mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/11/22 06:31:39

Browse source
This commit is contained in:
motikan2010-bot 2024-11-22 15:31:39 +09:00
parent a8ead31e05
commit 677c0c34e2
50 changed files with 419 additions and 181 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2015/CVE-2015-7755.json
View file

@ -14,10 +14,10 @@
"description": "Notes, binaries, and related information from analysis of the CVE-2015-7755 & CVE-2015-7756 issues within Juniper ScreenOS",
"fork": false,
"created_at": "2015-12-18T20:20:01Z",
"updated_at": "2024-08-12T19:20:36Z",
"updated_at": "2024-11-22T03:39:16Z",
"pushed_at": "2021-01-25T21:45:52Z",
"stargazers_count": 102,
"watchers_count": 102,
"stargazers_count": 103,
"watchers_count": 103,
"has_discussions": false,
"forks_count": 34,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 34,
"watchers": 102,
"watchers": 103,
"score": 0,
"subscribers_count": 19
},

4
2017/CVE-2017-3881.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 206,
"watchers_count": 206,
"has_discussions": false,
"forks_count": 81,
"forks_count": 80,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 81,
"forks": 80,
"watchers": 206,
"score": 0,
"subscribers_count": 14

24
2024/CVE-2024-111.json → 2019/CVE-2019-11248.json
View file

@ -1,21 +1,21 @@
[
{
"id": 890757947,
"name": "CVE-2024-111",
"full_name": "adminlove520\/CVE-2024-111",
"id": 892351604,
"name": "poc-CVE-2019-11248",
"full_name": "g1thubb001\/poc-CVE-2019-11248",
"owner": {
"login": "adminlove520",
"id": 32920883,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32920883?v=4",
"html_url": "https:\/\/github.com\/adminlove520",
"login": "g1thubb001",
"id": 189302160,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/189302160?v=4",
"html_url": "https:\/\/github.com\/g1thubb001",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/adminlove520\/CVE-2024-111",
"html_url": "https:\/\/github.com\/g1thubb001\/poc-CVE-2019-11248",
"description": null,
"fork": false,
"created_at": "2024-11-19T06:02:34Z",
"updated_at": "2024-11-19T06:02:35Z",
"pushed_at": "2024-11-19T06:02:35Z",
"created_at": "2024-11-22T00:24:39Z",
"updated_at": "2024-11-22T00:25:28Z",
"pushed_at": "2024-11-22T00:25:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
"subscribers_count": 0
}
]

8
2019/CVE-2019-11358.json
View file

File diff suppressed because one or more lines are too long

8
2020/CVE-2020-15802.json
View file

@ -14,10 +14,10 @@
"description": "BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy [CVE-2020-15802] [CVE-2022-20361]",
"fork": false,
"created_at": "2022-08-17T19:05:38Z",
"updated_at": "2024-10-17T17:17:03Z",
"updated_at": "2024-11-22T02:56:40Z",
"pushed_at": "2022-08-17T19:20:34Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 16,
"watchers": 17,
"score": 0,
"subscribers_count": 3
}

24
2021/CVE-2021-1732.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2021-1732 Exploit",
"fork": false,
"created_at": "2021-03-05T02:11:10Z",
"updated_at": "2024-10-29T15:28:06Z",
"updated_at": "2024-11-22T03:49:37Z",
"pushed_at": "2021-03-05T03:10:26Z",
"stargazers_count": 416,
"watchers_count": 416,
"stargazers_count": 417,
"watchers_count": 417,
"has_discussions": false,
"forks_count": 130,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 130,
"watchers": 416,
"watchers": 417,
"score": 0,
"subscribers_count": 6
},
@ -45,10 +45,10 @@
"description": "CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Poc\/Exploit开发",
"fork": false,
"created_at": "2021-03-08T05:07:15Z",
"updated_at": "2024-08-12T20:11:01Z",
"updated_at": "2024-11-22T03:14:35Z",
"pushed_at": "2021-03-08T11:41:19Z",
"stargazers_count": 79,
"watchers_count": 79,
"stargazers_count": 80,
"watchers_count": 80,
"has_discussions": false,
"forks_count": 27,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 27,
"watchers": 79,
"watchers": 80,
"score": 0,
"subscribers_count": 2
},
@ -138,10 +138,10 @@
"description": "CVE-2021-1732 poc & exp; tested on 20H2",
"fork": false,
"created_at": "2021-04-23T08:21:54Z",
"updated_at": "2024-08-12T20:12:25Z",
"updated_at": "2024-11-22T03:14:51Z",
"pushed_at": "2021-04-23T08:28:53Z",
"stargazers_count": 66,
"watchers_count": 66,
"stargazers_count": 67,
"watchers_count": 67,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -150,7 +150,7 @@
"topics": [],
"visibility": "public",
"forks": 17,
"watchers": 66,
"watchers": 67,
"score": 0,
"subscribers_count": 6
},

