diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json
index ebd9d3552d..ba575e85e5 100644
--- a/2017/CVE-2017-5638.json
+++ b/2017/CVE-2017-5638.json
@@ -2176,10 +2176,10 @@
"description": "This project demonstrates a Web Application Firewall (WAF) simulation using Flask and a vulnerability checker for CVE-2017-5638. The WAF middleware blocks HTTP requests containing specific patterns, and the vulnerability checker tests for and exploits the Apache Struts 2 vulnerability (CVE-2017-5638).",
"fork": false,
"created_at": "2024-07-11T15:16:56Z",
- "updated_at": "2024-07-11T15:19:54Z",
+ "updated_at": "2024-12-04T20:21:40Z",
"pushed_at": "2024-07-11T15:19:51Z",
- "stargazers_count": 0,
- "watchers_count": 0,
+ "stargazers_count": 1,
+ "watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@@ -2188,7 +2188,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
- "watchers": 0,
+ "watchers": 1,
"score": 0,
"subscribers_count": 1
},
diff --git a/2018/CVE-2018-9995.json b/2018/CVE-2018-9995.json
index 402ab42fe3..aadb3192b7 100644
--- a/2018/CVE-2018-9995.json
+++ b/2018/CVE-2018-9995.json
@@ -169,10 +169,10 @@
"description": "DVR-Exploiter a Bash Script Program Exploit The DVR's Based on CVE-2018-9995",
"fork": false,
"created_at": "2018-09-23T20:58:40Z",
- "updated_at": "2024-09-29T20:16:07Z",
+ "updated_at": "2024-12-04T18:15:20Z",
"pushed_at": "2018-10-11T16:54:31Z",
- "stargazers_count": 107,
- "watchers_count": 107,
+ "stargazers_count": 108,
+ "watchers_count": 108,
"has_discussions": false,
"forks_count": 37,
"allow_forking": true,
@@ -181,7 +181,7 @@
"topics": [],
"visibility": "public",
"forks": 37,
- "watchers": 107,
+ "watchers": 108,
"score": 0,
"subscribers_count": 15
},
diff --git a/2020/CVE-2020-25213.json b/2020/CVE-2020-25213.json
index f9ca74dd68..40c4c821e4 100644
--- a/2020/CVE-2020-25213.json
+++ b/2020/CVE-2020-25213.json
@@ -14,10 +14,10 @@
"description": "https:\/\/medium.com\/@mansoorr\/exploiting-cve-2020-25213-wp-file-manager-wordpress-plugin-6-9-3f79241f0cd8",
"fork": false,
"created_at": "2020-10-10T17:50:01Z",
- "updated_at": "2024-10-01T05:06:09Z",
+ "updated_at": "2024-12-04T19:59:04Z",
"pushed_at": "2020-10-12T09:57:28Z",
- "stargazers_count": 57,
- "watchers_count": 57,
+ "stargazers_count": 58,
+ "watchers_count": 58,
"has_discussions": false,
"forks_count": 24,
"allow_forking": true,
@@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 24,
- "watchers": 57,
+ "watchers": 58,
"score": 0,
"subscribers_count": 2
},
diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json
index a01d073816..42e38df0b4 100644
--- a/2020/CVE-2020-2551.json
+++ b/2020/CVE-2020-2551.json
@@ -102,13 +102,13 @@
"stargazers_count": 211,
"watchers_count": 211,
"has_discussions": false,
- "forks_count": 49,
+ "forks_count": 45,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
- "forks": 49,
+ "forks": 45,
"watchers": 211,
"score": 0,
"subscribers_count": 5
diff --git a/2020/CVE-2020-8813.json b/2020/CVE-2020-8813.json
index 8c53c32650..daa9b624c3 100644
--- a/2020/CVE-2020-8813.json
+++ b/2020/CVE-2020-8813.json
@@ -14,10 +14,10 @@
"description": "The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813",
"fork": false,
"created_at": "2020-02-22T16:27:41Z",
- "updated_at": "2024-08-12T19:58:00Z",
+ "updated_at": "2024-12-04T19:11:57Z",
"pushed_at": "2020-02-22T16:33:31Z",
- "stargazers_count": 67,
- "watchers_count": 67,
+ "stargazers_count": 68,
+ "watchers_count": 68,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 20,
- "watchers": 67,
+ "watchers": 68,
"score": 0,
"subscribers_count": 2
},
diff --git a/2021/CVE-2021-1636.json b/2021/CVE-2021-1636.json
index 862c5ff1fd..486f4e3fea 100644
--- a/2021/CVE-2021-1636.json
+++ b/2021/CVE-2021-1636.json
@@ -14,10 +14,10 @@
"description": "  # Ukraine-Cyber-Operations Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine. ([Blog](https:\/\/www.curatedintel.org\/2021\/08\/welcome.html) | [Twitter](https:\/\/twitter.com\/CuratedIntel) | [LinkedIn](https:\/\/www.linkedin.com\/company\/curatedintelligence\/))   ### Analyst Comments: - 2022-02-25 - Creation of the initial repository to help organisations in Ukraine - Added [Threat Reports](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#threat-reports) section - Added [Vendor Support](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#vendor-support) section - 2022-02-26 - Additional resources, chronologically ordered (h\/t Orange-CD) - Added [Vetted OSINT Sources](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#vetted-osint-sources) section - Added [Miscellaneous Resources](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#miscellaneous-resources) section - 2022-02-27 - Additional threat reports have been added - Added [Data Brokers](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/README.md#data-brokers) section - Added [Access Brokers](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/README.md#access-brokers) section - 2022-02-28 - Added Russian Cyber Operations Against Ukraine Timeline by ETAC - Added Vetted and Contextualized [Indicators of Compromise (IOCs)](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv) by ETAC - 2022-03-01 - Additional threat reports and resources have been added - 2022-03-02 - Additional [Indicators of Compromise (IOCs)](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv#L2011) have been added - Added vetted [YARA rule collection](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/tree\/main\/yara) from the Threat Reports by ETAC - Added loosely-vetted [IOC Threat Hunt Feeds](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/tree\/main\/KPMG-Egyde_Ukraine-Crisis_Feeds\/MISP-CSV_MediumConfidence_Filtered) by KPMG-Egyde CTI (h\/t [0xDISREL](https:\/\/twitter.com\/0xDISREL)) - IOCs shared by these feeds are `LOW-TO-MEDIUM CONFIDENCE` we strongly recommend NOT adding them to a blocklist - These could potentially be used for `THREAT HUNTING` and could be added to a `WATCHLIST` - IOCs are generated in `MISP COMPATIBLE` CSV format - 2022-03-03 - Additional threat reports and vendor support resources have been added - Updated [Log4Shell IOC Threat Hunt Feeds](https:\/\/github.com\/curated-intel\/Log4Shell-IOCs\/tree\/main\/KPMG_Log4Shell_Feeds) by KPMG-Egyde CTI; not directly related to Ukraine, but still a widespread vulnerability. - Added diagram of Russia-Ukraine Cyberwar Participants 2022 by ETAC - Additional [Indicators of Compromise (IOCs)](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv#L2042) have been added #### `Threat Reports` | Date | Source | Threat(s) | URL | | --- | --- | --- | --- | | 14 JAN | SSU Ukraine | Website Defacements | [ssu.gov.ua](https:\/\/ssu.gov.ua\/novyny\/sbu-rozsliduie-prychetnist-rosiiskykh-spetssluzhb-do-sohodnishnoi-kiberataky-na-orhany-derzhavnoi-vlady-ukrainy)| | 15 JAN | Microsoft | WhisperGate wiper (DEV-0586) | [microsoft.com](https:\/\/www.microsoft.com\/security\/blog\/2022\/01\/15\/destructive-malware-targeting-ukrainian-organizations\/) | | 19 JAN | Elastic | WhisperGate wiper (Operation BleedingBear) | [elastic.github.io](https:\/\/elastic.github.io\/security-research\/malware\/2022\/01\/01.operation-bleeding-bear\/article\/) | | 31 JAN | Symantec | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [symantec-enterprise-blogs.security.com](https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/shuckworm-gamaredon-espionage-ukraine) | | 2 FEB | RaidForums | Access broker \"GodLevel\" offering Ukrainain algricultural exchange | RaidForums [not linked] | | 2 FEB | CERT-UA | UAC-0056 using SaintBot and OutSteel malware | [cert.gov.ua](https:\/\/cert.gov.ua\/article\/18419) | | 3 FEB | PAN Unit42 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [unit42.paloaltonetworks.com](https:\/\/unit42.paloaltonetworks.com\/gamaredon-primitive-bear-ukraine-update-2021\/) | | 4 FEB | Microsoft | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [microsoft.com](https:\/\/www.microsoft.com\/security\/blog\/2022\/02\/04\/actinium-targets-ukrainian-organizations\/) | | 8 FEB | NSFOCUS | Lorec53 (aka UAC-0056, EmberBear, BleedingBear) | [nsfocusglobal.com](https:\/\/nsfocusglobal.com\/apt-retrospection-lorec53-an-active-russian-hack-group-launched-phishing-attacks-against-georgian-government) | | 15 FEB | CERT-UA | DDoS attacks against the name server of government websites as well as Oschadbank (State Savings Bank) & Privatbank (largest commercial bank). False SMS and e-mails to create panic | [cert.gov.ua](https:\/\/cert.gov.ua\/article\/37139) | | 23 FEB | The Daily Beast | Ukrainian troops receive threatening SMS messages | [thedailybeast.com](https:\/\/www.thedailybeast.com\/cyberattacks-hit-websites-and-psy-ops-sms-messages-targeting-ukrainians-ramp-up-as-russia-moves-into-ukraine) | | 23 FEB | UK NCSC | Sandworm\/VoodooBear (GRU) | [ncsc.gov.uk](https:\/\/www.ncsc.gov.uk\/files\/Joint-Sandworm-Advisory.pdf) | | 23 FEB | SentinelLabs | HermeticWiper | [sentinelone.com]( https:\/\/www.sentinelone.com\/labs\/hermetic-wiper-ukraine-under-attack\/ ) | | 24 FEB | ESET | HermeticWiper | [welivesecurity.com](https:\/\/www.welivesecurity.com\/2022\/02\/24\/hermeticwiper-new-data-wiping-malware-hits-ukraine\/) | | 24 FEB | Symantec | HermeticWiper, PartyTicket ransomware, CVE-2021-1636, unknown webshell | [symantec-enterprise-blogs.security.com](https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/ukraine-wiper-malware-russia) | | 24 FEB | Cisco Talos | HermeticWiper | [blog.talosintelligence.com](https:\/\/blog.talosintelligence.com\/2022\/02\/threat-advisory-hermeticwiper.html) | | 24 FEB | Zscaler | HermeticWiper | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/hermetic-wiper-resurgence-targeted-attacks-ukraine) | | 24 FEB | Cluster25 | HermeticWiper | [cluster25.io](https:\/\/cluster25.io\/2022\/02\/24\/ukraine-analysis-of-the-new-disk-wiping-malware\/) | | 24 FEB | CronUp | Data broker \"FreeCivilian\" offering multiple .gov.ua | [twitter.com\/1ZRR4H](https:\/\/twitter.com\/1ZRR4H\/status\/1496931721052311557)| | 24 FEB | RaidForums | Data broker \"Featherine\" offering diia.gov.ua | RaidForums [not linked] | | 24 FEB | DomainTools | Unknown scammers | [twitter.com\/SecuritySnacks](https:\/\/twitter.com\/SecuritySnacks\/status\/1496956492636905473?s=20&t=KCIX_1Ughc2Fs6Du-Av0Xw) | | 25 FEB | @500mk500 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/500mk500](https:\/\/twitter.com\/500mk500\/status\/1497339266329894920?s=20&t=opOtwpn82ztiFtwUbLkm9Q) | | 25 FEB | @500mk500 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/500mk500](https:\/\/twitter.com\/500mk500\/status\/1497208285472215042)| | 25 FEB | Microsoft | HermeticWiper | [gist.github.com](https:\/\/gist.github.com\/fr0gger\/7882fde2b1b271f9e886a4a9b6fb6b7f) | | 25 FEB | 360 NetLab | DDoS (Mirai, Gafgyt, IRCbot, Ripprbot, Moobot) | [blog.netlab.360.com](https:\/\/blog.netlab.360.com\/some_details_of_the_ddos_attacks_targeting_ukraine_and_russia_in_recent_days\/) | | 25 FEB | Conti [themselves] | Conti ransomware, BazarLoader | Conti News .onion [not linked] | | 25 FEB | CoomingProject [themselves] | Data Hostage Group | CoomingProject Telegram [not linked] | | 25 FEB | CERT-UA | UNC1151\/Ghostwriter (Belarus MoD) | [CERT-UA Facebook](https:\/\/facebook.com\/story.php?story_fbid=312939130865352&id=100064478028712)| | 25 FEB | Sekoia | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/sekoia_io](https:\/\/twitter.com\/sekoia_io\/status\/1497239319295279106) | | 25 FEB | @jaimeblascob | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/jaimeblasco](https:\/\/twitter.com\/jaimeblascob\/status\/1497242668627370009)| | 25 FEB | RISKIQ | UNC1151\/Ghostwriter (Belarus MoD) | [community.riskiq.com](https:\/\/community.riskiq.com\/article\/e3a7ceea\/) | | 25 FEB | MalwareHunterTeam | Unknown phishing | [twitter.com\/malwrhunterteam](https:\/\/twitter.com\/malwrhunterteam\/status\/1497235270416097287) | | 25 FEB | ESET | Unknown scammers | [twitter.com\/ESETresearch](https:\/\/twitter.com\/ESETresearch\/status\/1497194165561659394) | | 25 FEB | BitDefender | Unknown scammers | [blog.bitdefender.com](https:\/\/blog.bitdefender.com\/blog\/hotforsecurity\/cybercriminals-deploy-spam-campaign-as-tens-of-thousands-of-ukrainians-seek-refuge-in-neighboring-countries\/) | | 25 FEB | SSSCIP Ukraine | Unkown phishing | [twitter.com\/dsszzi](https:\/\/twitter.com\/dsszzi\/status\/1497103078029291522) | | 25 FEB | RaidForums | Data broker \"NetSec\" offering FSB (likely SMTP accounts) | RaidForums [not linked] | | 25 FEB | Zscaler | PartyTicket decoy ransomware | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/technical-analysis-partyticket-ransomware) | | 25 FEB | INCERT GIE | Cyclops Blink, HermeticWiper | [linkedin.com](https:\/\/www.linkedin.com\/posts\/activity-6902989337210740736-XohK) [Login Required] | | 25 FEB | Proofpoint | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/threatinsight](https:\/\/twitter.com\/threatinsight\/status\/1497355737844133895?s=20&t=Ubi0tb_XxGCbHLnUoQVp8w) | | 25 FEB | @fr0gger_ | HermeticWiper capabilities Overview | [twitter.com\/fr0gger_](https:\/\/twitter.com\/fr0gger_\/status\/1497121876870832128?s=20&t=_296n0bPeUgdXleX02M9mg) | 26 FEB | BBC Journalist | A fake Telegram account claiming to be President Zelensky is posting dubious messages | [twitter.com\/shayan86](https:\/\/twitter.com\/shayan86\/status\/1497485340738785283?s=21) | | 26 FEB | CERT-UA | UNC1151\/Ghostwriter (Belarus MoD) | [CERT_UA Facebook](https:\/\/facebook.com\/story.php?story_fbid=313517477474184&id=100064478028712) | | 26 FEB | MHT and TRMLabs | Unknown scammers, linked to ransomware | [twitter.com\/joes_mcgill](https:\/\/twitter.com\/joes_mcgill\/status\/1497609555856932864?s=20&t=KCIX_1Ughc2Fs6Du-Av0Xw) | | 26 FEB | US CISA | WhisperGate wiper, HermeticWiper | [cisa.gov](https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-057a) | | 26 FEB | Bloomberg | Destructive malware (possibly HermeticWiper) deployed at Ukrainian Ministry of Internal Affairs & data stolen from Ukrainian telecommunications networks | [bloomberg.com](https:\/\/www.bloomberg.com\/news\/articles\/2022-02-26\/hackers-destroyed-data-at-key-ukraine-agency-before-invasion?sref=ylv224K8) | | 26 FEB | Vice Prime Minister of Ukraine | IT ARMY of Ukraine created to crowdsource offensive operations against Russian infrastructure | [twitter.com\/FedorovMykhailo](https:\/\/twitter.com\/FedorovMykhailo\/status\/1497642156076511233) | | 26 FEB | Yoroi | HermeticWiper | [yoroi.company](https:\/\/yoroi.company\/research\/diskkill-hermeticwiper-a-disruptive-cyber-weapon-targeting-ukraines-critical-infrastructures) | | 27 FEB | LockBit [themselves] | LockBit ransomware | LockBit .onion [not linked] | | 27 FEB | ALPHV [themselves] | ALPHV ransomware | vHUMINT [closed source] | | 27 FEB | Mēris Botnet [themselves] | DDoS attacks | vHUMINT [closed source] | | 28 FEB | Horizon News [themselves] | Leak of China's Censorship Order about Ukraine | [TechARP](https:\/\/www-techarp-com.cdn.ampproject.org\/c\/s\/www.techarp.com\/internet\/chinese-media-leaks-ukraine-censor\/?amp=1)| | 28 FEB | Microsoft | FoxBlade (aka HermeticWiper) | [Microsoft](https:\/\/blogs.microsoft.com\/on-the-issues\/2022\/02\/28\/ukraine-russia-digital-war-cyberattacks\/?preview_id=65075) | | 