From 5bc716ad55b7d5d8ea881bdaefc253620e927478 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 22 Mar 2024 21:27:22 +0900 Subject: [PATCH] Auto Update 2024/03/22 12:27:21 --- 2015/CVE-2015-4843.json | 32 ++++++++++++++++++++++++++++++++ 2016/CVE-2016-5195.json | 8 ++++---- 2017/CVE-2017-11882.json | 4 ++-- 2019/CVE-2019-11358.json | 8 ++++---- 2020/CVE-2020-11022.json | 8 ++++---- 2020/CVE-2020-11023.json | 8 ++++---- 2020/CVE-2020-1472.json | 4 ++-- 2021/CVE-2021-21972.json | 8 ++++---- 2021/CVE-2021-44228.json | 16 ++++++++-------- 2022/CVE-2022-0847.json | 8 ++++---- 2022/CVE-2022-21894.json | 8 ++++---- 2022/CVE-2022-22954.json | 8 ++++---- 2022/CVE-2022-23093.json | 30 ++++++++++++++++++++++++++++++ 2022/CVE-2022-32832.json | 8 ++++---- 2023/CVE-2023-21768.json | 16 ++++++++-------- 2023/CVE-2023-23638.json | 8 ++++---- 2023/CVE-2023-24998.json | 8 ++++---- 2023/CVE-2023-25690.json | 8 ++++---- 2023/CVE-2023-36424.json | 10 +++++----- 2023/CVE-2023-44487.json | 8 ++++---- 2023/CVE-2023-46747.json | 8 ++++---- 2023/CVE-2023-48788.json | 8 ++++---- 2024/CVE-2024-1212.json | 8 ++++---- 2024/CVE-2024-23208.json | 8 ++++---- 2024/CVE-2024-23780.json | 4 ++-- 2024/CVE-2024-23897.json | 10 +++++----- 2024/CVE-2024-25175.json | 32 ++++++++++++++++++++++++++++++++ 2024/CVE-2024-27198.json | 8 ++++---- 2024/CVE-2024-28397.json | 8 ++++---- README.md | 11 +++++++++++ 30 files changed, 213 insertions(+), 108 deletions(-) create mode 100644 2015/CVE-2015-4843.json create mode 100644 2024/CVE-2024-25175.json diff --git a/2015/CVE-2015-4843.json b/2015/CVE-2015-4843.json new file mode 100644 index 0000000000..2aef120f57 --- /dev/null +++ b/2015/CVE-2015-4843.json @@ -0,0 +1,32 @@ +[ + { + "id": 723030232, + "name": "cve-2015-4843-type-confusion-phrack", + "full_name": "Soteria-Research\/cve-2015-4843-type-confusion-phrack", + "owner": { + "login": "Soteria-Research", + "id": 80925542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80925542?v=4", + "html_url": "https:\/\/github.com\/Soteria-Research" + }, + "html_url": "https:\/\/github.com\/Soteria-Research\/cve-2015-4843-type-confusion-phrack", + "description": null, + "fork": false, + "created_at": "2023-11-24T14:09:30Z", + "updated_at": "2024-03-22T10:55:01Z", + "pushed_at": "2023-11-27T12:15:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2016/CVE-2016-5195.json b/2016/CVE-2016-5195.json index 8ce0ffcb63..c95ca94164 100644 --- a/2016/CVE-2016-5195.json +++ b/2016/CVE-2016-5195.json @@ -1145,10 +1145,10 @@ "description": "CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”", "fork": false, "created_at": "2022-03-07T18:36:50Z", - "updated_at": "2024-02-24T10:43:54Z", + "updated_at": "2024-03-22T07:16:29Z", "pushed_at": "2023-02-02T02:17:30Z", - "stargazers_count": 266, - "watchers_count": 266, + "stargazers_count": 267, + "watchers_count": 267, "has_discussions": false, "forks_count": 77, "allow_forking": true, @@ -1157,7 +1157,7 @@ "topics": [], "visibility": "public", "forks": 77, - "watchers": 266, + "watchers": 267, "score": 0, "subscribers_count": 4 }, diff --git a/2017/CVE-2017-11882.json b/2017/CVE-2017-11882.json index 33fef63847..acec5660fa 100644 --- a/2017/CVE-2017-11882.json +++ b/2017/CVE-2017-11882.json @@ -233,7 +233,7 @@ "stargazers_count": 44, "watchers_count": 44, "has_discussions": false, - "forks_count": 70, + "forks_count": 71, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -241,7 +241,7 @@ "cve-2017-11882" ], "visibility": "public", - "forks": 70, + "forks": 71, "watchers": 44, "score": 0, "subscribers_count": 5 diff --git a/2019/CVE-2019-11358.json b/2019/CVE-2019-11358.json index