mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/09/27 18:27:21

Browse source
This commit is contained in:
motikan2010-bot 2023-09-28 03:27:21 +09:00
parent 88e7a3f48a
commit 6fe176e73e
51 changed files with 372 additions and 173 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
2009/CVE-2009-3103.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 79179589,
"name": "ms09050",
"full_name": "sooklalad\/ms09050",
"owner": {
"login": "sooklalad",
"id": 16028654,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16028654?v=4",
"html_url": "https:\/\/github.com\/sooklalad"
},
"html_url": "https:\/\/github.com\/sooklalad\/ms09050",
"description": "cve-2009-3103",
"fork": false,
"created_at": "2017-01-17T02:24:40Z",
"updated_at": "2018-12-28T02:07:14Z",
"pushed_at": "2017-01-17T03:31:29Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

2
2018/CVE-2018-1002105.json
View file

@ -27,7 +27,7 @@
"forks": 25,
"watchers": 196,
"score": 0,
"subscribers_count": 48
"subscribers_count": 47
},
{
"id": 160665138,

8
2018/CVE-2018-11776.json
View file

@ -509,14 +509,14 @@
{
"id": 656753963,
"name": "CVE-2018-11776-FIS",
"full_name": "tsong0ku\/CVE-2018-11776-FIS",
"full_name": "sonpt-afk\/CVE-2018-11776-FIS",
"owner": {
"login": "tsong0ku",
"login": "sonpt-afk",
"id": 78460399,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78460399?v=4",
"html_url": "https:\/\/github.com\/tsong0ku"
"html_url": "https:\/\/github.com\/sonpt-afk"
},
"html_url": "https:\/\/github.com\/tsong0ku\/CVE-2018-11776-FIS",
"html_url": "https:\/\/github.com\/sonpt-afk\/CVE-2018-11776-FIS",
"description": null,
"fork": false,
"created_at": "2023-06-21T15:08:39Z",

4
2018/CVE-2018-14634.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 12,
"forks_count": 11,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 12,
"forks": 11,
"watchers": 7,
"score": 0,
"subscribers_count": 1

2
2018/CVE-2018-15473.json
View file

@ -891,7 +891,7 @@
"fork": false,
"created_at": "2023-09-17T22:40:49Z",
"updated_at": "2023-09-18T02:40:09Z",
"pushed_at": "2023-09-22T00:35:17Z",
"pushed_at": "2023-09-27T16:52:41Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,

8
2018/CVE-2018-19126.json
View file

@ -13,10 +13,10 @@
"description": "PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)",
"fork": false,
"created_at": "2018-12-01T10:53:45Z",
"updated_at": "2023-09-16T21:17:26Z",
"updated_at": "2023-09-27T17:28:41Z",
"pushed_at": "2018-12-12T22:11:45Z",
"stargazers_count": 38,
"watchers_count": 38,
"stargazers_count": 39,
"watchers_count": 39,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 9,
"watchers": 38,
"watchers": 39,
"score": 0,
"subscribers_count": 5
}

4
2018/CVE-2018-6574.json
View file

@ -1728,13 +1728,13 @@
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 1,
"score": 0,
"subscribers_count": 2

2
2019/CVE-2019-2215.json
View file

@ -133,7 +133,7 @@
"description": "Temproot for Bravia TV via CVE-2019-2215.",
"fork": false,
"created_at": "2020-01-30T06:06:32Z",
"updated_at": "2023-08-18T11:35:36Z",
"updated_at": "2023-09-27T14:22:25Z",
"pushed_at": "2020-02-20T02:41:44Z",
"stargazers_count": 23,
"watchers_count": 23,

8
2019/CVE-2019-9810.json
View file

@ -13,10 +13,10 @@
"description": "Array.prototype.slice wrong alias information.",
"fork": false,
"created_at": "2019-03-25T02:33:18Z",
"updated_at": "2023-09-27T07:19:48Z",
"updated_at": "2023-09-27T16:29:38Z",
"pushed_at": "2019-03-25T02:41:43Z",
"stargazers_count": 67,
"watchers_count": 67,
"stargazers_count": 68,
"watchers_count": 68,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 67,
"watchers": 68,
"score": 0,
"subscribers_count": 4
},