28 FEB | @heymingwei | Potential BGP hijacks attempts against Ukrainian Internet Names Center | [https:\/\/twitter.com\/heymingwei](https:\/\/twitter.com\/heymingwei\/status\/1498362715198263300?s=20&t=Ju31gTurYc8Aq_yZMbvbxg) | | 28 FEB | @cyberknow20 | Stormous ransomware targets Ukraine Ministry of Foreign Affairs | [twitter.com\/cyberknow20](https:\/\/twitter.com\/cyberknow20\/status\/1498434090206314498?s=21) | | 1 MAR | ESET | IsaacWiper and HermeticWizard | [welivesecurity.com](https:\/\/www.welivesecurity.com\/2022\/03\/01\/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine\/) | | 1 MAR | Proofpoint | Ukrainian armed service member's email compromised and sent malspam containing the SunSeed malware (likely TA445\/UNC1151\/Ghostwriter) | [proofpoint.com](https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/asylum-ambuscade-state-actor-uses-compromised-private-ukrainian-military-emails) | | 1 MAR | Elastic | HermeticWiper | [elastic.github.io](https:\/\/elastic.github.io\/security-research\/intelligence\/2022\/03\/01.hermeticwiper-targets-ukraine\/article\/) | | 1 MAR | CrowdStrike | PartyTicket (aka HermeticRansom), DriveSlayer (aka HermeticWiper) | [CrowdStrike](https:\/\/www.crowdstrike.com\/blog\/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine\/) | | 2 MAR | Zscaler | DanaBot operators launch DDoS attacks against the Ukrainian Ministry of Defense | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/danabot-launches-ddos-attack-against-ukrainian-ministry-defense) | | 3 MAR | @ShadowChasing1 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/ShadowChasing1](https:\/\/twitter.com\/ShadowChasing1\/status\/1499361093059153921) | | 3 MAR | @vxunderground | News website in Poland was reportedly compromised and the threat actor uploaded anti-Ukrainian propaganda | [twitter.com\/vxunderground](https:\/\/twitter.com\/vxunderground\/status\/1499374914758918151?s=20&t=jyy9Hnpzy-5P1gcx19bvIA) | | 3 MAR | @kylaintheburgh | Russian botnet on Twitter is pushing \"#istandwithputin\" and \"#istandwithrussia\" propaganda (in English) | [twitter.com\/kylaintheburgh](https:\/\/twitter.com\/kylaintheburgh\/status\/1499350578371067906?s=21) | | 3 MAR | @tracerspiff | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com](https:\/\/twitter.com\/tracerspiff\/status\/1499444876810854408?s=21) | #### `Access Brokers` | Date | Threat(s) | Source | | --- | --- | --- | | 23 JAN | Access broker \"Mont4na\" offering UkrFerry | RaidForums [not linked] | | 23 JAN | Access broker \"Mont4na\" offering PrivatBank | RaidForums [not linked] | | 24 JAN | Access broker \"Mont4na\" offering DTEK | RaidForums [not linked] | | 27 FEB | KelvinSecurity Sharing list of IP cameras in Ukraine | vHUMINT [closed source] | | 28 FEB | \"w1nte4mute\" looking to buy access to UA and NATO countries (likely ransomware affiliate) | vHUMINT [closed source] | #### `Data Brokers` | Threat Actor | Type | Observation | Validated | Relevance | Source | | --------------- | --------------- | --------------------------------------------------------------------------------------------------------- | --------- | ----------------------------- | ---------------------------------------------------------- | | aguyinachair | UA data sharing | PII DB of ukraine.com (shared as part of a generic compilation) | No | TA discussion in past 90 days | ELeaks Forum \\[not linked\\] | | an3key | UA data sharing | DB of Ministry of Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | an3key | UA data sharing | DB of Ukrainian Ministry of Internal Affairs (wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB (40M) of PrivatBank customers (privatbank\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | DB of \"border crossing\" DBs of DPR and LPR | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB (7.5M) of Ukrainian passports | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB of Ukrainian car registration, license plates, Ukrainian traffic police records | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB (2.1M) of Ukrainian citizens | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB (28M) of Ukrainian citizens (passports, drivers licenses, photos) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB (1M) of Ukrainian postal\/courier service customers (novaposhta\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB (10M) of Ukrainian telecom customers (vodafone\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB (3M) of Ukrainian telecom customers (lifecell\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | CorelDraw | UA data sharing | PII DB (13M) of Ukrainian telecom customers (kyivstar\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | danieltx51 | UA data sharing | DB of Ministry of Foreign Affairs of Ukraine (mfa\\[.