b3117575f8..2b7e68b55e 100644 --- a/2019/CVE-2019-11358.json +++ b/2019/CVE-2019-11358.json @@ -13,10 +13,10 @@ "description": "patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428", "fork": false, "created_at": "2019-03-30T10:03:36Z", - "updated_at": "2024-02-18T11:58:01Z", + "updated_at": "2024-03-22T11:34:08Z", "pushed_at": "2022-08-22T12:01:25Z", - "stargazers_count": 27, - "watchers_count": 27, + "stargazers_count": 28, + "watchers_count": 28, "has_discussions": false, "forks_count": 23, "allow_forking": true, @@ -33,7 +33,7 @@ ], "visibility": "public", "forks": 23, - "watchers": 27, + "watchers": 28, "score": 0, "subscribers_count": 4 }, diff --git a/2020/CVE-2020-11022.json b/2020/CVE-2020-11022.json index 1ef165e118..ba231fbc05 100644 --- a/2020/CVE-2020-11022.json +++ b/2020/CVE-2020-11022.json @@ -13,10 +13,10 @@ "description": "Little thing put together quickly to demonstrate this CVE ", "fork": false, "created_at": "2021-10-16T01:10:33Z", - "updated_at": "2024-03-21T13:23:12Z", + "updated_at": "2024-03-22T11:34:05Z", "pushed_at": "2022-09-11T22:06:40Z", - "stargazers_count": 21, - "watchers_count": 21, + "stargazers_count": 22, + "watchers_count": 22, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 21, + "watchers": 22, "score": 0, "subscribers_count": 1 }, diff --git a/2020/CVE-2020-11023.json b/2020/CVE-2020-11023.json index c3525552d0..1ad189bdd8 100644 --- a/2020/CVE-2020-11023.json +++ b/2020/CVE-2020-11023.json @@ -13,10 +13,10 @@ "description": "Vulnearability Report of the New Jersey official site", "fork": false, "created_at": "2022-05-23T10:49:19Z", - "updated_at": "2022-05-23T12:13:23Z", + "updated_at": "2024-03-22T11:34:10Z", "pushed_at": "2022-05-23T11:06:27Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 }, diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 9ae143461c..a19f13de7c 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -48,13 +48,13 @@ "stargazers_count": 1683, "watchers_count": 1683, "has_discussions": false, - "forks_count": 360, + "forks_count": 359, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 360, + "forks": 359, "watchers": 1683, "score": 0, "subscribers_count": 87 diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 96b63b3b7b..e88d1e8d9d 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -851,10 +851,10 @@ "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", "fork": false, "created_at": "2022-10-04T03:39:27Z", - "updated_at": "2024-03-19T08:42:48Z", + "updated_at": "2024-03-22T08:39:08Z", "pushed_at": "2024-02-01T06:53:03Z", - "stargazers_count": 1225, - "watchers_count": 1225, + "stargazers_count": 1226, + "watchers_count": 1226, "has_discussions": false, "forks_count": 154, "allow_forking": true, @@ -870,7 +870,7 @@ ], "visibility": "public", "forks": 154, - "watchers": 1225, + "watchers": 1226, "score": 0, "subscribers_count": 12 } diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 1dffb91dfd..c3c396bda8 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -857,10 +857,10 @@ "description": "🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks", "fork": false, "created_at": "2021-12-10T22:35:00Z", - "updated_at": "2024-03-21T01:32:26Z", + "updated_at": "2024-03-22T08:53:09Z", "pushed_at": "2022-01-15T16:18:44Z", - "stargazers_count": 919, - "watchers_count": 919, + "stargazers_count": 920, + "watchers_count": 920, "has_discussions": false, "forks_count": 140, "allow_forking": true, @@ -889,7 +889,7 @@ ], "visibility": "public", "forks": 140, - "watchers": 919, + "watchers": 920, "score": 0, "subscribers_count": 25 }, @@ -907,10 +907,10 @@ "description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ", "fork": false, "created_at": "2021-12-10T23:19:28Z", - "updated_at": "2024-03-21T02:25:16Z", + "updated_at": "2024-03-22T10:34:44Z", "pushed_at": "2024-02-12T22:37:25Z", - "stargazers_count": 1726, - "watchers_count": 1726, + "stargazers_count": 1727, + "watchers_count": 1727, "has_discussions": false, "forks_count": 516, "allow_forking": true, @@ -924,7 +924,7 @@ ], "visibility": "public", "forks": 516, - "watchers": 1726, + "watchers": 1727, "score": 0, "subscribers_count": 28 }, diff --git a/2022/CVE-2022-0847.json b/2022/CVE-2022-0847.json index 95d40f3671..d52f82b5a9 100644 --- a/2022/CVE-2022-0847.json +++ b/2022/CVE-2022-0847.json @@ -103,10 +103,10 @@ "description": "CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”", "fork": false, "created_at": "2022-03-07T18:36:50Z", - "updated_at": "2024-02-24T10:43:54Z", + "updated_at": "2024-03-22T07:16:29Z", "pushed_at": "2023-02-02T02:17:30Z", - "stargazers_count": 266, - "watchers_count": 266, + "stargazers_count": 267, + "watchers_count": 267, "has_discussions": false, "forks_count": 77, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 77, - "watchers": 266, + "watchers": 267, "score": 0, "subscribers_count": 4 }, diff --git a/2022/CVE-2022-21894.json b/2022/CVE-2022-21894.json index f3a1ffcfad..1e85f7136a 100644 --- a/2022/CVE-2022-21894.json +++ b/2022/CVE-2022-21894.json @@ -13,10 +13,10 @@ "description": "baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability", "fork": false, "created_at": "2022-08-09T15:53:48Z", - "updated_at": "2024-03-10T02:33:05Z", + "updated_at": "2024-03-22T07:01:16Z", "pushed_at": "2023-09-27T06:44:27Z", - "stargazers_count": 267, - "watchers_count": 267, + "stargazers_count": 268, + "watchers_count": 268, "has_discussions": false, "forks_count": 59, "allow_forking": true, @@ -33,7 +33,7 @@ ], "visibility": "public", "forks": 59, - "watchers": 267, + "watchers": 268, "score": 0, "subscribers_count": 10 }, diff --git a/2022/CVE-2022-22954.json b/2022/CVE-2022-22954.json index 3acbb65210..1740adca04 100644 --- a/2022/CVE-2022-22954.json +++ b/2022/CVE-2022-22954.json @@ -796,10 +796,10 @@ "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", "fork": false, "created_at": "2022-10-04T03:39:27Z", - "updated_at": "2024-03-19T08:42:48Z", + "updated_at": "2024-03-22T08:39:08Z", "pushed_at": "2024-02-01T06:53:03Z", - "stargazers_count": 1225, - "watchers_count": 1225, + "stargazers_count": 1226, + "watchers_count": 1226, "has_discussions": false, "forks_count": 154, "allow_forking": true, @@ -815,7 +815,7 @@ ], "visibility": "public", "forks": 154, - "watchers": 1225, + "watchers": 1226, "score": 0, "subscribers_count": 12 }, diff --git a/2022/CVE-2022-23093.json b/2022/CVE-2022-23093.json index b883c6ca7b..508eaec6e9 100644 --- a/2022/CVE-2022-23093.json +++ b/2022/CVE-2022-23093.json @@ -40,5 +40,35 @@ "watchers": 8, "score": 0, "subscribers_count": 1 + }, + { + "id": 775885856, + "name": "DrayTek-Exploit", + "full_name": "Symbolexe\/DrayTek-Exploit", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/DrayTek-Exploit", + "description": "CVE-2022-23093 FreeBSD Stack-Based Overflow", + "fork": false, + "created_at": "2024-03-22T08:38:40Z", + "updated_at": "2024-03-22T08:46:36Z", + "pushed_at": "2024-03-22T08:46:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-32832.json b/2022/CVE-2022-32832.json index 0323e8bddc..99c77b5ea8 100644 --- a/2022/CVE-2022-32832.json +++ b/2022/CVE-2022-32832.json @@ -13,10 +13,10 @@ "description": "Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6", "fork": false, "created_at": "2022-07-21T13:09:50Z", - "updated_at": "2024-02-01T01:51:47Z", + "updated_at": "2024-03-22T10:08:24Z", "pushed_at": "2022-07-21T13:44:32Z", - "stargazers_count": 