From 6b14c1f2e31cebf112ef87fa4226bcc762048576 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sat, 27 Mar 2021 18:10:34 +0900 Subject: [PATCH] Auto Update 2021/03/27 18:10:34 --- 2018/CVE-2018-10933.json | 8 ++++---- 2018/CVE-2018-11776.json | 8 ++++---- 2018/CVE-2018-15473.json | 8 ++++---- 2019/CVE-2019-1068.json | 4 ++-- 2019/CVE-2019-15126.json | 2 +- 2019/CVE-2019-17558.json | 6 +++--- 2020/CVE-2020-0022.json | 8 ++++---- 2020/CVE-2020-11932.json | 23 +++++++++++++++++++++++ 2020/CVE-2020-12695.json | 2 +- 2020/CVE-2020-14882.json | 6 +++--- 2020/CVE-2020-14883.json | 8 ++++---- 2020/CVE-2020-2883.json | 8 ++++---- 2021/CVE-2021-1732.json | 8 ++++---- 2021/CVE-2021-21972.json | 12 ++++++------ 2021/CVE-2021-22192.json | 25 +++++++++++++++++++++++++ 2021/CVE-2021-22986.json | 14 +++++++------- 2021/CVE-2021-25646.json | 8 ++++---- 2021/CVE-2021-26871.json | 4 ++-- 2021/CVE-2021-3156.json | 8 ++++---- 2021/CVE-2021-3449.json | 14 +++++++------- README.md | 9 +++++++++ 21 files changed, 125 insertions(+), 68 deletions(-) create mode 100644 2021/CVE-2021-22192.json diff --git a/2018/CVE-2018-10933.json b/2018/CVE-2018-10933.json index c39ce7cf1e..47ed576cab 100644 --- a/2018/CVE-2018-10933.json +++ b/2018/CVE-2018-10933.json @@ -105,13 +105,13 @@ "description": "Script to identify hosts vulnerable to CVE-2018-10933", "fork": false, "created_at": "2018-10-17T23:05:10Z", - "updated_at": "2021-03-17T03:38:40Z", + "updated_at": "2021-03-27T04:56:42Z", "pushed_at": "2018-11-04T17:29:33Z", - "stargazers_count": 231, - "watchers_count": 231, + "stargazers_count": 230, + "watchers_count": 230, "forks_count": 55, "forks": 55, - "watchers": 231, + "watchers": 230, "score": 0 }, { diff --git a/2018/CVE-2018-11776.json b/2018/CVE-2018-11776.json index a069994bd3..a64a344f45 100644 --- a/2018/CVE-2018-11776.json +++ b/2018/CVE-2018-11776.json @@ -105,13 +105,13 @@ "description": " An exploit for Apache Struts CVE-2018-11776", "fork": false, "created_at": "2018-08-25T01:53:30Z", - "updated_at": "2021-02-16T04:17:55Z", + "updated_at": "2021-03-27T09:06:12Z", "pushed_at": "2018-08-26T02:31:39Z", - "stargazers_count": 300, - "watchers_count": 300, + "stargazers_count": 299, + "watchers_count": 299, "forks_count": 102, "forks": 102, - "watchers": 300, + "watchers": 299, "score": 0 }, { diff --git a/2018/CVE-2018-15473.json b/2018/CVE-2018-15473.json index 7f2a852292..1e35fb68ca 100644 --- a/2018/CVE-2018-15473.json +++ b/2018/CVE-2018-15473.json @@ -59,13 +59,13 @@ "description": "Exploit written in Python for CVE-2018-15473 with threading and export formats", "fork": false, "created_at": "2018-08-21T00:09:56Z", - "updated_at": "2021-02-03T23:57:23Z", + "updated_at": "2021-03-27T07:20:58Z", "pushed_at": "2020-08-18T00:00:15Z", - "stargazers_count": 435, - "watchers_count": 435, + "stargazers_count": 434, + "watchers_count": 434, "forks_count": 147, "forks": 147, - "watchers": 435, + "watchers": 434, "score": 0 }, { diff --git a/2019/CVE-2019-1068.json b/2019/CVE-2019-1068.json index 1237268358..e5eae162da 100644 --- a/2019/CVE-2019-1068.json +++ b/2019/CVE-2019-1068.json @@ -17,8 +17,8 @@ "pushed_at": "2021-02-06T14:15:14Z", "stargazers_count": 0, "watchers_count": 0, - "forks_count": 0, - "forks": 0, + "forks_count": 1, + "forks": 1, "watchers": 0, "score": 0 } diff --git a/2019/CVE-2019-15126.json b/2019/CVE-2019-15126.json index 17b681841b..9e4a773ef8 100644 --- a/2019/CVE-2019-15126.json +++ b/2019/CVE-2019-15126.json @@ -59,7 +59,7 @@ "description": "An experimental script PoC for Kr00k vulnerability (CVE-2019-15126)", "fork": false, "created_at": "2020-03-18T16:25:28Z", - "updated_at": "2021-03-26T18:28:35Z", + "updated_at": "2021-03-27T07:42:06Z", "pushed_at": "2020-08-19T15:34:30Z", "stargazers_count": 58, "watchers_count": 58, diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index 535fea3c5d..4d10e095b6 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -36,12 +36,12 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2021-03-26T15:27:19Z", + "updated_at": "2021-03-27T06:28:42Z", "pushed_at": "2020-11-07T05:55:00Z", "stargazers_count": 2438, "watchers_count": 2438, - "forks_count": 698, - "forks": 698, + "forks_count": 699, + "forks": 699, "watchers": 2438, "score": 0 }, diff --git a/2020/CVE-2020-0022.json b/2020/CVE-2020-0022.json index a3c907a246..7d81fa925c 100644 --- a/2020/CVE-2020-0022.json +++ b/2020/CVE-2020-0022.json @@ -59,13 +59,13 @@ "description": "CVE-2020-0022 vulnerability exploitation on Bouygues BBox Miami (Android TV 8.0 - ARM32 Cortex A9)", "fork": false, "created_at": "2020-08-24T19:33:10Z", - "updated_at": "2021-03-21T20:59:48Z", + "updated_at": "2021-03-27T03:16:33Z", "pushed_at": "2021-03-21T20:59:46Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "forks_count": 4, "forks": 4, - "watchers": 11, + "watchers": 12, "score": 0 }, { diff --git a/2020/CVE-2020-11932.json b/2020/CVE-2020-11932.json index 8798bdd714..ec8c461bcc 100644 --- a/2020/CVE-2020-11932.json +++ b/2020/CVE-2020-11932.json @@ -44,5 +44,28 @@ "forks": 2, "watchers": 2, "score": 0 + }, + { + "id": 352007665, + "name": "CVE-2020-11932", + "full_name": "code-developers\/CVE-2020-11932", + "owner": { + "login": "code-developers", + "id": 81155753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81155753?v=4", + "html_url": "https:\/\/github.com\/code-developers" + }, + "html_url": "https:\/\/github.com\/code-developers\/CVE-2020-11932", + "description": null, + "fork": false, + "created_at": "2021-03-27T07:14:58Z", + "updated_at": "2021-03-27T08:03:18Z", + "pushed_at": "2021-03-27T07:42:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-12695.json b/2020/CVE-2020-12695.json index ddfb9ee22f..b693a95c71 100644 --- a/2020/CVE-2020-12695.json +++ b/2020/CVE-2020-12695.json @@ -13,7 +13,7 @@ "description": "Vulnerability checker for Callstranger (CVE-2020-12695)", "fork": false, "created_at": "2020-06-08T07:37:49Z", - "updated_at": "2021-03-26T18:28:56Z", + "updated_at": "2021-03-27T07:42:23Z", "pushed_at": "2020-06-17T13:41:23Z", "stargazers_count": 359, "watchers_count": 359, diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 19dafc7a69..0669781c36 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -13,12 +13,12 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2021-03-26T15:27:19Z", + "updated_at": "2021-03-27T06:28:42Z", "pushed_at": "2020-11-07T05:55:00Z", "stargazers_count": 2438, "watchers_count": 2438, - "forks_count": 698, - "forks": 698, + "forks_count": 699, + "forks": 699, "watchers": 2438, "score": 0 }, diff --git a/2020/CVE-2020-14883.json b/2020/CVE-2020-14883.json index f8b650f710..b6e93bfe30 100644 --- a/2020/CVE-2020-14883.json +++ b/2020/CVE-2020-14883.json @@ -105,13 +105,13 @@ "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193", "fork": false, "created_at": "2021-03-11T22:49:17Z", - "updated_at": "2021-03-27T02:52:24Z", + "updated_at": "2021-03-27T04:57:48Z", "pushed_at": "2021-03-22T03:46:42Z", - "stargazers_count": 