8
2021/CVE-2021-4034.json
View file

@ -967,10 +967,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2024-11-21T08:33:00Z",
"updated_at": "2024-11-22T05:37:43Z",
"pushed_at": "2022-06-21T14:52:05Z",
"stargazers_count": 1086,
"watchers_count": 1086,
"stargazers_count": 1087,
"watchers_count": 1087,
"has_discussions": false,
"forks_count": 189,
"allow_forking": true,
@ -981,7 +981,7 @@
],
"visibility": "public",
"forks": 189,
"watchers": 1086,
"watchers": 1087,
"score": 0,
"subscribers_count": 13
},

8
2021/CVE-2021-41773.json
View file

@ -2414,10 +2414,10 @@
"description": "Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773",
"fork": false,
"created_at": "2022-03-12T21:24:55Z",
"updated_at": "2024-11-05T22:48:11Z",
"updated_at": "2024-11-22T00:54:04Z",
"pushed_at": "2022-03-12T21:30:58Z",
"stargazers_count": 96,
"watchers_count": 96,
"stargazers_count": 97,
"watchers_count": 97,
"has_discussions": false,
"forks_count": 34,
"allow_forking": true,
@ -2435,7 +2435,7 @@
],
"visibility": "public",
"forks": 34,
"watchers": 96,
"watchers": 97,
"score": 0,
"subscribers_count": 2
},

8
2021/CVE-2021-42278.json
View file

@ -50,10 +50,10 @@
"description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ",
"fork": false,
"created_at": "2021-12-13T10:28:12Z",
"updated_at": "2024-11-20T00:32:15Z",
"updated_at": "2024-11-22T02:22:09Z",
"pushed_at": "2023-01-29T03:31:27Z",
"stargazers_count": 804,
"watchers_count": 804,
"stargazers_count": 805,
"watchers_count": 805,
"has_discussions": false,
"forks_count": 123,
"allow_forking": true,
@ -62,7 +62,7 @@
"topics": [],
"visibility": "public",
"forks": 123,
"watchers": 804,
"watchers": 805,
"score": 0,
"subscribers_count": 13
},

4
2021/CVE-2021-44228.json
View file

@ -940,7 +940,7 @@
"stargazers_count": 1807,
"watchers_count": 1807,
"has_discussions": false,
"forks_count": 525,
"forks_count": 526,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -951,7 +951,7 @@
"security"
],
"visibility": "public",
"forks": 525,
"forks": 526,
"watchers": 1807,
"score": 0,
"subscribers_count": 26

8
2022/CVE-2022-20361.json
View file

@ -14,10 +14,10 @@
"description": "BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy [CVE-2020-15802] [CVE-2022-20361]",
"fork": false,
"created_at": "2022-08-17T19:05:38Z",
"updated_at": "2024-10-17T17:17:03Z",
"updated_at": "2024-11-22T02:56:40Z",
"pushed_at": "2022-08-17T19:20:34Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 16,
"watchers": 17,
"score": 0,
"subscribers_count": 3
}

8
2022/CVE-2022-25845.json
View file

@ -107,10 +107,10 @@
"description": "CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!",
"fork": false,
"created_at": "2024-11-07T13:06:44Z",
"updated_at": "2024-11-21T18:25:54Z",
"updated_at": "2024-11-22T01:46:26Z",
"pushed_at": "2024-11-07T13:38:18Z",
"stargazers_count": 68,
"watchers_count": 68,
"stargazers_count": 69,
"watchers_count": 69,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 68,
"watchers": 69,
"score": 0,
"subscribers_count": 3
}

