null,
"fork": false,
"created_at": "2021-01-03T21:59:09Z",
"updated_at": "2021-02-03T02:11:09Z",
"pushed_at": "2021-01-03T22:07:27Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"score": 0,
"subscribers_count": 2
},
{
"id": 329810247,
"name": "CVE-2020-8165",

View file

@ -1,32 +0,0 @@
[
{
"id": 326860293,
"name": "nodejs-http-transfer-encoding-smuggling-poc",
"full_name": "progfay\/nodejs-http-transfer-encoding-smuggling-poc",
"owner": {
"login": "progfay",
"id": 19568747,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19568747?v=4",
"html_url": "https:\/\/github.com\/progfay"
},
"html_url": "https:\/\/github.com\/progfay\/nodejs-http-transfer-encoding-smuggling-poc",
"description": "PoC of HTTP Request Smuggling in nodejs (CVE-2020-8287)",
"fork": false,
"created_at": "2021-01-05T02:09:23Z",
"updated_at": "2023-01-28T11:04:02Z",
"pushed_at": "2021-01-06T08:05:36Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

View file

@ -13,10 +13,10 @@
"description": "Decrypt reversible secrets encrypted using the default hardcoded key related to CVE-2020-9289 on FortiAnalyzer\/FortiManager (the only difference with CVE-2019-6693 is the encryption routine).",
"fork": false,
"created_at": "2023-06-30T08:48:37Z",
"updated_at": "2023-08-28T05:54:58Z",
"updated_at": "2023-10-17T15:44:19Z",
"pushed_at": "2023-06-30T08:55:57Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 3
}

View file

@ -1,34 +1,4 @@
[
{
"id": 327318338,
"name": "apache_skywalking",
"full_name": "shanika04\/apache_skywalking",
"owner": {
"login": "shanika04",
"id": 73774345,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4",
"html_url": "https:\/\/github.com\/shanika04"
},
"html_url": "https:\/\/github.com\/shanika04\/apache_skywalking",
"description": "CVE-2020-9483 OR CVE-2020-13921",
"fork": false,
"created_at": "2021-01-06T13:22:32Z",
"updated_at": "2021-03-22T05:21:36Z",
"pushed_at": "2021-01-06T13:52:44Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 387366849,
"name": "CVE-2020-9483",

View file

@ -239,36 +239,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 329004194,
"name": "CVE-2020-9484-Scanner",
"full_name": "DanQMoo\/CVE-2020-9484-Scanner",
"owner": {
"login": "DanQMoo",
"id": 29651956,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29651956?v=4",
"html_url": "https:\/\/github.com\/DanQMoo"
},
"html_url": "https:\/\/github.com\/DanQMoo\/CVE-2020-9484-Scanner",
"description": "A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ",
"fork": false,
"created_at": "2021-01-12T14:00:00Z",
"updated_at": "2022-04-17T09:09:57Z",
"pushed_at": "2020-06-10T07:08:17Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 333238894,
"name": "CVE-2020-9484",

View file

@ -13,10 +13,10 @@
"description": "0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020\/2021 CVE-2021-2119",
"fork": false,
"created_at": "2021-01-15T17:32:24Z",
"updated_at": "2023-09-28T11:23:59Z",
"updated_at": "2023-10-17T14:40:38Z",
"pushed_at": "2021-01-23T01:25:22Z",
"stargazers_count": 132,
"watchers_count": 132,
"stargazers_count": 133,
"watchers_count": 133,
"has_discussions": false,
"forks_count": 21,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 21,
"watchers": 132,
"watchers": 133,
"score": 0,
"subscribers_count": 10
},

View file

@ -546,10 +546,10 @@
"description": "漏洞利用Vmware vCenter 6.5-7.0 RCECVE-2021-21972上传冰蝎3getshell",
"fork": false,
"created_at": "2021-03-01T14:14:01Z",
"updated_at": "2023-08-06T15:48:22Z",
"updated_at": "2023-10-17T18:06:38Z",
"pushed_at": "2021-03-01T14:28:30Z",
"stargazers_count": 12,
"watchers_count": 12,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -558,7 +558,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 12,
"watchers": 11,
"score": 0,
"subscribers_count": 3
},

View file

@ -43,10 +43,10 @@
"description": "command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.",
"fork": false,
"created_at": "2021-10-27T15:51:12Z",
"updated_at": "2023-10-13T15:27:19Z",
"updated_at": "2023-10-17T18:05:59Z",
"pushed_at": "2021-10-28T06:37:37Z",
"stargazers_count": 210,
"watchers_count": 210,
"stargazers_count": 209,
"watchers_count": 209,
"has_discussions": false,
"forks_count": 72,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 72,
"watchers": 210,
"watchers": 209,
"score": 0,
"subscribers_count": 5
},

View file

@ -223,10 +223,10 @@
"description": "CVE-2021-40444 PoC",
"fork": false,
"created_at": "2021-09-10T16:55:53Z",
"updated_at": "2023-10-08T21:46:05Z",
"updated_at": "2023-10-17T13:11:13Z",
"pushed_at": "2021-12-25T18:31:02Z",
"stargazers_count": 1493,
"watchers_count": 1493,
"stargazers_count": 1494,
"watchers_count": 1494,
"has_discussions": false,
"forks_count": 492,
"allow_forking": true,
@ -235,7 +235,7 @@
"topics": [],
"visibility": "public",
"forks": 492,
"watchers": 1493,
"watchers": 1494,
"score": 0,
"subscribers_count": 28
},