2
2020/CVE-2020-0022.json
View file

@ -224,7 +224,7 @@
"fork": false,
"created_at": "2023-08-28T09:20:38Z",
"updated_at": "2023-09-12T09:22:02Z",
"pushed_at": "2023-09-25T11:24:30Z",
"pushed_at": "2023-09-27T14:44:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2021/CVE-2021-21972.json
View file

@ -851,10 +851,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2023-09-27T03:29:11Z",
"updated_at": "2023-09-27T16:11:36Z",
"pushed_at": "2023-05-14T12:08:39Z",
"stargazers_count": 1098,
"watchers_count": 1098,
"stargazers_count": 1099,
"watchers_count": 1099,
"has_discussions": false,
"forks_count": 142,
"allow_forking": true,
@ -870,7 +870,7 @@
],
"visibility": "public",
"forks": 142,
"watchers": 1098,
"watchers": 1099,
"score": 0,
"subscribers_count": 11
}

8
2021/CVE-2021-26855.json
View file

@ -73,10 +73,10 @@
"description": "Detect webshells dropped on Microsoft Exchange servers exploited through \"proxylogon\" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)",
"fork": false,
"created_at": "2021-03-05T08:22:07Z",
"updated_at": "2023-09-09T10:38:12Z",
"updated_at": "2023-09-27T16:39:46Z",
"pushed_at": "2021-03-16T08:34:14Z",
"stargazers_count": 96,
"watchers_count": 96,
"stargazers_count": 97,
"watchers_count": 97,
"has_discussions": false,
"forks_count": 21,
"allow_forking": true,
@ -92,7 +92,7 @@
],
"visibility": "public",
"forks": 21,
"watchers": 96,
"watchers": 97,
"score": 0,
"subscribers_count": 14
},

8
2021/CVE-2021-30860.json
View file

@ -43,10 +43,10 @@
"description": "Collection of materials relating to FORCEDENTRY, will eventually delete this repo and migrate the materials to my main exploit repo once finished",
"fork": false,
"created_at": "2021-12-25T03:00:01Z",
"updated_at": "2023-08-29T08:27:59Z",
"updated_at": "2023-09-27T12:56:24Z",
"pushed_at": "2023-08-13T21:00:46Z",
"stargazers_count": 66,
"watchers_count": 66,
"stargazers_count": 67,
"watchers_count": 67,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 17,
"watchers": 66,
"watchers": 67,
"score": 0,
"subscribers_count": 4
}

8
2021/CVE-2021-3156.json
View file

@ -470,10 +470,10 @@
"description": null,
"fork": false,
"created_at": "2021-01-30T20:39:58Z",
"updated_at": "2023-09-16T21:41:41Z",
"updated_at": "2023-09-27T13:18:18Z",
"pushed_at": "2021-02-02T17:07:09Z",
"stargazers_count": 889,
"watchers_count": 889,
"stargazers_count": 890,
"watchers_count": 890,
"has_discussions": false,
"forks_count": 242,
"allow_forking": true,
@ -482,7 +482,7 @@
"topics": [],
"visibility": "public",
"forks": 242,
"watchers": 889,
"watchers": 890,
"score": 0,
"subscribers_count": 27
},

4
2021/CVE-2021-3493.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 349,
"watchers_count": 349,
"has_discussions": false,
"forks_count": 129,
"forks_count": 128,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 129,
"forks": 128,
"watchers": 349,
"score": 0,
"subscribers_count": 4

4
2021/CVE-2021-36934.json
View file

@ -143,13 +143,13 @@
"stargazers_count": 32,
"watchers_count": 32,
"has_discussions": false,
"forks_count": 17,
"forks_count": 18,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 17,
"forks": 18,
"watchers": 32,
"score": 0,
"subscribers_count": 2

8
2021/CVE-2021-4034.json
View file

@ -603,10 +603,10 @@
"description": "Proof of Concept for CVE-2021-4034 Polkit Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T08:25:41Z",
"updated_at": "2023-09-09T10:38:13Z",
"updated_at": "2023-09-27T16:39:46Z",
"pushed_at": "2022-01-26T09:37:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -615,7 +615,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},