8
2022/CVE-2022-26134.json
View file

@ -14,10 +14,10 @@
"description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。",
"fork": false,
"created_at": "2022-05-31T07:44:01Z",
"updated_at": "2024-11-20T05:55:18Z",
"updated_at": "2024-11-22T01:59:11Z",
"pushed_at": "2023-02-26T14:06:05Z",
"stargazers_count": 1168,
"watchers_count": 1168,
"stargazers_count": 1169,
"watchers_count": 1169,
"has_discussions": true,
"forks_count": 190,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 190,
"watchers": 1168,
"watchers": 1169,
"score": 0,
"subscribers_count": 19
},

2
2022/CVE-2022-32206.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

31
2023/CVE-2023-20198.json
View file

@ -782,5 +782,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 892414102,
"name": "CVE-2023-20198-poc",
"full_name": "XiaomingX\/CVE-2023-20198-poc",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/CVE-2023-20198-poc",
"description": "CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户从而完全控制设备。",
"fork": false,
"created_at": "2024-11-22T04:10:28Z",
"updated_at": "2024-11-22T04:12:15Z",
"pushed_at": "2024-11-22T04:12:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-3079.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2023-08-15T04:16:46Z",
"updated_at": "2024-08-27T04:59:16Z",
"updated_at": "2024-11-22T04:11:40Z",
"pushed_at": "2023-08-17T11:43:26Z",
"stargazers_count": 120,
"watchers_count": 120,
"stargazers_count": 119,
"watchers_count": 119,
"has_discussions": false,
"forks_count": 29,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 29,
"watchers": 120,
"watchers": 119,
"score": 0,
"subscribers_count": 7
}

31
2023/CVE-2023-38646.json
View file

@ -1129,5 +1129,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 892415497,
"name": "cve-2023-38646-poc",
"full_name": "XiaomingX\/cve-2023-38646-poc",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/cve-2023-38646-poc",
"description": "CVE-2023-38646是Metabase中的一个远程代码执行漏洞。该漏洞源于Metabase在处理未经身份验证的API端点\/api\/setup\/validate时对JDBC连接字符串的处理存在安全缺陷。攻击者可以通过构造特定的JDBC连接字符串利用该端点在服务器上执行任意命令而无需进行身份验证。",
"fork": false,
"created_at": "2024-11-22T04:15:25Z",
"updated_at": "2024-11-22T04:18:57Z",
"pushed_at": "2024-11-22T04:18:53Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2023/CVE-2023-4357.json
View file

@ -14,12 +14,12 @@
"description": "[漏洞复现] 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.",
"fork": false,
"created_at": "2023-11-17T10:32:31Z",
"updated_at": "2024-11-19T05:36:25Z",
"updated_at": "2024-11-22T06:25:41Z",
"pushed_at": "2023-11-21T10:45:58Z",
"stargazers_count": 199,
"watchers_count": 199,
"stargazers_count": 200,
"watchers_count": 200,
"has_discussions": false,
"forks_count": 33,
"forks_count": 34,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -27,8 +27,8 @@
"cve-2023-4357"
],
"visibility": "public",
"forks": 33,
"watchers": 199,
"forks": 34,
"watchers": 200,
"score": 0,
"subscribers_count": 3
},

4
2023/CVE-2023-45288.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 5,
"score": 0,
"subscribers_count": 2

8
2023/CVE-2023-45866.json
View file

@ -14,10 +14,10 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
"updated_at": "2024-11-21T22:24:28Z",
"updated_at": "2024-11-22T04:21:08Z",
"pushed_at": "2024-08-18T08:26:46Z",
"stargazers_count": 1270,
"watchers_count": 1270,
"stargazers_count": 1271,
"watchers_count": 1271,
"has_discussions": false,
"forks_count": 217,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 217,
"watchers": 1270,
"watchers": 1271,
"score": 0,
"subscribers_count": 20
},

8
2023/CVE-2023-46604.json
View file

@ -45,10 +45,10 @@
"description": "ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具",
"fork": false,
"created_at": "2023-10-27T05:57:21Z",
"updated_at": "2024-11-19T02:34:41Z",
"updated_at": "2024-11-22T02:45:38Z",
"pushed_at": "2024-01-29T02:28:11Z",
"stargazers_count": 225,
"watchers_count": 225,
"stargazers_count": 226,
"watchers_count": 226,
"has_discussions": false,
"forks_count": 29,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 29,
"watchers": 225,
"watchers": 226,
"score": 0,
"subscribers_count": 4
},

2
2024/CVE-2024-0012.json
View file

@ -121,6 +121,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-10220.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-10508.json
View file