View file

@ -48,10 +48,10 @@
"description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ",
"fork": false,
"created_at": "2021-12-13T10:28:12Z",
"updated_at": "2023-10-09T07:37:58Z",
"updated_at": "2023-10-17T13:25:30Z",
"pushed_at": "2023-01-29T03:31:27Z",
"stargazers_count": 644,
"watchers_count": 644,
"stargazers_count": 645,
"watchers_count": 645,
"has_discussions": false,
"forks_count": 113,
"allow_forking": true,
@ -60,7 +60,7 @@
"topics": [],
"visibility": "public",
"forks": 113,
"watchers": 644,
"watchers": 645,
"score": 0,
"subscribers_count": 12
},

View file

@ -912,7 +912,7 @@
"stargazers_count": 1650,
"watchers_count": 1650,
"has_discussions": false,
"forks_count": 485,
"forks_count": 486,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -923,7 +923,7 @@
"security"
],
"visibility": "public",
"forks": 485,
"forks": 486,
"watchers": 1650,
"score": 0,
"subscribers_count": 25
@ -10186,10 +10186,10 @@
"description": "A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX\/vCenter\/NSX\/Horizon\/vRealize Operations Manager",
"fork": false,
"created_at": "2021-12-28T01:37:20Z",
"updated_at": "2023-09-28T11:34:32Z",
"updated_at": "2023-10-17T18:11:36Z",
"pushed_at": "2022-01-24T05:37:34Z",
"stargazers_count": 183,
"watchers_count": 183,
"stargazers_count": 182,
"watchers_count": 182,
"has_discussions": false,
"forks_count": 35,
"allow_forking": true,
@ -10203,7 +10203,7 @@
],
"visibility": "public",
"forks": 35,
"watchers": 183,
"watchers": 182,
"score": 0,
"subscribers_count": 5
},

View file

@ -13,10 +13,10 @@
"description": "Bad Spin: Android Binder Privilege Escalation Exploit (CVE-2022-20421)",
"fork": false,
"created_at": "2023-03-23T10:25:59Z",
"updated_at": "2023-10-10T19:34:02Z",
"updated_at": "2023-10-17T15:49:16Z",
"pushed_at": "2023-05-27T15:39:41Z",
"stargazers_count": 193,
"watchers_count": 193,
"stargazers_count": 194,
"watchers_count": 194,
"has_discussions": false,
"forks_count": 28,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 28,
"watchers": 193,
"watchers": 194,
"score": 0,
"subscribers_count": 6
}

View file

@ -52,10 +52,10 @@
"description": "CVE-2022-22965 : about spring core rce",
"fork": false,
"created_at": "2022-03-30T14:35:00Z",
"updated_at": "2023-09-28T11:37:31Z",
"updated_at": "2023-10-17T18:41:35Z",
"pushed_at": "2022-04-01T15:34:03Z",
"stargazers_count": 54,
"watchers_count": 54,
"stargazers_count": 53,
"watchers_count": 53,
"has_discussions": false,
"forks_count": 18,
"allow_forking": true,
@ -69,7 +69,7 @@
],
"visibility": "public",
"forks": 18,
"watchers": 54,
"watchers": 53,
"score": 0,
"subscribers_count": 2
},
@ -2093,7 +2093,7 @@
"description": "CVE-2022-22965\\Spring-Core-RCE核弹级别漏洞的rce图形化GUI一键利用工具基于JavaFx开发图形化操作更简单提高效率。",
"fork": false,
"created_at": "2022-12-28T04:50:16Z",
"updated_at": "2023-10-13T00:58:12Z",
"updated_at": "2023-10-17T18:41:40Z",
"pushed_at": "2023-09-20T09:22:35Z",
"stargazers_count": 85,
"watchers_count": 85,

View file

@ -168,13 +168,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 3,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"forks": 4,
"watchers": 0,
"score": 0,
"subscribers_count": 1

View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2023-10-12T15:58:06Z",
"updated_at": "2023-10-17T00:41:42Z",
"pushed_at": "2023-10-17T01:27:28Z",
"pushed_at": "2023-10-17T15:16:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

View file

@ -13,10 +13,10 @@
"description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。",
"fork": false,
"created_at": "2022-05-31T07:44:01Z",
"updated_at": "2023-10-17T08:39:25Z",
"updated_at": "2023-10-17T17:54:09Z",
"pushed_at": "2023-02-26T14:06:05Z",
"stargazers_count": 1054,
"watchers_count": 1054,
"stargazers_count": 1053,
"watchers_count": 1053,
"has_discussions": true,
"forks_count": 181,
"allow_forking": true,
@ -45,7 +45,7 @@
],
"visibility": "public",
"forks": 181,
"watchers": 1054,
"watchers": 1053,
"score": 0,
"subscribers_count": 18
},

View file

@ -13,10 +13,10 @@
"description": "Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4061 - JobBoardWP < 1.2.2 - Unauthenticated Arbitrary File Upload",
"fork": false,
"created_at": "2023-09-17T03:20:23Z",
"updated_at": "2023-09-28T11:46:56Z",
"updated_at": "2023-10-17T17:00:15Z",
"pushed_at": "2023-09-17T10:05:02Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -34,7 +34,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}

View file

@ -196,10 +196,10 @@
"description": "A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read",
"fork": false,
"created_at": "2023-02-05T18:42:27Z",
"updated_at": "2023-09-28T11:45:02Z",
"updated_at": "2023-10-17T16:54:41Z",
"pushed_at": "2023-02-05T19:35:03Z",
"stargazers_count": 188,
"watchers_count": 188,
"stargazers_count": 189,
"watchers_count": 189,
"has_discussions": false,
"forks_count": 26,
"allow_forking": true,
@ -208,7 +208,7 @@
"topics": [],
"visibility": "public",
"forks": 26,
"watchers": 188,
"watchers": 189,
"score": 0,
"subscribers_count": 1
},