8
2021/CVE-2021-40444.json
View file

@ -523,10 +523,10 @@
"description": "CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit",
"fork": false,
"created_at": "2021-09-15T22:34:35Z",
"updated_at": "2023-09-26T02:34:10Z",
"updated_at": "2023-09-27T13:12:54Z",
"pushed_at": "2022-06-22T20:21:42Z",
"stargazers_count": 765,
"watchers_count": 765,
"stargazers_count": 764,
"watchers_count": 764,
"has_discussions": false,
"forks_count": 169,
"allow_forking": true,
@ -542,7 +542,7 @@
],
"visibility": "public",
"forks": 169,
"watchers": 765,
"watchers": 764,
"score": 0,
"subscribers_count": 19
},

8
2021/CVE-2021-43798.json
View file

@ -73,10 +73,10 @@
"description": "Grafana Unauthorized arbitrary file reading vulnerability",
"fork": false,
"created_at": "2021-12-07T09:02:16Z",
"updated_at": "2023-09-21T15:08:17Z",
"updated_at": "2023-09-27T17:17:32Z",
"pushed_at": "2023-02-14T07:05:22Z",
"stargazers_count": 336,
"watchers_count": 336,
"stargazers_count": 337,
"watchers_count": 337,
"has_discussions": false,
"forks_count": 90,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 90,
"watchers": 336,
"watchers": 337,
"score": 0,
"subscribers_count": 7
},

8
2022/CVE-2022-22954.json
View file

@ -766,10 +766,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2023-09-27T03:29:11Z",
"updated_at": "2023-09-27T16:11:36Z",
"pushed_at": "2023-05-14T12:08:39Z",
"stargazers_count": 1098,
"watchers_count": 1098,
"stargazers_count": 1099,
"watchers_count": 1099,
"has_discussions": false,
"forks_count": 142,
"allow_forking": true,
@ -785,7 +785,7 @@
],
"visibility": "public",
"forks": 142,
"watchers": 1098,
"watchers": 1099,
"score": 0,
"subscribers_count": 11
},

8
2022/CVE-2022-32947.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2022-32947 walkthough and demo",
"fork": false,
"created_at": "2023-09-17T08:21:47Z",
"updated_at": "2023-09-27T11:38:24Z",
"updated_at": "2023-09-27T17:00:46Z",
"pushed_at": "2023-09-18T03:04:48Z",
"stargazers_count": 107,
"watchers_count": 107,
"stargazers_count": 108,
"watchers_count": 108,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 107,
"watchers": 108,
"score": 0,
"subscribers_count": 2
}

4
2022/CVE-2022-37969.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 112,
"watchers_count": 112,
"has_discussions": false,
"forks_count": 35,
"forks_count": 34,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 35,
"forks": 34,
"watchers": 112,
"score": 0,
"subscribers_count": 4

2
2022/CVE-2022-4047.json
View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2023-09-26T07:23:44Z",
"updated_at": "2023-09-26T20:15:02Z",
"pushed_at": "2023-09-26T07:35:04Z",
"pushed_at": "2023-09-27T17:59:22Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,

4
2022/CVE-2022-4262.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 22,
"watchers_count": 22,
"has_discussions": false,
"forks_count": 4,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"forks": 3,
"watchers": 22,
"score": 0,
"subscribers_count": 1

8
2022/CVE-2022-46689.json
View file

@ -13,10 +13,10 @@
"description": "Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.",
"fork": false,
"created_at": "2022-12-17T16:45:24Z",
"updated_at": "2023-09-27T03:23:42Z",
"updated_at": "2023-09-27T15:34:57Z",
"pushed_at": "2022-12-21T17:53:19Z",
"stargazers_count": 363,
"watchers_count": 363,
"stargazers_count": 364,
"watchers_count": 364,
"has_discussions": false,
"forks_count": 31,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 31,
"watchers": 363,
"watchers": 364,
"score": 0,
"subscribers_count": 11
},

8
2023/CVE-2023-0099.json
View file

@ -13,10 +13,10 @@
"description": "simple urls < 115 - Reflected XSS",
"fork": false,
"created_at": "2023-09-18T06:44:44Z",
"updated_at": "2023-09-24T07:33:35Z",
"updated_at": "2023-09-27T17:33:46Z",
"pushed_at": "2023-09-18T06:52:23Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-20209.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-09-27T09:22:21Z",
"updated_at": "2023-09-27T09:41:13Z",
"updated_at": "2023-09-27T16:17:57Z",
"pushed_at": "2023-09-27T09:38:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