@ -71,6 +71,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2024/CVE-2024-1086.json
View file

@ -14,10 +14,10 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2024-11-21T05:25:26Z",
"updated_at": "2024-11-22T03:08:32Z",
"pushed_at": "2024-04-17T16:09:54Z",
"stargazers_count": 2283,
"watchers_count": 2283,
"stargazers_count": 2284,
"watchers_count": 2284,
"has_discussions": false,
"forks_count": 298,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 298,
"watchers": 2283,
"watchers": 2284,
"score": 0,
"subscribers_count": 23
},

4
2024/CVE-2024-10914.json
View file

@ -50,7 +50,7 @@
"stargazers_count": 16,
"watchers_count": 16,
"has_discussions": false,
"forks_count": 7,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -64,7 +64,7 @@
"unauthenticated-rce"
],
"visibility": "public",
"forks": 7,
"forks": 8,
"watchers": 16,
"score": 0,
"subscribers_count": 1

39
2024/CVE-2024-10924.json
View file

@ -113,10 +113,10 @@
"description": "Exploits Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924).",
"fork": false,
"created_at": "2024-11-19T10:07:28Z",
"updated_at": "2024-11-21T20:14:05Z",
"updated_at": "2024-11-22T05:59:48Z",
"pushed_at": "2024-11-19T12:20:16Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -134,7 +134,7 @@
],
"visibility": "public",
"forks": 7,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
},
@ -204,36 +204,5 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 892336376,
"name": "Exploit-for-CVE-2024-10924",
"full_name": "dua1337\/Exploit-for-CVE-2024-10924",
"owner": {
"login": "dua1337",
"id": 189299799,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/189299799?v=4",
"html_url": "https:\/\/github.com\/dua1337",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/dua1337\/Exploit-for-CVE-2024-10924",
"description": "Exploit for CVE-2024-10924 -> Really Simple Security < 9.1.2 authentication bypass",
"fork": false,
"created_at": "2024-11-21T23:26:02Z",
"updated_at": "2024-11-22T00:10:14Z",
"pushed_at": "2024-11-21T23:37:18Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-21413.json
View file

@ -45,10 +45,10 @@
"description": "Microsoft-Outlook-Remote-Code-Execution-Vulnerability",
"fork": false,
"created_at": "2024-02-16T15:17:59Z",
"updated_at": "2024-11-20T15:35:24Z",
"updated_at": "2024-11-22T01:26:04Z",
"pushed_at": "2024-02-19T20:00:35Z",
"stargazers_count": 686,
"watchers_count": 686,
"stargazers_count": 687,
"watchers_count": 687,
"has_discussions": false,
"forks_count": 152,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 152,
"watchers": 686,
"watchers": 687,
"score": 0,
"subscribers_count": 10
},

31
2024/CVE-2024-23113.json
View file

@ -153,5 +153,36 @@
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
{
"id": 892373700,
"name": "cve-2024-23113-exp",
"full_name": "XiaomingX\/cve-2024-23113-exp",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-23113-exp",
"description": null,
"fork": false,
"created_at": "2024-11-22T01:46:58Z",
"updated_at": "2024-11-22T01:53:49Z",
"pushed_at": "2024-11-22T01:53:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2024/CVE-2024-26218.json
View file

@ -14,19 +14,19 @@
"description": "Proof-of-Concept for CVE-2024-26218",
"fork": false,
"created_at": "2024-04-26T16:41:04Z",
"updated_at": "2024-11-20T16:30:45Z",
"updated_at": "2024-11-22T06:02:01Z",
"pushed_at": "2024-04-26T16:46:15Z",
"stargazers_count": 46,
"watchers_count": 46,
"stargazers_count": 47,
"watchers_count": 47,
"has_discussions": false,
"forks_count": 15,
"forks_count": 16,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 15,
"watchers": 46,
"forks": 16,
"watchers": 47,
"score": 0,
"subscribers_count": 3
}

8
2024/CVE-2024-28397.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction.",
"fork": false,
"created_at": "2024-06-19T01:46:33Z",
"updated_at": "2024-11-20T16:30:50Z",
"updated_at": "2024-11-22T01:41:08Z",
"pushed_at": "2024-07-29T04:42:43Z",
"stargazers_count": 28,
"watchers_count": 28,
"stargazers_count": 29,
"watchers_count": 29,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 28,
"watchers": 29,
"score": 0,
"subscribers_count": 1
},