View file

@ -13,10 +13,10 @@
"description": "simple urls < 115 - Reflected XSS",
"fork": false,
"created_at": "2023-09-18T06:44:44Z",
"updated_at": "2023-09-29T23:26:24Z",
"updated_at": "2023-10-17T16:59:55Z",
"pushed_at": "2023-09-18T06:52:23Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 4,
"watchers": 6,
"score": 0,
"subscribers_count": 1
}

View file

@ -13,10 +13,10 @@
"description": "CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.",
"fork": false,
"created_at": "2023-02-10T13:02:55Z",
"updated_at": "2023-09-30T16:58:12Z",
"updated_at": "2023-10-17T13:45:52Z",
"pushed_at": "2023-02-13T07:15:28Z",
"stargazers_count": 94,
"watchers_count": 94,
"stargazers_count": 95,
"watchers_count": 95,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 94,
"watchers": 95,
"score": 0,
"subscribers_count": 1
},

View file

@ -43,19 +43,19 @@
"description": "CVE-2023-20198 Checkscript",
"fork": false,
"created_at": "2023-10-17T08:00:18Z",
"updated_at": "2023-10-17T11:54:00Z",
"updated_at": "2023-10-17T15:26:03Z",
"pushed_at": "2023-10-17T11:28:05Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"forks": 1,
"watchers": 4,
"score": 0,
"subscribers_count": 0
},
@ -88,5 +88,95 @@
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 706206311,
"name": "CVE-2023-20198",
"full_name": "d0rb\/CVE-2023-20198",
"owner": {
"login": "d0rb",
"id": 10403781,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4",
"html_url": "https:\/\/github.com\/d0rb"
},
"html_url": "https:\/\/github.com\/d0rb\/CVE-2023-20198",
"description": "CVE-2023-20198 PoC (!)",
"fork": false,
"created_at": "2023-10-17T13:59:48Z",
"updated_at": "2023-10-17T14:00:22Z",
"pushed_at": "2023-10-17T14:02:51Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 706260017,
"name": "cisco-CVE-2023-20198-tester",
"full_name": "securityphoenix\/cisco-CVE-2023-20198-tester",
"owner": {
"login": "securityphoenix",
"id": 61992902,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61992902?v=4",
"html_url": "https:\/\/github.com\/securityphoenix"
},
"html_url": "https:\/\/github.com\/securityphoenix\/cisco-CVE-2023-20198-tester",
"description": "cisco-CVE-2023-20198-tester ",
"fork": false,
"created_at": "2023-10-17T15:44:01Z",
"updated_at": "2023-10-17T15:51:02Z",
"pushed_at": "2023-10-17T15:50:59Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 706337485,
"name": "Simple-Ansible-for-CVE-2023-20198",
"full_name": "emomeni\/Simple-Ansible-for-CVE-2023-20198",
"owner": {
"login": "emomeni",
"id": 6424128,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6424128?v=4",
"html_url": "https:\/\/github.com\/emomeni"
},
"html_url": "https:\/\/github.com\/emomeni\/Simple-Ansible-for-CVE-2023-20198",
"description": null,
"fork": false,
"created_at": "2023-10-17T18:46:21Z",
"updated_at": "2023-10-17T18:46:22Z",
"pushed_at": "2023-10-17T18:46:32Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

View file

@ -13,10 +13,10 @@
"description": "CVE-2023-2023",
"fork": false,
"created_at": "2021-11-22T12:57:22Z",
"updated_at": "2023-10-17T09:44:37Z",
"updated_at": "2023-10-17T14:33:38Z",
"pushed_at": "2023-10-15T12:09:05Z",
"stargazers_count": 471,
"watchers_count": 471,
"stargazers_count": 472,
"watchers_count": 472,
"has_discussions": false,
"forks_count": 180,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 180,
"watchers": 471,
"watchers": 472,
"score": 0,
"subscribers_count": 17
},

View file

@ -13,10 +13,10 @@
"description": "Discord bot for mitigating the aCropalypse vulnerability (CVE-2023-21036, CVE-2023-28303) by retroactively deleting vulnerable images",
"fork": false,
"created_at": "2023-03-19T02:15:23Z",
"updated_at": "2023-09-13T12:46:17Z",
"updated_at": "2023-10-17T17:27:44Z",
"pushed_at": "2023-04-01T04:54:08Z",
"stargazers_count": 20,
"watchers_count": 20,
"stargazers_count": 21,
"watchers_count": 21,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 20,
"watchers": 21,
"score": 0,
"subscribers_count": 3
},

View file

@ -73,10 +73,10 @@
"description": "CVE-2023-22515: Confluence Broken Access Control Exploit",
"fork": false,
"created_at": "2023-10-10T21:40:09Z",
"updated_at": "2023-10-16T20:03:56Z",
"updated_at": "2023-10-17T18:16:03Z",
"pushed_at": "2023-10-15T18:12:43Z",
"stargazers_count": 55,
"watchers_count": 55,
"stargazers_count": 56,
"watchers_count": 56,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
@ -94,7 +94,7 @@
],
"visibility": "public",
"forks": 12,
"watchers": 55,
"watchers": 56,
"score": 0,
"subscribers_count": 1
},