8
2023/CVE-2023-2023.json
View file

@ -43,10 +43,10 @@
"description": "HW2023@POC@EXP@CVE-2023-2023",
"fork": false,
"created_at": "2023-08-13T05:54:17Z",
"updated_at": "2023-09-25T09:27:38Z",
"updated_at": "2023-09-27T14:06:13Z",
"pushed_at": "2023-09-04T02:47:29Z",
"stargazers_count": 33,
"watchers_count": 33,
"stargazers_count": 34,
"watchers_count": 34,
"has_discussions": false,
"forks_count": 15,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 15,
"watchers": 33,
"watchers": 34,
"score": 0,
"subscribers_count": 0
}

4
2023/CVE-2023-20887.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 218,
"watchers_count": 218,
"has_discussions": false,
"forks_count": 45,
"forks_count": 44,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -26,7 +26,7 @@
"cve-2023-20887"
],
"visibility": "public",
"forks": 45,
"forks": 44,
"watchers": 218,
"score": 0,
"subscribers_count": 4

8
2023/CVE-2023-22894.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-22894",
"fork": false,
"created_at": "2023-04-24T23:26:13Z",
"updated_at": "2023-05-16T15:07:12Z",
"updated_at": "2023-09-27T14:41:58Z",
"pushed_at": "2023-04-24T23:38:15Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-27746.json
View file

@ -13,10 +13,10 @@
"description": "BlackVue DR750 CVE CVE-2023-27746 CVE-2023-27747 CVE-2023-27748",
"fork": false,
"created_at": "2023-02-28T16:37:33Z",
"updated_at": "2023-09-26T15:52:21Z",
"updated_at": "2023-09-27T16:31:26Z",
"pushed_at": "2023-04-12T16:13:04Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 2
}

12
2023/CVE-2023-29357.json
View file

@ -13,12 +13,12 @@
"description": "Microsoft SharePoint Server Elevation of Privilege Vulnerability",
"fork": false,
"created_at": "2023-09-26T16:18:41Z",
"updated_at": "2023-09-27T12:46:42Z",
"updated_at": "2023-09-27T18:02:34Z",
"pushed_at": "2023-09-26T19:04:21Z",
"stargazers_count": 46,
"watchers_count": 46,
"stargazers_count": 59,
"watchers_count": 59,
"has_discussions": false,
"forks_count": 11,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -31,8 +31,8 @@
"sharepoint"
],
"visibility": "public",
"forks": 11,
"watchers": 46,
"forks": 13,
"watchers": 59,
"score": 0,
"subscribers_count": 1
}

12
2023/CVE-2023-29360.json
View file

@ -13,19 +13,19 @@
"description": "Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver",
"fork": false,
"created_at": "2023-09-24T21:59:23Z",
"updated_at": "2023-09-27T12:23:12Z",
"updated_at": "2023-09-27T17:45:42Z",
"pushed_at": "2023-09-26T09:49:37Z",
"stargazers_count": 26,
"watchers_count": 26,
"stargazers_count": 30,
"watchers_count": 30,
"has_discussions": false,
"forks_count": 10,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 10,
"watchers": 26,
"forks": 12,
"watchers": 30,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-30845.json
View file

@ -13,10 +13,10 @@
"description": "Explore CVE 2023-30845 automatically across multiple subdomains",
"fork": false,
"created_at": "2023-09-22T01:14:20Z",
"updated_at": "2023-09-27T01:48:06Z",
"updated_at": "2023-09-27T13:36:09Z",
"pushed_at": "2023-09-22T01:48:19Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 11,
"watchers": 12,
"score": 0,
"subscribers_count": 1
}

4
2023/CVE-2023-34362.json
View file

@ -48,13 +48,13 @@
"stargazers_count": 121,
"watchers_count": 121,
"has_discussions": false,
"forks_count": 29,
"forks_count": 28,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 29,
"forks": 28,
"watchers": 121,
"score": 0,
"subscribers_count": 5

8
2023/CVE-2023-35001.json
View file

@ -13,10 +13,10 @@
"description": "Pwn2Own Vancouver 2023 Ubuntu LPE exploit",
"fork": false,
"created_at": "2023-09-01T07:41:23Z",
"updated_at": "2023-09-27T12:09:42Z",
"updated_at": "2023-09-27T13:56:22Z",
"pushed_at": "2023-09-01T07:48:43Z",
"stargazers_count": 114,
"watchers_count": 114,
"stargazers_count": 115,
"watchers_count": 115,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 114,
"watchers": 115,
"score": 0,
"subscribers_count": 5
},