2
2024/CVE-2024-29671.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2024/CVE-2024-35250.json
View file

@ -45,10 +45,10 @@
"description": "Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。) ",
"fork": false,
"created_at": "2024-10-25T10:06:09Z",
"updated_at": "2024-10-25T10:06:10Z",
"updated_at": "2024-11-22T02:10:11Z",
"pushed_at": "2024-10-21T04:15:27Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

31
2024/CVE-2024-36401.json
View file

@ -408,5 +408,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 892410177,
"name": "CVE-2024-36401-WoodpeckerPlugin",
"full_name": "thestar0\/CVE-2024-36401-WoodpeckerPlugin",
"owner": {
"login": "thestar0",
"id": 97114131,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97114131?v=4",
"html_url": "https:\/\/github.com\/thestar0",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/thestar0\/CVE-2024-36401-WoodpeckerPlugin",
"description": "CVE-2024-36401-GeoServer Property 表达式注入 Rce woodpecker-framework 插件",
"fork": false,
"created_at": "2024-11-22T03:57:12Z",
"updated_at": "2024-11-22T04:12:09Z",
"pushed_at": "2024-11-22T04:09:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-44258.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-44258",
"fork": false,
"created_at": "2024-10-29T09:45:03Z",
"updated_at": "2024-11-21T13:13:25Z",
"updated_at": "2024-11-22T03:11:47Z",
"pushed_at": "2024-11-02T19:20:44Z",
"stargazers_count": 54,
"watchers_count": 54,
"stargazers_count": 55,
"watchers_count": 55,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 54,
"watchers": 55,
"score": 0,
"subscribers_count": 1
}

2
2024/CVE-2024-4439.json
View file

@ -152,6 +152,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-45436.json
View file

@ -64,6 +64,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

31
2024/CVE-2024-45519.json
View file

@ -91,5 +91,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 892376259,
"name": "cve-2024-45519-poc",
"full_name": "XiaomingX\/cve-2024-45519-poc",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-45519-poc",
"description": null,
"fork": false,
"created_at": "2024-11-22T01:56:21Z",
"updated_at": "2024-11-22T02:54:18Z",
"pushed_at": "2024-11-22T02:00:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

31
2024/CVE-2024-47575.json
View file

@ -91,5 +91,36 @@
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
{
"id": 892397687,
"name": "cve-2024-47575-poc",
"full_name": "XiaomingX\/cve-2024-47575-poc",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-47575-poc",
"description": "CVE-2024-47575是Fortinet的FortiManager和FortiManager Cloud产品中的一个严重漏洞源于fgfmsd守护进程缺乏对关键功能的身份验证。",
"fork": false,
"created_at": "2024-11-22T03:13:03Z",
"updated_at": "2024-11-22T05:58:44Z",
"pushed_at": "2024-11-22T03:17:57Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

12
2024/CVE-2024-48336.json
View file

@ -14,19 +14,19 @@
"description": "Exploit and writeup for installed app to root privilege escalation through CVE-2024-48336 (Magisk Bug #8279), Privileges Escalation \/ Arbitrary Code Execution Vulnerability",
"fork": false,
"created_at": "2024-08-24T08:51:08Z",
"updated_at": "2024-11-21T23:01:06Z",
"updated_at": "2024-11-22T06:10:41Z",
"pushed_at": "2024-11-05T02:57:25Z",
"stargazers_count": 172,
"watchers_count": 172,
"stargazers_count": 173,
"watchers_count": 173,
"has_discussions": false,
"forks_count": 26,
"forks_count": 27,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 26,
"watchers": 172,
"forks": 27,
"watchers": 173,
"score": 0,
"subscribers_count": 8
}

14
2024/CVE-2024-48990.json
View file

@ -14,10 +14,10 @@
"description": "PoC for CVE-2024-48990",
"fork": false,
"created_at": "2024-11-20T18:41:25Z",
"updated_at": "2024-11-20T18:49:37Z",
"updated_at": "2024-11-22T04:02:23Z",
"pushed_at": "2024-11-20T18:49:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
@ -45,8 +45,8 @@
"description": "Exploit for CVE-2024-48990 (Local Privilege Escalation in needrestart < 3.8)",
"fork": false,
"created_at": "2024-11-21T23:59:49Z",
"updated_at": "2024-11-21T23:59:53Z",
"pushed_at": "2024-11-21T23:59:49Z",
"updated_at": "2024-11-22T01:17:03Z",
"pushed_at": "2024-11-22T01:17:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -59,6 +59,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-5084.json
View file