View file

@ -376,10 +376,10 @@
"description": "Bulk scanner + get config from CVE-2023-23752",
"fork": false,
"created_at": "2023-03-09T07:42:03Z",
"updated_at": "2023-10-15T21:33:54Z",
"updated_at": "2023-10-17T17:04:20Z",
"pushed_at": "2023-03-14T06:39:36Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -392,7 +392,7 @@
],
"visibility": "public",
"forks": 7,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
},
@ -635,10 +635,10 @@
"description": "Perform With Mass Exploiter In Joomla 4.2.8.",
"fork": false,
"created_at": "2023-04-09T13:20:48Z",
"updated_at": "2023-10-06T04:34:53Z",
"updated_at": "2023-10-17T17:22:05Z",
"pushed_at": "2023-07-24T22:22:00Z",
"stargazers_count": 21,
"watchers_count": 21,
"stargazers_count": 22,
"watchers_count": 22,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -651,7 +651,7 @@
],
"visibility": "public",
"forks": 7,
"watchers": 21,
"watchers": 22,
"score": 0,
"subscribers_count": 1
},

View file

@ -73,10 +73,10 @@
"description": "POC for CVE-2023-24488",
"fork": false,
"created_at": "2023-07-04T18:02:50Z",
"updated_at": "2023-10-05T20:41:16Z",
"updated_at": "2023-10-17T15:37:05Z",
"pushed_at": "2023-07-04T18:39:03Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
},

View file

@ -73,10 +73,10 @@
"description": "Perform With Massive Authentication Bypass (Wordpress Mstore-API)",
"fork": false,
"created_at": "2023-08-05T06:38:53Z",
"updated_at": "2023-09-28T11:46:44Z",
"updated_at": "2023-10-17T17:20:52Z",
"pushed_at": "2023-08-05T06:43:33Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -89,7 +89,7 @@
],
"visibility": "public",
"forks": 3,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

View file

@ -133,10 +133,10 @@
"description": "Perfom With Massive Authentication Bypass In PaperCut MF\/NG",
"fork": false,
"created_at": "2023-05-27T11:32:35Z",
"updated_at": "2023-09-28T11:46:18Z",
"updated_at": "2023-10-17T17:22:23Z",
"pushed_at": "2023-07-24T22:21:38Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -149,7 +149,7 @@
],
"visibility": "public",
"forks": 3,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},

View file

@ -13,10 +13,10 @@
"description": "PoC for CVE-2023-28771 based on Rapid7's excellent writeup",
"fork": false,
"created_at": "2023-05-23T02:37:39Z",
"updated_at": "2023-08-19T04:06:11Z",
"updated_at": "2023-10-17T12:55:11Z",
"pushed_at": "2023-05-23T02:49:05Z",
"stargazers_count": 24,
"watchers_count": 24,
"stargazers_count": 25,
"watchers_count": 25,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -27,7 +27,7 @@
],
"visibility": "public",
"forks": 6,
"watchers": 24,
"watchers": 25,
"score": 0,
"subscribers_count": 1
},

View file

@ -133,10 +133,10 @@
"description": "Perform With Massive Openfire Unauthenticated Users",
"fork": false,
"created_at": "2023-07-02T20:38:14Z",
"updated_at": "2023-09-28T11:46:33Z",
"updated_at": "2023-10-17T17:22:48Z",
"pushed_at": "2023-07-24T22:21:14Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -149,7 +149,7 @@
],
"visibility": "public",
"forks": 3,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},
@ -197,10 +197,10 @@
"description": "Tool for CVE-2023-32315 exploitation",
"fork": false,
"created_at": "2023-08-31T08:43:44Z",
"updated_at": "2023-09-01T19:12:23Z",
"updated_at": "2023-10-17T17:03:54Z",
"pushed_at": "2023-08-31T08:49:26Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -209,7 +209,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

View file

@ -211,5 +211,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 706185729,
"name": "poc-CVE-2023-32784",
"full_name": "ValentinPundikov\/poc-CVE-2023-32784",
"owner": {
"login": "ValentinPundikov",
"id": 74809607,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74809607?v=4",
"html_url": "https:\/\/github.com\/ValentinPundikov"
},
"html_url": "https:\/\/github.com\/ValentinPundikov\/poc-CVE-2023-32784",
"description": null,
"fork": false,
"created_at": "2023-10-17T13:17:08Z",
"updated_at": "2023-10-17T13:18:50Z",
"pushed_at": "2023-10-17T13:18:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

View file

@ -136,10 +136,10 @@
"description": "Exploit and scanner for CVE-2023-3460",
"fork": false,
"created_at": "2023-07-11T20:15:20Z",
"updated_at": "2023-08-01T15:03:51Z",
"updated_at": "2023-10-17T13:42:37Z",
"pushed_at": "2023-07-12T19:55:32Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -148,7 +148,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 3
},

View file

@ -13,10 +13,10 @@
"description": "Android App Pin Security Issue Allowing Unauthorized Payments via Google Wallet",
"fork": false,
"created_at": "2023-09-01T20:16:28Z",
"updated_at": "2023-10-03T14:10:17Z",
"updated_at": "2023-10-17T15:26:17Z",
"pushed_at": "2023-09-12T07:52:40Z",
"stargazers_count": 65,
"watchers_count": 65,
"stargazers_count": 66,
"watchers_count": 66,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 65,
"watchers": 66,
"score": 0,
"subscribers_count": 2
}

View file

@ -13,10 +13,10 @@
"description": "LPE exploit for CVE-2023-36802",
"fork": false,
"created_at": "2023-10-09T17:32:15Z",
"updated_at": "2023-10-17T09:01:07Z",
"updated_at": "2023-10-17T18:15:54Z",
"pushed_at": "2023-10-10T17:44:17Z",
"stargazers_count": 94,
"watchers_count": 94,
"stargazers_count": 96,
"watchers_count": 96,
"has_discussions": false,
"forks_count": 29,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 29,
"watchers": 94,
"watchers": 96,
"score": 0,
"subscribers_count": 4
}