4
2023/CVE-2023-3519.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 43,
"watchers_count": 43,
"has_discussions": false,
"forks_count": 9,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -28,7 +28,7 @@
"patch"
],
"visibility": "public",
"forks": 9,
"forks": 8,
"watchers": 43,
"score": 0,
"subscribers_count": 5

8
2023/CVE-2023-35793.json
View file

@ -13,10 +13,10 @@
"description": "Repository contains description for CVE-2023-35793",
"fork": false,
"created_at": "2023-09-26T11:39:05Z",
"updated_at": "2023-09-26T11:39:05Z",
"updated_at": "2023-09-27T16:20:31Z",
"pushed_at": "2023-09-26T17:24:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}

12
2023/CVE-2023-36664.json
View file

@ -13,19 +13,19 @@
"description": "Ghostscript command injection vulnerability PoC (CVE-2023-36664)",
"fork": false,
"created_at": "2023-08-12T18:33:57Z",
"updated_at": "2023-09-25T06:15:10Z",
"updated_at": "2023-09-27T13:49:43Z",
"pushed_at": "2023-09-07T08:37:04Z",
"stargazers_count": 52,
"watchers_count": 52,
"stargazers_count": 53,
"watchers_count": 53,
"has_discussions": false,
"forks_count": 14,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 14,
"watchers": 52,
"forks": 13,
"watchers": 53,
"score": 0,
"subscribers_count": 2
},

12
2023/CVE-2023-36845.json
View file

@ -13,10 +13,10 @@
"description": "A tool to discover Juniper firewalls vulnerable to CVE-2023-36845",
"fork": false,
"created_at": "2023-09-16T09:11:21Z",
"updated_at": "2023-09-27T01:58:44Z",
"updated_at": "2023-09-27T14:53:55Z",
"pushed_at": "2023-09-17T09:14:32Z",
"stargazers_count": 43,
"watchers_count": 43,
"stargazers_count": 45,
"watchers_count": 45,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -27,7 +27,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 43,
"watchers": 45,
"score": 0,
"subscribers_count": 1
},
@ -50,7 +50,7 @@
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -75,7 +75,7 @@
"web-application-security"
],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 1

4
2023/CVE-2023-36874.json
View file

@ -78,13 +78,13 @@
"stargazers_count": 188,
"watchers_count": 188,
"has_discussions": false,
"forks_count": 42,
"forks_count": 41,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 42,
"forks": 41,
"watchers": 188,
"score": 0,
"subscribers_count": 4

8
2023/CVE-2023-38146.json
View file

@ -13,10 +13,10 @@
"description": "Proof-of-Concept for CVE-2023-38146 (\"ThemeBleed\")",
"fork": false,
"created_at": "2023-09-13T04:00:14Z",
"updated_at": "2023-09-26T12:02:56Z",
"updated_at": "2023-09-27T13:21:56Z",
"pushed_at": "2023-09-13T04:50:29Z",
"stargazers_count": 119,
"watchers_count": 119,
"stargazers_count": 120,
"watchers_count": 120,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 119,
"watchers": 120,
"score": 0,
"subscribers_count": 3
}

4
2023/CVE-2023-38389.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 24,
"watchers_count": 24,
"has_discussions": false,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -33,7 +33,7 @@
"wordpress-exploiut"
],
"visibility": "public",
"forks": 5,
"forks": 6,
"watchers": 24,
"score": 0,
"subscribers_count": 1

32
2023/CVE-2023-38571.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 697309620,
"name": "CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV",
"full_name": "gergelykalman\/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV",
"owner": {
"login": "gergelykalman",
"id": 1591209,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1591209?v=4",
"html_url": "https:\/\/github.com\/gergelykalman"
},
"html_url": "https:\/\/github.com\/gergelykalman\/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV",
"description": "Exploit for CVE-2023-38571",
"fork": false,
"created_at": "2023-09-27T13:21:43Z",
"updated_at": "2023-09-27T15:24:59Z",
"pushed_at": "2023-09-27T14:08:42Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