@ -161,6 +161,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-52317.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-52318.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-52382.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

10
2024/CVE-2024-52940.json
View file

@ -14,11 +14,11 @@
"description": "CVE-2024-52940 - A zero-day vulnerability in AnyDesk's \"Allow Direct Connections\" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.",
"fork": false,
"created_at": "2024-10-27T15:29:56Z",
"updated_at": "2024-11-22T00:12:12Z",
"updated_at": "2024-11-22T01:21:22Z",
"pushed_at": "2024-11-18T15:09:32Z",
"stargazers_count": 16,
"watchers_count": 16,
"has_discussions": false,
"stargazers_count": 18,
"watchers_count": 18,
"has_discussions": true,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
@ -38,7 +38,7 @@
],
"visibility": "public",
"forks": 7,
"watchers": 16,
"watchers": 18,
"score": 0,
"subscribers_count": 1
}

36
2024/CVE-2024-7965.json
View file

@ -29,5 +29,41 @@
"watchers": 45,
"score": 0,
"subscribers_count": 5
},
{
"id": 892392509,
"name": "cve-2024-7965-poc",
"full_name": "XiaomingX\/cve-2024-7965-poc",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-7965-poc",
"description": "CVE-2024-7965是Google Chrome浏览器中V8 JavaScript引擎的一个高危漏洞。该漏洞源于V8引擎在处理特定JavaScript代码时实现不当导致堆内存损坏。攻击者可通过诱导用户访问包含特制JavaScript的恶意网页利用此漏洞在Chrome渲染器中执行任意代码。",
"fork": false,
"created_at": "2024-11-22T02:55:33Z",
"updated_at": "2024-11-22T03:42:13Z",
"pushed_at": "2024-11-22T02:58:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2024-7965",
"exp",
"poc"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

2
2024/CVE-2024-8856.json
View file

@ -69,6 +69,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

36
2024/CVE-2024-9441.json
View file

@ -60,5 +60,41 @@
"watchers": 7,
"score": 0,
"subscribers_count": 1
},
{
"id": 892378403,
"name": "cve-2024-9441-poc",
"full_name": "XiaomingX\/cve-2024-9441-poc",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-9441-poc",
"description": "CVE-2024-9441是影响Linear eMerge e3系列版本1.00-07及之前的操作系统命令注入漏洞。未经身份验证的远程攻击者可通过HTTP请求中“forgot_password”功能的“login_id”参数执行任意操作系统命令。",
"fork": false,
"created_at": "2024-11-22T02:04:21Z",
"updated_at": "2024-11-22T03:42:44Z",
"pushed_at": "2024-11-22T02:07:52Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2024-9441",
"exp",
"poc"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