View file

@ -43,10 +43,10 @@
"description": "Perform With Massive Juniper Remote Code Execution",
"fork": false,
"created_at": "2023-09-20T02:32:56Z",
"updated_at": "2023-09-20T02:33:40Z",
"updated_at": "2023-10-17T17:19:09Z",
"pushed_at": "2023-09-20T03:16:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},

View file

@ -13,10 +13,10 @@
"description": "A tool to discover Juniper firewalls vulnerable to CVE-2023-36845",
"fork": false,
"created_at": "2023-09-16T09:11:21Z",
"updated_at": "2023-10-08T13:48:16Z",
"updated_at": "2023-10-17T15:25:05Z",
"pushed_at": "2023-09-17T09:14:32Z",
"stargazers_count": 51,
"watchers_count": 51,
"stargazers_count": 52,
"watchers_count": 52,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -27,7 +27,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 51,
"watchers": 52,
"score": 0,
"subscribers_count": 2
},
@ -45,12 +45,12 @@
"description": "Juniper Firewalls CVE-2023-36845 - RCE",
"fork": false,
"created_at": "2023-09-26T17:56:55Z",
"updated_at": "2023-10-17T11:44:45Z",
"updated_at": "2023-10-17T17:31:42Z",
"pushed_at": "2023-09-26T19:02:07Z",
"stargazers_count": 22,
"watchers_count": 22,
"stargazers_count": 24,
"watchers_count": 24,
"has_discussions": false,
"forks_count": 4,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -75,8 +75,8 @@
"web-application-security"
],
"visibility": "public",
"forks": 4,
"watchers": 22,
"forks": 5,
"watchers": 24,
"score": 0,
"subscribers_count": 1
},

View file

@ -43,10 +43,10 @@
"description": "CVE-2023-38831 winrar exploit generator",
"fork": false,
"created_at": "2023-08-25T09:44:08Z",
"updated_at": "2023-10-17T08:18:40Z",
"updated_at": "2023-10-17T18:21:30Z",
"pushed_at": "2023-09-17T02:17:52Z",
"stargazers_count": 676,
"watchers_count": 676,
"stargazers_count": 677,
"watchers_count": 677,
"has_discussions": false,
"forks_count": 119,
"allow_forking": true,
@ -59,7 +59,7 @@
],
"visibility": "public",
"forks": 119,
"watchers": 676,
"watchers": 677,
"score": 0,
"subscribers_count": 8
},
@ -174,10 +174,10 @@
"description": "CVE-2023-38831 PoC (Proof Of Concept)",
"fork": false,
"created_at": "2023-08-28T04:56:10Z",
"updated_at": "2023-10-17T04:39:00Z",
"updated_at": "2023-10-17T14:34:36Z",
"pushed_at": "2023-08-28T20:41:57Z",
"stargazers_count": 27,
"watchers_count": 27,
"stargazers_count": 29,
"watchers_count": 29,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -186,7 +186,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 27,
"watchers": 29,
"score": 0,
"subscribers_count": 0
},

View file

@ -1,20 +1,20 @@
[
{
"id": 705480946,
"name": "Ruijie_RG-EW1200G_login_bypass-CVE-2023-4415",
"full_name": "thedarknessdied\/Ruijie_RG-EW1200G_login_bypass-CVE-2023-4415",
"name": "CVE-2023-4169_CVE-2023-3306_CVE-2023-4415",
"full_name": "thedarknessdied\/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415",
"owner": {
"login": "thedarknessdied",
"id": 56123966,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56123966?v=4",
"html_url": "https:\/\/github.com\/thedarknessdied"
},
"html_url": "https:\/\/github.com\/thedarknessdied\/Ruijie_RG-EW1200G_login_bypass-CVE-2023-4415",
"html_url": "https:\/\/github.com\/thedarknessdied\/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415",
"description": "锐捷RG-EW1200G登录绕过(CVE-2023-4415)",
"fork": false,
"created_at": "2023-10-16T05:08:06Z",
"updated_at": "2023-10-16T12:45:12Z",
"pushed_at": "2023-10-16T12:11:14Z",
"updated_at": "2023-10-17T16:38:57Z",
"pushed_at": "2023-10-17T16:39:21Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,

View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-10-15T12:14:18Z",
"updated_at": "2023-10-17T12:50:35Z",
"updated_at": "2023-10-17T18:28:22Z",
"pushed_at": "2023-10-16T21:28:28Z",
"stargazers_count": 90,
"watchers_count": 90,
"stargazers_count": 94,
"watchers_count": 94,
"has_discussions": false,
"forks_count": 18,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 90,
"watchers": 94,
"score": 0,
"subscribers_count": 4
},
@ -43,10 +43,10 @@
"description": "testing poc",
"fork": false,
"created_at": "2023-10-16T15:43:50Z",
"updated_at": "2023-10-17T12:11:03Z",
"pushed_at": "2023-10-17T12:50:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"updated_at": "2023-10-17T15:59:07Z",
"pushed_at": "2023-10-17T15:59:39Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -55,7 +55,44 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 705857370,
"name": "CVE-2023-41993",
"full_name": "0x06060606\/CVE-2023-41993",
"owner": {
"login": "0x06060606",
"id": 47062591,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47062591?v=4",
"html_url": "https:\/\/github.com\/0x06060606"
},
"html_url": "https:\/\/github.com\/0x06060606\/CVE-2023-41993",
"description": "CVE-2023-41993",
"fork": false,
"created_at": "2023-10-16T20:34:02Z",
"updated_at": "2023-10-17T17:22:17Z",
"pushed_at": "2023-10-17T17:14:41Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2023-41993",
"exploit",
"hacktoberfest",
"hacktoberfest2023",
"ios",
"webkit"
],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