238, - "watchers_count": 238, + "stargazers_count": 239, + "watchers_count": 239, "forks_count": 57, "forks": 57, - "watchers": 238, + "watchers": 239, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-2883.json b/2020/CVE-2020-2883.json index d97bb4d224..a602196226 100644 --- a/2020/CVE-2020-2883.json +++ b/2020/CVE-2020-2883.json @@ -13,13 +13,13 @@ "description": "Weblogic coherence.jar RCE", "fork": false, "created_at": "2020-05-10T09:04:43Z", - "updated_at": "2021-03-19T01:21:27Z", + "updated_at": "2021-03-27T07:47:34Z", "pushed_at": "2020-05-10T09:29:36Z", - "stargazers_count": 168, - "watchers_count": 168, + "stargazers_count": 169, + "watchers_count": 169, "forks_count": 32, "forks": 32, - "watchers": 168, + "watchers": 169, "score": 0 }, { diff --git a/2021/CVE-2021-1732.json b/2021/CVE-2021-1732.json index 9a9000653e..2e6a4f4e45 100644 --- a/2021/CVE-2021-1732.json +++ b/2021/CVE-2021-1732.json @@ -13,13 +13,13 @@ "description": "CVE-2021-1732 Exploit", "fork": false, "created_at": "2021-03-05T02:11:10Z", - "updated_at": "2021-03-25T08:54:10Z", + "updated_at": "2021-03-27T03:29:17Z", "pushed_at": "2021-03-05T03:10:26Z", - "stargazers_count": 262, - "watchers_count": 262, + "stargazers_count": 263, + "watchers_count": 263, "forks_count": 56, "forks": 56, - "watchers": 262, + "watchers": 263, "score": 0 }, { diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index f2e843940f..f0cf13ce7a 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -63,8 +63,8 @@ "pushed_at": "2021-03-10T05:01:22Z", "stargazers_count": 221, "watchers_count": 221, - "forks_count": 88, - "forks": 88, + "forks_count": 87, + "forks": 87, "watchers": 221, "score": 0 }, @@ -105,13 +105,13 @@ "description": "Proof of Concept Exploit for vCenter CVE-2021-21972", "fork": false, "created_at": "2021-02-24T16:31:34Z", - "updated_at": "2021-03-25T07:52:33Z", + "updated_at": "2021-03-27T03:41:54Z", "pushed_at": "2021-02-25T16:05:02Z", - "stargazers_count": 98, - "watchers_count": 98, + "stargazers_count": 99, + "watchers_count": 99, "forks_count": 34, "forks": 34, - "watchers": 98, + "watchers": 99, "score": 0 }, { diff --git a/2021/CVE-2021-22192.json b/2021/CVE-2021-22192.json new file mode 100644 index 0000000000..a00cf48cc2 --- /dev/null +++ b/2021/CVE-2021-22192.json @@ -0,0 +1,25 @@ +[ + { + "id": 352006763, + "name": "CVE-2021-22192", + "full_name": "lyy289065406\/CVE-2021-22192", + "owner": { + "login": "lyy289065406", + "id": 17040287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17040287?v=4", + "html_url": "https:\/\/github.com\/lyy289065406" + }, + "html_url": "https:\/\/github.com\/lyy289065406\/CVE-2021-22192", + "description": "CVE-2021-22192 靶场: 未授权用户 RCE 漏洞", + "fork": false, + "created_at": "2021-03-27T07:09:46Z", + "updated_at": "2021-03-27T08:07:28Z", + "pushed_at": "2021-03-27T08:07:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22986.json b/2021/CVE-2021-22986.json index 23cd8df82b..a5b8bb0885 100644 --- a/2021/CVE-2021-22986.json +++ b/2021/CVE-2021-22986.json @@ -36,13 +36,13 @@ "description": "cve-2021-22986 f5 rce 漏洞批量检测 poc", "fork": false, "created_at": "2021-03-19T18:50:22Z", - "updated_at": "2021-03-24T06:38:13Z", - "pushed_at": "2021-03-21T02:48:59Z", - "stargazers_count": 9, - "watchers_count": 9, + "updated_at": "2021-03-27T06:51:58Z", + "pushed_at": "2021-03-27T06:51:56Z", + "stargazers_count": 10, + "watchers_count": 10, "forks_count": 2, "forks": 2, - "watchers": 9, + "watchers": 