16
2023/CVE-2023-38831.json
View file

@ -43,10 +43,10 @@
"description": "CVE-2023-38831 winrar exploit generator",
"fork": false,
"created_at": "2023-08-25T09:44:08Z",
"updated_at": "2023-09-27T00:47:09Z",
"updated_at": "2023-09-27T17:54:07Z",
"pushed_at": "2023-09-17T02:17:52Z",
"stargazers_count": 653,
"watchers_count": 653,
"stargazers_count": 655,
"watchers_count": 655,
"has_discussions": false,
"forks_count": 116,
"allow_forking": true,
@ -59,7 +59,7 @@
],
"visibility": "public",
"forks": 116,
"watchers": 653,
"watchers": 655,
"score": 0,
"subscribers_count": 8
},
@ -174,10 +174,10 @@
"description": "CVE-2023-38831 PoC (Proof Of Concept)",
"fork": false,
"created_at": "2023-08-28T04:56:10Z",
"updated_at": "2023-09-27T11:17:46Z",
"updated_at": "2023-09-27T16:03:43Z",
"pushed_at": "2023-08-28T20:41:57Z",
"stargazers_count": 21,
"watchers_count": 21,
"stargazers_count": 22,
"watchers_count": 22,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -186,7 +186,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 21,
"watchers": 22,
"score": 0,
"subscribers_count": 0
},

32
2023/CVE-2023-42222.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 697420617,
"name": "CVE-2023-42222",
"full_name": "itssixtyn3in\/CVE-2023-42222",
"owner": {
"login": "itssixtyn3in",
"id": 130003354,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130003354?v=4",
"html_url": "https:\/\/github.com\/itssixtyn3in"
},
"html_url": "https:\/\/github.com\/itssixtyn3in\/CVE-2023-42222",
"description": null,
"fork": false,
"created_at": "2023-09-27T17:36:30Z",
"updated_at": "2023-09-27T17:36:30Z",
"pushed_at": "2023-09-27T17:51:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2023/CVE-2023-42442.json
View file

@ -13,19 +13,19 @@
"description": null,
"fork": false,
"created_at": "2023-09-27T05:09:20Z",
"updated_at": "2023-09-27T10:14:25Z",
"updated_at": "2023-09-27T16:36:27Z",
"pushed_at": "2023-09-27T05:18:16Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 9,
"forks": 3,
"watchers": 11,
"score": 0,
"subscribers_count": 0
}

32
2023/CVE-2023-43770.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 697409473,
"name": "CVE-2023-43770-POC",
"full_name": "s3cb0y\/CVE-2023-43770-POC",
"owner": {
"login": "s3cb0y",
"id": 43054353,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43054353?v=4",
"html_url": "https:\/\/github.com\/s3cb0y"
},
"html_url": "https:\/\/github.com\/s3cb0y\/CVE-2023-43770-POC",
"description": "A Proof-Of-Concept for the CVE-2023-43770 vulnerability. ",
"fork": false,
"created_at": "2023-09-27T17:08:23Z",
"updated_at": "2023-09-27T17:45:03Z",
"pushed_at": "2023-09-27T17:43:31Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

38
2023/CVE-2023-4762.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-09-27T09:43:20Z",
"updated_at": "2023-09-27T12:36:43Z",
"updated_at": "2023-09-27T15:14:15Z",
"pushed_at": "2023-09-27T10:39:47Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,37 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 5,
"score": 0,
"subscribers_count": 0
},
{
"id": 697340903,
"name": "CVE-2023-4762-Code-Review",
"full_name": "sherlocksecurity\/CVE-2023-4762-Code-Review",
"owner": {
"login": "sherlocksecurity",
"id": 52328067,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52328067?v=4",
"html_url": "https:\/\/github.com\/sherlocksecurity"
},
"html_url": "https:\/\/github.com\/sherlocksecurity\/CVE-2023-4762-Code-Review",
"description": null,
"fork": false,
"created_at": "2023-09-27T14:29:43Z",
"updated_at": "2023-09-27T15:13:59Z",
"pushed_at": "2023-09-27T14:30:39Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}