View file

@ -13,10 +13,10 @@
"description": "Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487",
"fork": false,
"created_at": "2023-10-10T14:20:42Z",
"updated_at": "2023-10-17T02:43:40Z",
"updated_at": "2023-10-17T14:57:58Z",
"pushed_at": "2023-10-14T16:43:31Z",
"stargazers_count": 150,
"watchers_count": 150,
"stargazers_count": 151,
"watchers_count": 151,
"has_discussions": false,
"forks_count": 34,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 34,
"watchers": 150,
"watchers": 151,
"score": 0,
"subscribers_count": 5
},

View file

@ -13,10 +13,10 @@
"description": "PoC Script for CVE-2023-4596, unauthenticated Remote Command Execution through arbitrary file uploads.",
"fork": false,
"created_at": "2023-08-30T22:40:10Z",
"updated_at": "2023-09-24T20:40:33Z",
"updated_at": "2023-10-17T17:01:07Z",
"pushed_at": "2023-09-04T17:53:27Z",
"stargazers_count": 19,
"watchers_count": 19,
"stargazers_count": 20,
"watchers_count": 20,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 19,
"watchers": 20,
"score": 0,
"subscribers_count": 1
}

View file

@ -43,10 +43,10 @@
"description": "PoC for CVE-2023-4911",
"fork": false,
"created_at": "2023-10-04T14:12:16Z",
"updated_at": "2023-10-16T17:34:51Z",
"updated_at": "2023-10-17T13:05:56Z",
"pushed_at": "2023-10-04T14:16:36Z",
"stargazers_count": 328,
"watchers_count": 328,
"stargazers_count": 329,
"watchers_count": 329,
"has_discussions": false,
"forks_count": 51,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 51,
"watchers": 328,
"watchers": 329,
"score": 0,
"subscribers_count": 3
},