10, "score": 0 }, { @@ -86,8 +86,8 @@ "pushed_at": "2021-03-24T11:49:37Z", "stargazers_count": 5, "watchers_count": 5, - "forks_count": 3, - "forks": 3, + "forks_count": 4, + "forks": 4, "watchers": 5, "score": 0 }, diff --git a/2021/CVE-2021-25646.json b/2021/CVE-2021-25646.json index 22cf8ab206..9bc7b11b1f 100644 --- a/2021/CVE-2021-25646.json +++ b/2021/CVE-2021-25646.json @@ -105,13 +105,13 @@ "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193", "fork": false, "created_at": "2021-03-11T22:49:17Z", - "updated_at": "2021-03-27T02:52:24Z", + "updated_at": "2021-03-27T04:57:48Z", "pushed_at": "2021-03-22T03:46:42Z", - "stargazers_count": 238, - "watchers_count": 238, + "stargazers_count": 239, + "watchers_count": 239, "forks_count": 57, "forks": 57, - "watchers": 238, + "watchers": 239, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-26871.json b/2021/CVE-2021-26871.json index 3054fb6004..724b68df6c 100644 --- a/2021/CVE-2021-26871.json +++ b/2021/CVE-2021-26871.json @@ -17,8 +17,8 @@ "pushed_at": "2021-03-25T03:15:17Z", "stargazers_count": 0, "watchers_count": 0, - "forks_count": 1, - "forks": 1, + "forks_count": 2, + "forks": 2, "watchers": 0, "score": 0 } diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index 882a1a5f76..0dbc4afb91 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -381,13 +381,13 @@ "description": null, "fork": false, "created_at": "2021-01-30T20:39:58Z", - "updated_at": "2021-03-27T01:22:26Z", + "updated_at": "2021-03-27T06:27:10Z", "pushed_at": "2021-02-02T17:07:09Z", - "stargazers_count": 658, - "watchers_count": 658, + "stargazers_count": 659, + "watchers_count": 659, "forks_count": 186, "forks": 186, - "watchers": 658, + "watchers": 659, "score": 0 }, { diff --git a/2021/CVE-2021-3449.json b/2021/CVE-2021-3449.json index 821836e948..6f9b26c096 100644 --- a/2021/CVE-2021-3449.json +++ b/2021/CVE-2021-3449.json @@ -13,13 +13,13 @@ "description": "CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻‍💻", "fork": false, "created_at": "2021-03-26T01:09:25Z", - "updated_at": "2021-03-27T03:12:29Z", - "pushed_at": "2021-03-27T03:12:27Z", - "stargazers_count": 57, - "watchers_count": 57, - "forks_count": 12, - "forks": 12, - "watchers": 57, + "updated_at": "2021-03-27T08:17:58Z", + "pushed_at": "2021-03-27T04:07:28Z", + "stargazers_count": 61, + "watchers_count": 61, + "forks_count": 13, + "forks": 13, + "watchers": 61, "score": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index ef20077801..5cdd47fc9f 100644 --- a/README.md +++ b/README.md @@ -338,6 +338,14 @@ VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code exe - [me1ons/CVE-2021-21978](https://github.com/me1ons/CVE-2021-21978) - [skytina/CVE-2021-21978](https://github.com/skytina/CVE-2021-21978) +### CVE-2021-22192 (2021-03-24) + + +An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code on the server. + + +- [lyy289065406/CVE-2021-22192](https://github.com/lyy289065406/CVE-2021-22192) + ### CVE-2021-22986 - [dorkerdevil/CVE-2021-22986-Poc](https://github.com/dorkerdevil/CVE-2021-22986-Poc) - [S1xHcL/f5_rce_poc](https://github.com/S1xHcL/f5_rce_poc) @@ -2772,6 +2780,7 @@ It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS - [ProjectorBUg/CVE-2020-11932](https://github.com/ProjectorBUg/CVE-2020-11932) - [Staubgeborener/CVE-2020-11932](https://github.com/Staubgeborener/CVE-2020-11932) +- [code-developers/CVE-2020-11932](https://github.com/code-developers/CVE-2020-11932) ### CVE-2020-11975 (2020-06-05)