97, - "watchers_count": 97, + "stargazers_count": 98, + "watchers_count": 98, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 97, + "watchers": 98, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-21768.json b/2023/CVE-2023-21768.json index 0ac7c2a43a..b057b8cf26 100644 --- a/2023/CVE-2023-21768.json +++ b/2023/CVE-2023-21768.json @@ -13,10 +13,10 @@ "description": "LPE exploit for CVE-2023-21768", "fork": false, "created_at": "2023-03-07T23:00:27Z", - "updated_at": "2024-02-28T12:18:05Z", + "updated_at": "2024-03-22T08:32:44Z", "pushed_at": "2023-07-10T16:35:49Z", - "stargazers_count": 466, - "watchers_count": 466, + "stargazers_count": 467, + "watchers_count": 467, "has_discussions": false, "forks_count": 163, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 163, - "watchers": 466, + "watchers": 467, "score": 0, "subscribers_count": 10 }, @@ -111,10 +111,10 @@ "description": "Windows_AFD_LPE_CVE-2023-21768", "fork": false, "created_at": "2023-03-13T20:32:50Z", - "updated_at": "2024-03-03T23:36:10Z", + "updated_at": "2024-03-22T08:32:58Z", "pushed_at": "2023-08-27T10:41:40Z", - "stargazers_count": 38, - "watchers_count": 38, + "stargazers_count": 39, + "watchers_count": 39, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -123,7 +123,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 38, + "watchers": 39, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-23638.json b/2023/CVE-2023-23638.json index de6c0ade63..785dc8668a 100644 --- a/2023/CVE-2023-23638.json +++ b/2023/CVE-2023-23638.json @@ -43,10 +43,10 @@ "description": "Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践", "fork": false, "created_at": "2023-05-11T07:37:52Z", - "updated_at": "2024-03-19T01:50:03Z", + "updated_at": "2024-03-22T07:10:50Z", "pushed_at": "2023-08-08T02:30:25Z", - "stargazers_count": 213, - "watchers_count": 213, + "stargazers_count": 214, + "watchers_count": 214, "has_discussions": false, "forks_count": 35, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 35, - "watchers": 213, + "watchers": 214, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-24998.json b/2023/CVE-2023-24998.json index 547ea00d3d..4b42610202 100644 --- a/2023/CVE-2023-24998.json +++ b/2023/CVE-2023-24998.json @@ -13,10 +13,10 @@ "description": "Apache Commons FileUpload 보안 취약점 테스트", "fork": false, "created_at": "2023-03-29T01:36:29Z", - "updated_at": "2023-05-30T08:50:23Z", + "updated_at": "2024-03-22T11:34:07Z", "pushed_at": "2023-03-29T04:56:04Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-25690.json b/2023/CVE-2023-25690.json index 6f2fd35c19..76f1674023 100644 --- a/2023/CVE-2023-25690.json +++ b/2023/CVE-2023-25690.json @@ -47,10 +47,10 @@ "description": "CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.", "fork": false, "created_at": "2023-05-22T03:06:31Z", - "updated_at": "2024-03-13T13:29:38Z", + "updated_at": "2024-03-22T12:04:47Z", "pushed_at": "2023-09-10T10:44:32Z", - "stargazers_count": 245, - "watchers_count": 245, + "stargazers_count": 246, + "watchers_count": 246, "has_discussions": false, "forks_count": 35, "allow_forking": true, @@ -67,7 +67,7 @@ ], "visibility": "public", "forks": 35, - "watchers": 245, + "watchers": 246, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-36424.json b/2023/CVE-2023-36424.json index 505ee6a7c2..c56a7f91d5 100644 --- a/2023/CVE-2023-36424.json +++ b/2023/CVE-2023-36424.json @@ -13,10 +13,10 @@ "description": "Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation", "fork": false, "created_at": "2024-03-21T21:39:24Z", - "updated_at": "2024-03-22T06:21:01Z", - "pushed_at": "2024-03-22T02:02:06Z", - "stargazers_count": 16, - "watchers_count": 16, + "updated_at": "2024-03-22T11:30:59Z", + "pushed_at": "2024-03-22T06:45:43Z", + "stargazers_count": 23, + "watchers_count": 23, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 16, + "watchers": 23, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-44487.json b/2023/CVE-2023-44487.json index d224a3bdef..8a67d40276 100644 --- a/2023/CVE-2023-44487.json +++ b/2023/CVE-2023-44487.json @@ -13,10 +13,10 @@ "description": "Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487", "fork": false, "created_at": "2023-10-10T14:20:42Z", - "updated_at": "2024-03-18T14:07:23Z", + "updated_at": "2024-03-22T11:34:03Z", "pushed_at": "2024-01-08T11:12:08Z", - "stargazers_count": 206, - "watchers_count": 206, + "stargazers_count": 207, + "watchers_count": 207, "has_discussions": false, "forks_count": 46, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 46, - "watchers": 206, + "watchers": 207, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-46747.json b/2023/CVE-2023-46747.json index 7d4f9b85e5..54177fb854 100644 --- a/2023/CVE-2023-46747.json +++ b/2023/CVE-2023-46747.json @@ -43,10 +43,10 @@ "description": "exploit for f5-big-ip RCE cve-2023-46747", "fork": false, "created_at": "2023-11-01T09:31:05Z", - "updated_at": "2024-03-08T07:32:05Z", + "updated_at": "2024-03-22T07:00:04Z", "pushed_at": "2024-01-20T02:27:51Z", - "stargazers_count": 170, - "watchers_count": 170, + "stargazers_count": 171, + "watchers_count": 171, "has_discussions": false, "forks_count": 44, "allow_forking": true, @@ -61,7 +61,7 @@ ], "visibility": "public", "forks": 44, - "watchers": 170, + "watchers": 171, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-48788.json b/2023/CVE-2023-48788.json index 5941ef2dd7..89e80f88ce 100644 --- a/2023/CVE-2023-48788.json +++ b/2023/CVE-2023-48788.json @@ -43,10 +43,10 @@ "description": "Fortinet FortiClient EMS SQL Injection", "fork": false, "created_at": "2024-03-18T20:50:48Z", - "updated_at": "2024-03-22T04:19:21Z", + "updated_at": "2024-03-22T11:04:42Z", "pushed_at": "2024-03-20T20:42:41Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 7, + "watchers": 8, "score": 0, "subscribers_count": 4 } diff --git a/2024/CVE-2024-1212.json b/2024/CVE-2024-1212.json index b7994425ed..950c63f2b8 100644 --- a/2024/CVE-2024-1212.json +++ b/2024/CVE-2024-1212.json @@ -13,10 +13,10 @@ "description": "Unauthenticated Command Injection In Progress Kemp LoadMaster", "fork": false, "created_at": "2024-03-19T22:23:18Z", - "updated_at": "2024-03-21T10:41:47Z", + "updated_at": "2024-03-22T06:40:09Z", "pushed_at": "2024-03-19T22:25:21Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-23208.json b/2024/CVE-2024-23208.json index ac3d31e96b..e3b4929a10 100644 --- a/2024/CVE-2024-23208.json +++ b/2024/CVE-2024-23208.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2024-02-04T07:37:21Z", - "updated_at": "2024-03-01T18:28:44Z", + "updated_at": "2024-03-22T10:12:10Z", "pushed_at": "2024-02-05T02:11:42Z", - "stargazers_count": 20, - "watchers_count": 20, + "stargazers_count": 21, + "watchers_count": 21, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 20, + "watchers": 21, "score": 0, "subscribers_count": 4 } diff --git a/2024/CVE-2024-23780.json b/2024/CVE-2024-23780.json index bbecd5b567..2afd77dcaf 100644 --- a/2024/CVE-2024-23780.json +++ b/2024/CVE-2024-23780.json @@ -18,13 +18,13 @@ "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 0, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-23897.json b/2024/CVE-2024-23897.json