\\]gov\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | DueDiligenceCIS | UA data sharing | PII DB (63M) of Ukrainian citizens (name, DOB, birth country, phone, TIN, passport, family, etc) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | Featherine | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | FreeCivilian | UA data sharing | DB of Ministry for Internal Affairs of Ukraine public data search engine (wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | FreeCivilian | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | FreeCivilian | UA data sharing | DB of Motor Insurance Bureau of Ukraine (mtsbu\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | FreeCivilian | UA data sharing | PII DB of Ukrainian digital-medicine provider (medstar\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | FreeCivilian | UA data sharing | DB of ticket.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of id.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of my.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of portal.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of anti-violence-map.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of dopomoga.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of e-services.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of edu.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of education.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of ek-cbi.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mail.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of portal-gromady.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of web-minsoc.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of wcs-wim.dsbt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of bdr.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of motorsich.com | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of dsns.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mon.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of minagro.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of zt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of kmu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of dsbt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of forest.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of nkrzi.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of dabi.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of comin.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of dp.dpss.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of esbu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mms.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mova.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mspu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of nads.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of reintegration.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of sies.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of sport.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mepr.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mfa.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of va.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mtu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of cg.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of ch-tmo.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of cp.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of cpd.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of hutirvilnij-mrc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of dndekc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of visnyk.dndekc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of dpvs.hsc.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of odk.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of e-driver\\[.\\]hsc\\[.\\]gov\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of minregeion\\[.\\]gov\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of health\\[.\\]mia\\[.\\]solutions | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mtsbu\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of motorsich\\[.\\]com | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of kyivcity\\[.\\]com | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of bdr\\[.\\]mvs\\[.\\]gov\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of gkh\\[.\\]in\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of kmu\\[.\\]gov\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mon\\[.\\]gov\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of minagro\\[.\\]gov\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | FreeCivilian | UA data sharing | DB of mfa\\[.\\]gov\\[.\\]ua | No | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\] | | Intel\\_Data | UA data sharing | PII DB (56M) of Ukrainian Citizens | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | Kristina | UA data sharing | DB of Ukrainian National Police (mvs\\[.\\]gov\\[.