12
2023/CVE-2023-4863.json
View file

@ -43,19 +43,19 @@
"description": null,
"fork": false,
"created_at": "2023-09-21T05:22:51Z",
"updated_at": "2023-09-27T11:49:05Z",
"updated_at": "2023-09-27T17:21:32Z",
"pushed_at": "2023-09-22T04:31:47Z",
"stargazers_count": 142,
"watchers_count": 142,
"stargazers_count": 145,
"watchers_count": 145,
"has_discussions": false,
"forks_count": 18,
"forks_count": 19,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 142,
"forks": 19,
"watchers": 145,
"score": 0,
"subscribers_count": 5
},

61
README.md
View file

@ -695,6 +695,7 @@
</code>
- [buptsb/CVE-2023-4762](https://github.com/buptsb/CVE-2023-4762)
- [sherlocksecurity/CVE-2023-4762-Code-Review](https://github.com/sherlocksecurity/CVE-2023-4762-Code-Review)
### CVE-2023-4800
- [b0marek/CVE-2023-4800](https://github.com/b0marek/CVE-2023-4800)
@ -2917,7 +2918,11 @@
### CVE-2023-35744
- [ADSSA-IT/CVE-2023-35744](https://github.com/ADSSA-IT/CVE-2023-35744)
### CVE-2023-35793
### CVE-2023-35793 (2023-09-26)
<code>An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery (CSRF) attacks.
</code>
- [Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH](https://github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH)
### CVE-2023-35801 (2023-06-23)
@ -3072,7 +3077,7 @@
### CVE-2023-36844 (2023-08-17)
<code>A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables.\n\nUtilizing a crafted request an attacker is able to modify \n\ncertain PHP environments variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities.\nThis issue affects Juniper Networks Junos OS on EX Series:\n\n\n\n * All versions prior to 20.4R3-S9;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions \n\nprior to \n\n 21.3R3-S5;\n * 21.4 versions \n\nprior to \n\n21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S2, 22.4R3.\n\n\n\n\n
<code>A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.\n\nUsing a crafted request an attacker is able to modify \n\ncertain PHP environment variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities.\nThis issue affects Juniper Networks Junos OS on EX Series:\n\n\n\n * All versions prior to 20.4R3-S9;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S7;\n * 21.3 versions \n\nprior to \n\n 21.3R3-S5;\n * 21.4 versions \n\nprior to \n\n21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S2, 22.4R3;\n * 23.2 versions prior to \n\n23.2R1-S1, 23.2R2.\n\n\n\n\n
</code>
- [watchtowrlabs/juniper-rce_cve-2023-36844](https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844)
@ -3081,7 +3086,7 @@
### CVE-2023-36845 (2023-08-17)
<code>A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series \n\nand SRX Series \n\nallows an unauthenticated, network-based attacker to control certain, important environments variables.\n\nUtilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities.\n\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n\n\n\n * All versions prior to 21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3;\n * 23.2 versions prior to 23.2R1-S1, 23.2R2.\n\n\n\n\n
<code>A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series \n\nand SRX Series \n\nallows an unauthenticated, network-based attacker to remotely execute code.\n\nUsing a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code.\n\n\nThis issue affects Juniper Networks Junos OS on EX Series\n\n\nand \n\n\nSRX Series:\n\n\n\n * All versions prior to \n\n20.4R3-S9;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S7;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3;\n * 23.2 versions prior to 23.2R1-S1, 23.2R2.\n\n\n\n\n
</code>
- [vulncheck-oss/cve-2023-36845-scanner](https://github.com/vulncheck-oss/cve-2023-36845-scanner)
@ -3090,7 +3095,7 @@
### CVE-2023-36846 (2023-08-17)
<code>A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.\n\n\n\nWith a specific request that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of \n\nintegrity\n\nfor a certain \n\npart of the file system, which may allow chaining to other vulnerabilities.\n\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n\n\n\n * All versions prior to 20.4R3-S8;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions \n\nprior to \n\n 21.3R3-S5;\n * 21.4 versions \n\nprior to \n\n21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S3;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3.\n\n\n\n\n