106
README.md
View file

@ -632,6 +632,13 @@
- [mvpyyds/CVE-2023-4166](https://github.com/mvpyyds/CVE-2023-4166)
### CVE-2023-4169 (2023-08-05)
<code>In Ruijie RG-EW1200G 1.0(1)B1P5 wurde eine kritische Schwachstelle ausgemacht. Es geht um eine nicht näher bekannte Funktion der Datei /api/sys/set_passwd der Komponente Administrator Password Handler. Durch Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
</code>
- [thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415](https://github.com/thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415)
### CVE-2023-4174 (2023-08-05)
<code>In mooSocial mooStore 3.1.6 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode. Mittels Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk.
@ -675,13 +682,6 @@
- [b0marek/CVE-2023-4294](https://github.com/b0marek/CVE-2023-4294)
### CVE-2023-4415 (2023-08-18)
<code>Eine kritische Schwachstelle wurde in Ruijie RG-EW1200G 07161417 r483 ausgemacht. Betroffen davon ist ein unbekannter Prozess der Datei /api/sys/login. Mittels Manipulieren mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
</code>
- [thedarknessdied/Ruijie_RG-EW1200G_login_bypass-CVE-2023-4415](https://github.com/thedarknessdied/Ruijie_RG-EW1200G_login_bypass-CVE-2023-4415)
### CVE-2023-4460
- [daniloalbuqrque/poc-cve-xss-uploading-svg](https://github.com/daniloalbuqrque/poc-cve-xss-uploading-svg)
@ -888,6 +888,9 @@
- [raystr-atearedteam/CVE-2023-20198-checker](https://github.com/raystr-atearedteam/CVE-2023-20198-checker)
- [Atea-Redteam/CVE-2023-20198](https://github.com/Atea-Redteam/CVE-2023-20198)
- [pypcod/CVE-2023-20198](https://github.com/pypcod/CVE-2023-20198)
- [d0rb/CVE-2023-20198](https://github.com/d0rb/CVE-2023-20198)
- [securityphoenix/cisco-CVE-2023-20198-tester](https://github.com/securityphoenix/cisco-CVE-2023-20198-tester)
- [emomeni/Simple-Ansible-for-CVE-2023-20198](https://github.com/emomeni/Simple-Ansible-for-CVE-2023-20198)
### CVE-2023-20209 (2023-08-16)
@ -2693,6 +2696,7 @@
- [LeDocteurDesBits/cve-2023-32784](https://github.com/LeDocteurDesBits/cve-2023-32784)
- [hau-zy/KeePass-dump-py](https://github.com/hau-zy/KeePass-dump-py)
- [dawnl3ss/CVE-2023-32784](https://github.com/dawnl3ss/CVE-2023-32784)
- [ValentinPundikov/poc-CVE-2023-32784](https://github.com/ValentinPundikov/poc-CVE-2023-32784)
### CVE-2023-32961 (2023-06-12)
@ -4092,6 +4096,7 @@
- [po6ix/POC-for-CVE-2023-41993](https://github.com/po6ix/POC-for-CVE-2023-41993)
- [hrtowii/cve-2023-41993-test](https://github.com/hrtowii/cve-2023-41993-test)
- [0x06060606/CVE-2023-41993](https://github.com/0x06060606/CVE-2023-41993)
### CVE-2023-42222 (2023-09-27)
@ -17791,13 +17796,6 @@
- [skasanagottu57gmailv/gerhart01](https://github.com/skasanagottu57gmailv/gerhart01)
- [MarcelloTinocor/gerhart01](https://github.com/MarcelloTinocor/gerhart01)
### CVE-2020-0910 (2020-04-15)
<code>A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.
</code>
- [kfmgang/CVE-2020-0910](https://github.com/kfmgang/CVE-2020-0910)
### CVE-2020-0976 (2020-04-15)
<code>A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0977.
@ -17988,13 +17986,13 @@
- [JayP232/The_big_Zero](https://github.com/JayP232/The_big_Zero)
- [b1ack0wl/CVE-2020-1472](https://github.com/b1ack0wl/CVE-2020-1472)
- [SaharAttackit/CVE-2020-1472](https://github.com/SaharAttackit/CVE-2020-1472)
- [wrathfulDiety/zerologon](https://github.com/wrathfulDiety/zerologon)
- [YossiSassi/ZeroLogon-Exploitation-Check](https://github.com/YossiSassi/ZeroLogon-Exploitation-Check)
- [sho-luv/zerologon](https://github.com/sho-luv/zerologon)
- [hell-moon/ZeroLogon-Exploit](https://github.com/hell-moon/ZeroLogon-Exploit)
- [Udyz/Zerologon](https://github.com/Udyz/Zerologon)
- [itssmikefm/CVE-2020-1472](https://github.com/itssmikefm/CVE-2020-1472)
- [NickSanzotta/zeroscan](https://github.com/NickSanzotta/zeroscan)
- [TheJoyOfHacking/SecuraBV-CVE-2020-1472](https://github.com/TheJoyOfHacking/SecuraBV-CVE-2020-1472)
- [TheJoyOfHacking/dirkjanm-CVE-2020-1472](https://github.com/TheJoyOfHacking/dirkjanm-CVE-2020-1472)
- [Anonymous-Family/Zero-day-scanning](https://github.com/Anonymous-Family/Zero-day-scanning)
- [Anonymous-Family/CVE-2020-1472](https://github.com/Anonymous-Family/CVE-2020-1472)
@ -18029,13 +18027,6 @@
- [jpts/cve-2020-1764-poc](https://github.com/jpts/cve-2020-1764-poc)
### CVE-2020-1937 (2020-02-24)
<code>Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries.
</code>
- [shanika04/apache_kylin](https://github.com/shanika04/apache_kylin)
### CVE-2020-1938 (2020-02-24)
<code>When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.
@ -18144,6 +18135,13 @@
### CVE-2020-2333
- [section-c/CVE-2020-2333](https://github.com/section-c/CVE-2020-2333)
### CVE-2020-2501 (2021-02-16)
<code>A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)
</code>
- [Alonzozzz/alonzzzo](https://github.com/Alonzozzz/alonzzzo)
### CVE-2020-2509 (2021-04-16)
<code>A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later
@ -18831,7 +18829,6 @@
- [shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui](https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui)
- [shacojx/GLiferay-CVE-2020-7961-golang](https://github.com/shacojx/GLiferay-CVE-2020-7961-golang)
- [shacojx/POC-CVE-2020-7961-Token-iterate](https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate)
- [Udyz/CVE-2020-7961-Mass](https://github.com/Udyz/CVE-2020-7961-Mass)
- [ShutdownRepo/CVE-2020-7961](https://github.com/ShutdownRepo/CVE-2020-7961)
- [pashayogi/CVE-2020-7961-Mass](https://github.com/pashayogi/CVE-2020-7961-Mass)
@ -18880,7 +18877,6 @@
- [masahiro331/CVE-2020-8165](https://github.com/masahiro331/CVE-2020-8165)
- [umiterkol/CVE-2020-8165--Auto-Shell](https://github.com/umiterkol/CVE-2020-8165--Auto-Shell)
- [taipansec/CVE-2020-8165](https://github.com/taipansec/CVE-2020-8165)
- [hybryx/CVE-2020-8165](https://github.com/hybryx/CVE-2020-8165)
- [AssassinUKG/CVE-2020-8165](https://github.com/AssassinUKG/CVE-2020-8165)