\\]ua) | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | NetSec | UA data sharing | PII DB (53M) of Ukrainian citizens | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | Psycho\\_Killer | UA data sharing | PII DB (56M) of Ukrainian Citizens | No | TA discussion in past 90 days | Exploit Forum .onion \\[not linked\\] | | Sp333 | UA data sharing | PII DB of Ukrainian and Russian interpreters, translators, and tour guides | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | Vaticano | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine \\[copy\\] | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | | Vaticano | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua) \\[copy\\] | No | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | #### `Vendor Support` | Vendor | Offering | URL | | --- | --- | --- | | Dragos | Access to Dragos service if from US\/UK\/ANZ and in need of ICS cybersecurity support | [twitter.com\/RobertMLee](https:\/\/twitter.com\/RobertMLee\/status\/1496862093588455429) | | GreyNoise | Any and all `Ukrainian` emails registered to GreyNoise have been upgraded to VIP which includes full, uncapped enterprise access to all GreyNoise products | [twitter.com\/Andrew___Morris](https:\/\/twitter.com\/Andrew___Morris\/status\/1496923545712091139) | | Recorded Future | Providing free intelligence-driven insights, perspectives, and mitigation strategies as the situation in Ukraine evolves| [recordedfuture.com](https:\/\/www.recordedfuture.com\/ukraine\/) | | Flashpoint | Free Access to Flashpoint’s Latest Threat Intel on Ukraine | [go.flashpoint-intel.com](https:\/\/go.flashpoint-intel.com\/trial\/access\/30days) | | ThreatABLE | A Ukraine tag for free threat intelligence feed that's more highly curated to cyber| [twitter.com\/threatable](https:\/\/twitter.com\/threatable\/status\/1497233721803644950) | | Orange | IOCs related to Russia-Ukraine 2022 conflict extracted from our Datalake Threat Intelligence platform. | [github.com\/Orange-Cyberdefense](https:\/\/github.com\/Orange-Cyberdefense\/russia-ukraine_IOCs)| | FSecure | F-Secure FREEDOME VPN is now available for free in all of Ukraine | [twitter.com\/FSecure](https:\/\/twitter.com\/FSecure\/status\/1497248407303462960) | | Multiple vendors | List of vendors offering their services to Ukraine for free, put together by [@chrisculling](https:\/\/twitter.com\/chrisculling\/status\/1497023038323404803) | [docs.google.com\/spreadsheets](https:\/\/docs.google.com\/spreadsheets\/d\/18WYY9p1_DLwB6dnXoiiOAoWYD8X0voXtoDl_ZQzjzUQ\/edit#gid=0) | | Mandiant | Free threat intelligence, webinar and guidance for defensive measures relevant to the situation in Ukraine. | [mandiant.com](https:\/\/www.mandiant.com\/resources\/insights\/ukraine-crisis-resource-center) | | Starlink | Satellite internet constellation operated by SpaceX providing satellite Internet access coverage to Ukraine | [twitter.com\/elonmusk](https:\/\/twitter.com\/elonmusk\/status\/1497701484003213317) | | Romania DNSC | Romania’s DNSC – in partnership with Bitdefender – will provide technical consulting, threat intelligence and, free of charge, cybersecurity technology to any business, government institution or private citizen of Ukraine for as long as it is necessary. | [Romania's DNSC Press Release](https:\/\/dnsc.ro\/citeste\/press-release-dnsc-and-bitdefender-work-together-in-support-of-ukraine)| | BitDefender | Access to Bitdefender technical consulting, threat intelligence and both consumer and enterprise cybersecurity technology | [bitdefender.com\/ukraine\/](https:\/\/www.bitdefender.com\/ukraine\/) | | NameCheap | Free anonymous hosting and domain name registration to any anti-Putin anti-regime and protest websites for anyone located within Russia and Belarus | [twitter.com\/Namecheap](https:\/\/twitter.com\/Namecheap\/status\/1498998414020861953) | | Avast | Free decryptor for PartyTicket ransomware | [decoded.avast.io](https:\/\/decoded.avast.io\/threatresearch\/help-for-ukraine-free-decryptor-for-hermeticransom-ransomware\/) | #### `Vetted OSINT Sources` | Handle | Affiliation | | --- | --- | | [@KyivIndependent](https:\/\/twitter.com\/KyivIndependent) | English-language journalism in Ukraine | | [@IAPonomarenko](https:\/\/twitter.com\/IAPonomarenko) | Defense reporter with The Kyiv Independent | | [@KyivPost](https:\/\/twitter.com\/KyivPost) | English-language journalism in Ukraine | | [@Shayan86](https:\/\/twitter.com\/Shayan86) | BBC World News Disinformation journalist | | [@Liveuamap](https:\/\/twitter.com\/Liveuamap) | Live Universal Awareness Map (“Liveuamap”) independent global news and information site | | [@DAlperovitch](https:\/\/twitter.com\/DAlperovitch) | The Alperovitch Institute for Cybersecurity Studies, Founder & Former CTO of CrowdStrike | | [@COUPSURE](https:\/\/twitter.com\/COUPSURE) | OSINT investigator for Centre for Information Resilience | | [@netblocks](https:\/\/twitter.com\/netblocks) | London-based Internet's Observatory | #### `Miscellaneous Resources` | Source | URL | Content | | --- | --- | --- | | PowerOutages.com | https:\/\/poweroutage.com\/ua | Tracking PowerOutages across Ukraine | | Monash IP Observatory | https:\/\/twitter.com\/IP_Observatory | Tracking IP address outages across Ukraine | | Project Owl Discord | https:\/\/discord.com\/invite\/projectowl | Tracking foreign policy, geopolitical events, military and governments, using a Discord-based crowdsourced approach, with a current emphasis on Ukraine and Russia | | russianwarchatter.info | https:\/\/www.russianwarchatter.info\/ | Known Russian Military Radio Frequencies |",