<code>A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.\n\n\n\nWith a specific request to user.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of \n\nintegrity\n\nfor a certain \n\npart of the file system, which may allow chaining to other vulnerabilities.\n\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n\n\n\n * All versions prior to 20.4R3-S8;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions \n\nprior to \n\n 21.3R3-S5;\n * 21.4 versions \n\nprior to \n\n21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S3;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3.\n\n\n\n\n
</code>
- [Dreamy-elfland/CVE-2023-36846](https://github.com/Dreamy-elfland/CVE-2023-36846)
@ -3333,6 +3338,13 @@
- [lucas-cauhe/cargo-perm](https://github.com/lucas-cauhe/cargo-perm)
### CVE-2023-38571 (2023-07-28)
<code>This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences.
</code>
- [gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV](https://github.com/gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV)
### CVE-2023-38632 (2023-07-20)
<code>async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets.
@ -3687,6 +3699,9 @@
- [federella/CVE-2023-41717](https://github.com/federella/CVE-2023-41717)
### CVE-2023-42222
- [itssixtyn3in/CVE-2023-42222](https://github.com/itssixtyn3in/CVE-2023-42222)
### CVE-2023-42362 (2023-09-14)
<code>An arbitrary file upload vulnerability in Teller Web App v.4.4.0 allows a remote attacker to execute arbitrary commands and obtain sensitive information via uploading a crafted file.
@ -3739,13 +3754,25 @@
- [actuator/wave.ai.browser](https://github.com/actuator/wave.ai.browser)
### CVE-2023-42820
### CVE-2023-42820 (2023-09-26)
<code>JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local authentication are also not affected. Users are advised to upgrade to either version 2.28.19 or to 3.6.5. There are no known workarounds or this issue.
</code>
- [wh-gov/CVE-2023-42820](https://github.com/wh-gov/CVE-2023-42820)
### CVE-2023-43154
### CVE-2023-43154 (2023-09-26)
<code>In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in &quot;isValidLogin()&quot; function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.
</code>
- [ally-petitt/CVE-2023-43154-PoC](https://github.com/ally-petitt/CVE-2023-43154-PoC)
### CVE-2023-43263
### CVE-2023-43263 (2023-09-26)
<code>A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component.
</code>
- [b0marek/CVE-2023-43263](https://github.com/b0marek/CVE-2023-43263)
### CVE-2023-43323
@ -3760,7 +3787,7 @@
### CVE-2023-43326 (2023-09-25)
<code>mooSocial v3.1.8 was discovered to contain a cross-site scripting (XSS) vulnerability via the change email function.
<code>A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL.
</code>
- [ahrixia/CVE-2023-43326](https://github.com/ahrixia/CVE-2023-43326)
@ -3772,6 +3799,13 @@
- [sromanhu/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation](https://github.com/sromanhu/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation)
### CVE-2023-43770 (2023-09-22)
<code>Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.
</code>
- [s3cb0y/CVE-2023-43770-POC](https://github.com/s3cb0y/CVE-2023-43770-POC)
### CVE-2023-51504
- [Sybelle03/CVE-2023-51504](https://github.com/Sybelle03/CVE-2023-51504)
@ -5227,7 +5261,7 @@
### CVE-2022-22536 (2022-02-09)
<code>SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
<code>SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.\n\n
</code>
- [antx-code/CVE-2022-22536](https://github.com/antx-code/CVE-2022-22536)
@ -27011,7 +27045,7 @@
- [cucadili/CVE-2018-11776](https://github.com/cucadili/CVE-2018-11776)
- [ArunBhandarii/Apache-Struts-0Day-Exploit](https://github.com/ArunBhandarii/Apache-Struts-0Day-Exploit)
- [freshdemo/ApacheStruts-CVE-2018-11776](https://github.com/freshdemo/ApacheStruts-CVE-2018-11776)
- [tsong0ku/CVE-2018-11776-FIS](https://github.com/tsong0ku/CVE-2018-11776-FIS)
- [sonpt-afk/CVE-2018-11776-FIS](https://github.com/sonpt-afk/CVE-2018-11776-FIS)
### CVE-2018-11788 (2019-01-07)
@ -34609,6 +34643,13 @@
- [xiaoxiaoleo/CVE-2009-2698](https://github.com/xiaoxiaoleo/CVE-2009-2698)
### CVE-2009-3103 (2009-09-08)
<code>Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an &amp; (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka &quot;SMBv2 Negotiation Vulnerability.&quot; NOTE: some of these details are obtained from third party information.
</code>
- [sooklalad/ms09050](https://github.com/sooklalad/ms09050)
### CVE-2009-3555 (2009-11-09)
<code>The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a &quot;plaintext injection&quot; attack, aka the &quot;Project Mogul&quot; issue.