index 7113325462..4d377c3e43 100644 --- a/2024/CVE-2024-23897.json +++ b/2024/CVE-2024-23897.json @@ -73,7 +73,7 @@ "description": "CVE-2024-23897", "fork": false, "created_at": "2024-01-26T09:44:32Z", - "updated_at": "2024-03-20T12:48:03Z", + "updated_at": "2024-03-22T09:06:48Z", "pushed_at": "2024-01-28T06:47:28Z", "stargazers_count": 158, "watchers_count": 158, @@ -256,10 +256,10 @@ "description": "CVE-2024-23897 - Jenkins 任意文件读取 利用工具", "fork": false, "created_at": "2024-01-27T19:34:48Z", - "updated_at": "2024-03-21T08:37:43Z", + "updated_at": "2024-03-22T09:51:16Z", "pushed_at": "2024-03-16T07:55:41Z", - "stargazers_count": 46, - "watchers_count": 46, + "stargazers_count": 47, + "watchers_count": 47, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -272,7 +272,7 @@ ], "visibility": "public", "forks": 8, - "watchers": 46, + "watchers": 47, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-25175.json b/2024/CVE-2024-25175.json new file mode 100644 index 0000000000..5fbf338818 --- /dev/null +++ b/2024/CVE-2024-25175.json @@ -0,0 +1,32 @@ +[ + { + "id": 775961541, + "name": "CVE-2024-25175", + "full_name": "jet-pentest\/CVE-2024-25175", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2024-25175", + "description": null, + "fork": false, + "created_at": "2024-03-22T11:54:36Z", + "updated_at": "2024-03-22T11:54:36Z", + "pushed_at": "2024-03-22T12:01:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27198.json b/2024/CVE-2024-27198.json index b8dcb71730..1b66a35a5f 100644 --- a/2024/CVE-2024-27198.json +++ b/2024/CVE-2024-27198.json @@ -76,10 +76,10 @@ "description": "CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4", "fork": false, "created_at": "2024-03-06T03:15:03Z", - "updated_at": "2024-03-21T08:15:36Z", + "updated_at": "2024-03-22T09:45:15Z", "pushed_at": "2024-03-11T07:57:40Z", - "stargazers_count": 101, - "watchers_count": 101, + "stargazers_count": 102, + "watchers_count": 102, "has_discussions": false, "forks_count": 27, "allow_forking": true, @@ -98,7 +98,7 @@ ], "visibility": "public", "forks": 27, - "watchers": 101, + "watchers": 102, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-28397.json b/2024/CVE-2024-28397.json index 76206d3ab1..c4e57687c7 100644 --- a/2024/CVE-2024-28397.json +++ b/2024/CVE-2024-28397.json @@ -13,10 +13,10 @@ "description": "to be released", "fork": false, "created_at": "2024-03-22T04:29:34Z", - "updated_at": "2024-03-22T04:29:35Z", + "updated_at": "2024-03-22T08:57:56Z", "pushed_at": "2024-03-22T04:29:35Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 2, "score": 0, "subscribers_count": 0 } diff --git a/README.md b/README.md index 70726888b1..90fe61f82d 100644 --- a/README.md +++ b/README.md @@ -807,6 +807,9 @@ - [shenhav12/CVE-2024-25170-Mezzanine-v6.0.0](https://github.com/shenhav12/CVE-2024-25170-Mezzanine-v6.0.0) +### CVE-2024-25175 +- [jet-pentest/CVE-2024-25175](https://github.com/jet-pentest/CVE-2024-25175) + ### CVE-2024-25202 (-) Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar. @@ -10191,6 +10194,7 @@ - [Inplex-sys/CVE-2022-23093](https://github.com/Inplex-sys/CVE-2022-23093) +- [Symbolexe/DrayTek-Exploit](https://github.com/Symbolexe/DrayTek-Exploit) ### CVE-2022-23131 (2022-01-13) @@ -37889,6 +37893,13 @@ - [vincd/CVE-2015-4495](https://github.com/vincd/CVE-2015-4495) +### CVE-2015-4843 (2015-10-21) + +Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. + + +- [Soteria-Research/cve-2015-4843-type-confusion-phrack](https://github.com/Soteria-Research/cve-2015-4843-type-confusion-phrack) + ### CVE-2015-4852 (2015-11-18) The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.