"fork": false,
"created_at": "2022-03-04T09:00:59Z",
- "updated_at": "2024-11-13T18:31:51Z",
+ "updated_at": "2024-12-04T21:38:21Z",
"pushed_at": "2022-03-04T09:03:14Z",
- "stargazers_count": 16,
- "watchers_count": 16,
+ "stargazers_count": 17,
+ "watchers_count": 17,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
- "watchers": 16,
+ "watchers": 17,
"score": 0,
"subscribers_count": 0
}
diff --git a/2021/CVE-2021-3129.json b/2021/CVE-2021-3129.json
index 9bf2416939..324dca92bc 100644
--- a/2021/CVE-2021-3129.json
+++ b/2021/CVE-2021-3129.json
@@ -45,10 +45,10 @@
"description": "Laravel debug rce",
"fork": false,
"created_at": "2021-01-22T05:12:21Z",
- "updated_at": "2024-11-17T07:18:34Z",
+ "updated_at": "2024-12-04T21:47:14Z",
"pushed_at": "2021-01-24T05:28:07Z",
- "stargazers_count": 125,
- "watchers_count": 125,
+ "stargazers_count": 126,
+ "watchers_count": 126,
"has_discussions": false,
"forks_count": 49,
"allow_forking": true,
@@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 49,
- "watchers": 125,
+ "watchers": 126,
"score": 0,
"subscribers_count": 4
},
@@ -938,8 +938,8 @@
"description": "Modified version of laravel ignition RCE (CVE-2021-3129) exploit script for Hour of Hack Session-4",
"fork": false,
"created_at": "2024-12-04T17:04:03Z",
- "updated_at": "2024-12-04T18:08:39Z",
- "pushed_at": "2024-12-04T18:08:34Z",
+ "updated_at": "2024-12-04T19:32:49Z",
+ "pushed_at": "2024-12-04T19:32:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
diff --git a/2021/CVE-2021-40444.json b/2021/CVE-2021-40444.json
index db99304251..16bd3fdeb1 100644
--- a/2021/CVE-2021-40444.json
+++ b/2021/CVE-2021-40444.json
@@ -231,10 +231,10 @@
"description": "CVE-2021-40444 PoC",
"fork": false,
"created_at": "2021-09-10T16:55:53Z",
- "updated_at": "2024-12-04T10:06:55Z",
+ "updated_at": "2024-12-04T22:45:31Z",
"pushed_at": "2021-12-25T18:31:02Z",
- "stargazers_count": 1601,
- "watchers_count": 1601,
+ "stargazers_count": 1602,
+ "watchers_count": 1602,
"has_discussions": false,
"forks_count": 482,
"allow_forking": true,
@@ -243,7 +243,7 @@
"topics": [],
"visibility": "public",
"forks": 482,
- "watchers": 1601,
+ "watchers": 1602,
"score": 0,
"subscribers_count": 28
},
diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json
index ce2a406f85..07881155ad 100644
--- a/2021/CVE-2021-42278.json
+++ b/2021/CVE-2021-42278.json
@@ -50,10 +50,10 @@
"description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ",
"fork": false,
"created_at": "2021-12-13T10:28:12Z",
- "updated_at": "2024-12-04T13:16:44Z",
+ "updated_at": "2024-12-04T19:54:55Z",
"pushed_at": "2023-01-29T03:31:27Z",
- "stargazers_count": 813,
- "watchers_count": 813,
+ "stargazers_count": 814,
+ "watchers_count": 814,
"has_discussions": false,
"forks_count": 124,
"allow_forking": true,
@@ -62,7 +62,7 @@
"topics": [],
"visibility": "public",
"forks": 124,
- "watchers": 813,
+ "watchers": 814,
"score": 0,
"subscribers_count": 13
},
diff --git a/2022/CVE-2022-37706.json b/2022/CVE-2022-37706.json
index 36f67a769a..5898be8ffb 100644
--- a/2022/CVE-2022-37706.json
+++ b/2022/CVE-2022-37706.json
@@ -14,10 +14,10 @@
"description": "A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04)",
"fork": false,
"created_at": "2022-09-12T19:22:44Z",
- "updated_at": "2024-11-21T05:23:30Z",
+ "updated_at": "2024-12-04T22:50:12Z",
"pushed_at": "2022-09-19T19:41:34Z",
- "stargazers_count": 300,
- "watchers_count": 300,
+ "stargazers_count": 299,
+ "watchers_count": 299,
"has_discussions": false,
"forks_count": 41,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 41,
- "watchers": 300,
+ "watchers": 299,
"score": 0,
"subscribers_count": 6
},
diff --git a/2022/CVE-2022-46169.json b/2022/CVE-2022-46169.json
index 42762d2549..a3ef1fff1e 100644
--- a/2022/CVE-2022-46169.json
+++ b/2022/CVE-2022-46169.json
@@ -595,10 +595,10 @@
"description": "This is a exploit of CVE-2022-46169 to cacti 1.2.22. This exploit allows through an RCE to obtain a reverse shell on your computer.",
"fork": false,
"created_at": "2023-05-01T20:00:23Z",
- "updated_at": "2024-09-09T23:16:52Z",
+ "updated_at": "2024-12-04T19:11:59Z",
"pushed_at": "2023-09-11T17:56:27Z",
- "stargazers_count": 38,
- "watchers_count": 38,
+ "stargazers_count": 39,
+ "watchers_count": 39,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@@ -607,7 +607,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
- "watchers": 38,
+ "watchers": 39,
"score": 0,
"subscribers_count": 1
},
diff --git a/2023/CVE-2023-22809.json b/2023/CVE-2023-22809.json
index 107af438c5..ec6b0473c5 100644
--- a/2023/CVE-2023-22809.json
+++ b/2023/CVE-2023-22809.json
@@ -14,10 +14,10 @@
"description": "A script to automate privilege escalation with CVE-2023-22809 vulnerability",
"fork": false,
"created_at": "2023-01-21T15:19:23Z",
- "updated_at": "2024-11-10T14:49:25Z",
+ "updated_at": "2024-12-04T23:26:48Z",
"pushed_at": "2023-02-15T18:10:53Z",
- "stargazers_count": 148,
- "watchers_count": 148,
+ "stargazers_count": 149,