19
README.md
View file

@ -280,9 +280,6 @@
- [gunzf0x/Issabel-PBX-4.0.0-RCE-Authenticated](https://github.com/gunzf0x/Issabel-PBX-4.0.0-RCE-Authenticated)
### CVE-2024-111
- [adminlove520/CVE-2024-111](https://github.com/adminlove520/CVE-2024-111)
### CVE-2024-1071 (2024-03-13)
<code>The Ultimate Member User Profile, Registration, Login, Member Directory, Content Restriction &amp; Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
@ -1629,6 +1626,7 @@
</code>
- [bi-zone/CVE-2024-7965](https://github.com/bi-zone/CVE-2024-7965)
- [XiaomingX/cve-2024-7965-poc](https://github.com/XiaomingX/cve-2024-7965-poc)
### CVE-2024-8190 (2024-09-10)
@ -1812,6 +1810,7 @@
- [adhikara13/CVE-2024-9441](https://github.com/adhikara13/CVE-2024-9441)
- [p33d/CVE-2024-9441](https://github.com/p33d/CVE-2024-9441)
- [XiaomingX/cve-2024-9441-poc](https://github.com/XiaomingX/cve-2024-9441-poc)
### CVE-2024-9464 (2024-10-09)
@ -2083,7 +2082,6 @@
- [m3ssap0/wordpress-really-simple-security-authn-bypass-exploit](https://github.com/m3ssap0/wordpress-really-simple-security-authn-bypass-exploit)
- [julesbsz/CVE-2024-10924](https://github.com/julesbsz/CVE-2024-10924)
- [Trackflaw/CVE-2024-10924-Wordpress-Docker](https://github.com/Trackflaw/CVE-2024-10924-Wordpress-Docker)
- [dua1337/Exploit-for-CVE-2024-10924](https://github.com/dua1337/Exploit-for-CVE-2024-10924)
### CVE-2024-10958 (2024-11-10)
@ -2714,6 +2712,7 @@
- [p33d/CVE-2024-23113](https://github.com/p33d/CVE-2024-23113)
- [puckiestyle/CVE-2024-23113](https://github.com/puckiestyle/CVE-2024-23113)
- [expl0itsecurity/CVE-2024-23113](https://github.com/expl0itsecurity/CVE-2024-23113)
- [XiaomingX/cve-2024-23113-exp](https://github.com/XiaomingX/cve-2024-23113-exp)
### CVE-2024-23208 (2024-01-23)
@ -4993,6 +4992,7 @@
- [PunitTailor55/GeoServer-CVE-2024-36401](https://github.com/PunitTailor55/GeoServer-CVE-2024-36401)
- [netuseradministrator/CVE-2024-36401](https://github.com/netuseradministrator/CVE-2024-36401)
- [kkhackz0013/CVE-2024-36401](https://github.com/kkhackz0013/CVE-2024-36401)
- [thestar0/CVE-2024-36401-WoodpeckerPlugin](https://github.com/thestar0/CVE-2024-36401-WoodpeckerPlugin)
### CVE-2024-36416 (2024-06-10)
@ -6233,6 +6233,7 @@
- [p33d/CVE-2024-45519](https://github.com/p33d/CVE-2024-45519)
- [Chocapikk/CVE-2024-45519](https://github.com/Chocapikk/CVE-2024-45519)
- [whiterose7777/CVE-2024-45519](https://github.com/whiterose7777/CVE-2024-45519)
- [XiaomingX/cve-2024-45519-poc](https://github.com/XiaomingX/cve-2024-45519-poc)
### CVE-2024-45589 (2024-09-05)
@ -6400,6 +6401,7 @@
- [watchtowrlabs/Fortijump-Exploit-CVE-2024-47575](https://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575)
- [skyalliance/exploit-cve-2024-47575](https://github.com/skyalliance/exploit-cve-2024-47575)
- [expl0itsecurity/CVE-2024-47575](https://github.com/expl0itsecurity/CVE-2024-47575)
- [XiaomingX/cve-2024-47575-poc](https://github.com/XiaomingX/cve-2024-47575-poc)
### CVE-2024-47854 (2024-10-04)
@ -8571,6 +8573,7 @@
- [W01fh4cker/CVE-2023-20198-RCE](https://github.com/W01fh4cker/CVE-2023-20198-RCE)
- [sanan2004/CVE-2023-20198](https://github.com/sanan2004/CVE-2023-20198)
- [AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-](https://github.com/AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-)
- [XiaomingX/CVE-2023-20198-poc](https://github.com/XiaomingX/CVE-2023-20198-poc)
### CVE-2023-20209 (2023-08-16)
@ -12441,6 +12444,7 @@
- [Shisones/MetabaseRCE_CVE-2023-38646](https://github.com/Shisones/MetabaseRCE_CVE-2023-38646)
- [acesoyeo/METABASE-RCE-CVE-2023-38646-](https://github.com/acesoyeo/METABASE-RCE-CVE-2023-38646-)
- [UserConnecting/Exploit-CVE-2023-38646-Metabase](https://github.com/UserConnecting/Exploit-CVE-2023-38646-Metabase)
- [XiaomingX/cve-2023-38646-poc](https://github.com/XiaomingX/cve-2023-38646-poc)
### CVE-2023-38709 (2024-04-04)
@ -36122,6 +36126,13 @@
- [Insecurities/CVE-2019-11224](https://github.com/Insecurities/CVE-2019-11224)
### CVE-2019-11248 (2019-08-29)
<code>The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration.
</code>
- [g1thubb001/poc-CVE-2019-11248](https://github.com/g1thubb001/poc-CVE-2019-11248)
### CVE-2019-11358 (2019-04-19)
<code>jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.