- [progfay/CVE-2020-8165](https://github.com/progfay/CVE-2020-8165)
- [danielklim/cve-2020-8165-demo](https://github.com/danielklim/cve-2020-8165-demo)
@ -18933,13 +18929,6 @@
- [masahiro331/CVE-2020-8277](https://github.com/masahiro331/CVE-2020-8277)
- [AndrewIjano/CVE-2020-8277](https://github.com/AndrewIjano/CVE-2020-8277)
### CVE-2020-8287 (2021-01-06)
<code>Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.
</code>
- [progfay/nodejs-http-transfer-encoding-smuggling-poc](https://github.com/progfay/nodejs-http-transfer-encoding-smuggling-poc)
### CVE-2020-8289 (2020-12-26)
<code>Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality.
@ -19260,7 +19249,6 @@
<code>**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is a SQL injection vulnerability, which allows to access unpexcted data. Apache SkyWalking 6.0.0 to 6.6.0, 7.0.0 H2/MySQL/TiDB storage implementations don't use the appropriate way to set SQL parameters.
</code>
- [shanika04/apache_skywalking](https://github.com/shanika04/apache_skywalking)
- [Neko-chanQwQ/CVE-2020-9483](https://github.com/Neko-chanQwQ/CVE-2020-9483)
### CVE-2020-9484 (2020-05-20)
@ -19276,7 +19264,6 @@
- [osamahamad/CVE-2020-9484-Mass-Scan](https://github.com/osamahamad/CVE-2020-9484-Mass-Scan)
- [anjai94/CVE-2020-9484-exploit](https://github.com/anjai94/CVE-2020-9484-exploit)
- [PenTestical/CVE-2020-9484](https://github.com/PenTestical/CVE-2020-9484)
- [DanQMoo/CVE-2020-9484-Scanner](https://github.com/DanQMoo/CVE-2020-9484-Scanner)
- [AssassinUKG/CVE-2020-9484](https://github.com/AssassinUKG/CVE-2020-9484)
- [VICXOR/CVE-2020-9484](https://github.com/VICXOR/CVE-2020-9484)
- [DXY0411/CVE-2020-9484](https://github.com/DXY0411/CVE-2020-9484)
@ -19418,8 +19405,6 @@
</code>
- [rdoix/CVE-2020-10148-Solarwinds-Orion](https://github.com/rdoix/CVE-2020-10148-Solarwinds-Orion)
- [Udyz/CVE-2020-10148-Solarwinds-Orion](https://github.com/Udyz/CVE-2020-10148-Solarwinds-Orion)
- [B1anda0/CVE-2020-10148](https://github.com/B1anda0/CVE-2020-10148)
### CVE-2020-10189 (2020-03-06)
@ -20807,7 +20792,6 @@
<code>Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4 from apache/flink:master.
</code>
- [QmF0c3UK/CVE-2020-17518](https://github.com/QmF0c3UK/CVE-2020-17518)
- [murataydemir/CVE-2020-17518](https://github.com/murataydemir/CVE-2020-17518)
- [rakjong/Flink-CVE-2020-17518-getshell](https://github.com/rakjong/Flink-CVE-2020-17518-getshell)
@ -20817,7 +20801,6 @@
</code>
- [B1anda0/CVE-2020-17519](https://github.com/B1anda0/CVE-2020-17519)
- [QmF0c3UK/CVE-2020-17519](https://github.com/QmF0c3UK/CVE-2020-17519)
- [dolevf/apache-flink-directory-traversal.nse](https://github.com/dolevf/apache-flink-directory-traversal.nse)
- [hoanx4/CVE-2020-17519](https://github.com/hoanx4/CVE-2020-17519)
- [murataydemir/CVE-2020-17519](https://github.com/murataydemir/CVE-2020-17519)
@ -21290,13 +21273,6 @@
### CVE-2020-25488
- [Ko-kn3t/CVE-2020-25488](https://github.com/Ko-kn3t/CVE-2020-25488)
### CVE-2020-25498 (2021-01-06)
<code>Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and &quot;Keyword&quot; in URL Filter.
</code>
- [the-girl-who-lived/CVE-2020-25498](https://github.com/the-girl-who-lived/CVE-2020-25498)
### CVE-2020-25514 (2020-09-22)
<code>Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://&lt;site&gt;/lms/admin.php.
@ -21844,13 +21820,6 @@
- [nanopathi/linux-4.19.72_CVE-2020-29370](https://github.com/nanopathi/linux-4.19.72_CVE-2020-29370)
### CVE-2020-29583 (2020-12-22)
<code>Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
</code>
- [ruppde/scan_CVE-2020-29583](https://github.com/ruppde/scan_CVE-2020-29583)
### CVE-2020-29599 (2020-12-07)
<code>ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
@ -21893,13 +21862,6 @@
- [megadimenex/MegaHiDocker](https://github.com/megadimenex/MegaHiDocker)
### CVE-2020-35262 (2021-01-06)
<code>Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and &quot;Keyword&quot; in URL Filter.
</code>
- [the-girl-who-lived/CVE-2020-35262](https://github.com/the-girl-who-lived/CVE-2020-35262)
### CVE-2020-35314 (2021-04-20)
<code>A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code and obtain a webshell via the theme/plugin installer.
@ -21990,13 +21952,6 @@
- [Al1ex/CVE-2020-35713](https://github.com/Al1ex/CVE-2020-35713)
### CVE-2020-35717 (2021-01-01)
<code>zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true).
</code>
- [hmartos/cve-2020-35717](https://github.com/hmartos/cve-2020-35717)
### CVE-2020-35728 (2020-12-26)
<code>FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).
@ -27128,6 +27083,13 @@
- [jm33-m0/CVE-2018-7750](https://github.com/jm33-m0/CVE-2018-7750)
### CVE-2018-7842 (2019-05-22)
<code>A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller.
</code>
- [yanissec/CVE-2018-7842](https://github.com/yanissec/CVE-2018-7842)
### CVE-2018-7935 (2023-02-10)
<code>There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable.
@ -31727,13 +31689,6 @@
- [FiloSottile/CVE-2016-2107](https://github.com/FiloSottile/CVE-2016-2107)
- [tmiklas/docker-cve-2016-2107](https://github.com/tmiklas/docker-cve-2016-2107)
### CVE-2016-2118 (2016-04-12)
<code>The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka &quot;BADLOCK.&quot;
</code>
- [nickanderson/cfengine-CVE-2016-2118](https://github.com/nickanderson/cfengine-CVE-2016-2118)
### CVE-2016-2173 (2017-04-21)
<code>org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code.
@ -31855,13 +31810,6 @@
- [mxypoo/CVE-2016-3116-DropbearSSH](https://github.com/mxypoo/CVE-2016-3116-DropbearSSH)
### CVE-2016-3141 (2016-03-31)
<code>Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.
</code>
- [peternguyen93/CVE-2016-3141](https://github.com/peternguyen93/CVE-2016-3141)
### CVE-2016-3238 (2016-07-12)
<code>The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbitrary code by providing a crafted print driver during printer installation, aka &quot;Windows Print Spooler Remote Code Execution Vulnerability.&quot;