+ "watchers_count": 149,
"has_discussions": false,
"forks_count": 36,
"allow_forking": true,
@@ -35,7 +35,7 @@
],
"visibility": "public",
"forks": 36,
- "watchers": 148,
+ "watchers": 149,
"score": 0,
"subscribers_count": 2
},
diff --git a/2023/CVE-2023-28205.json b/2023/CVE-2023-28205.json
index fe542d1239..c754030c5e 100644
--- a/2023/CVE-2023-28205.json
+++ b/2023/CVE-2023-28205.json
@@ -14,10 +14,10 @@
"description": "PoC CVE-2023-28205: Apple WebKit Use-After-Free Vulnerability",
"fork": false,
"created_at": "2024-11-30T12:25:47Z",
- "updated_at": "2024-12-03T23:39:02Z",
+ "updated_at": "2024-12-04T22:34:18Z",
"pushed_at": "2024-12-01T16:08:19Z",
- "stargazers_count": 7,
- "watchers_count": 7,
+ "stargazers_count": 8,
+ "watchers_count": 8,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@@ -35,7 +35,7 @@
],
"visibility": "public",
"forks": 1,
- "watchers": 7,
+ "watchers": 8,
"score": 0,
"subscribers_count": 2
}
diff --git a/2023/CVE-2023-4220.json b/2023/CVE-2023-4220.json
index 610b12ac87..e27017690d 100644
--- a/2023/CVE-2023-4220.json
+++ b/2023/CVE-2023-4220.json
@@ -655,5 +655,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
+ },
+ {
+ "id": 898709513,
+ "name": "CVE-2023-4220",
+ "full_name": "MikeyPPPPPPPP\/CVE-2023-4220",
+ "owner": {
+ "login": "MikeyPPPPPPPP",
+ "id": 50926811,
+ "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50926811?v=4",
+ "html_url": "https:\/\/github.com\/MikeyPPPPPPPP",
+ "user_view_type": "public"
+ },
+ "html_url": "https:\/\/github.com\/MikeyPPPPPPPP\/CVE-2023-4220",
+ "description": "Remote command execution exploit made for redteamers.",
+ "fork": false,
+ "created_at": "2024-12-04T22:16:12Z",
+ "updated_at": "2024-12-05T00:00:21Z",
+ "pushed_at": "2024-12-05T00:00:17Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "has_discussions": false,
+ "forks_count": 0,
+ "allow_forking": true,
+ "is_template": false,
+ "web_commit_signoff_required": false,
+ "topics": [],
+ "visibility": "public",
+ "forks": 0,
+ "watchers": 0,
+ "score": 0,
+ "subscribers_count": 0
}
]
\ No newline at end of file
diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json
index 9747c879cd..3af6f15f44 100644
--- a/2023/CVE-2023-45866.json
+++ b/2023/CVE-2023-45866.json
@@ -14,10 +14,10 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
- "updated_at": "2024-12-03T21:28:40Z",
+ "updated_at": "2024-12-04T23:00:01Z",
"pushed_at": "2024-08-18T08:26:46Z",
- "stargazers_count": 1284,
- "watchers_count": 1284,
+ "stargazers_count": 1285,
+ "watchers_count": 1285,
"has_discussions": false,
"forks_count": 218,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 218,
- "watchers": 1284,
+ "watchers": 1285,
"score": 0,
"subscribers_count": 21
},
diff --git a/2024/CVE-2024-11680.json b/2024/CVE-2024-11680.json
new file mode 100644
index 0000000000..4e9f5a7f5c
--- /dev/null
+++ b/2024/CVE-2024-11680.json
@@ -0,0 +1,33 @@
+[
+ {
+ "id": 898635585,
+ "name": "CVE-2024-11680_PoC_Exploit",
+ "full_name": "D3N14LD15K\/CVE-2024-11680_PoC_Exploit",
+ "owner": {
+ "login": "D3N14LD15K",
+ "id": 155617205,
+ "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155617205?v=4",
+ "html_url": "https:\/\/github.com\/D3N14LD15K",
+ "user_view_type": "public"
+ },
+ "html_url": "https:\/\/github.com\/D3N14LD15K\/CVE-2024-11680_PoC_Exploit",
+ "description": "This repository contains a Proof of Concept (PoC) exploit for CVE-2024-11680, a critical vulnerability in ProjectSend r1605 and older versions. The exploit targets a Cross-Site Request Forgery (CSRF) flaw in combination with Privilege Misconfiguration issues.",
+ "fork": false,
+ "created_at": "2024-12-04T18:42:43Z",
+ "updated_at": "2024-12-05T00:24:01Z",
+ "pushed_at": "2024-12-04T19:25:34Z",
+ "stargazers_count": 1,
+ "watchers_count": 1,
+ "has_discussions": false,
+ "forks_count": 0,
+ "allow_forking": true,
+ "is_template": false,
+ "web_commit_signoff_required": false,
+ "topics": [],
+ "visibility": "public",
+ "forks": 0,
+ "watchers": 1,
+ "score": 0,
+ "subscribers_count": 0
+ }
+]
\ No newline at end of file
diff --git a/2024/CVE-2024-38193.json b/2024/CVE-2024-38193.json
index 19d613497e..719b58cd46 100644
--- a/2024/CVE-2024-38193.json
+++ b/2024/CVE-2024-38193.json
@@ -1,33 +1,33 @@
[
{
- "id": 890642037,
- "name": "CVE-2024-38193",
- "full_name": "Nephster\/CVE-2024-38193",
+ "id": 897795595,
+ "name": "CVE-2024-38193-Nephster",
+ "full_name": "killvxk\/CVE-2024-38193-Nephster",
"owner": {
- "login": "Nephster",
- "id": 7522000,
- "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7522000?v=4",
- "html_url": "https:\/\/github.com\/Nephster",
+ "login": "killvxk",
+ "id": 309424,
+ "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/309424?v=4",
+ "html_url": "https:\/\/github.com\/killvxk",
"user_view_type": "public"
},
- "html_url": "https:\/\/github.com\/Nephster\/CVE-2024-38193",
+ "html_url": "https:\/\/github.com\/killvxk\/CVE-2024-38193-Nephster",
"description": null,
"fork": false,
- "created_at": "2024-11-18T23:34:34Z",
- "updated_at": "2024-12-04T15:35:36Z",
+ "created_at": "2024-12-03T08:56:59Z",
+ "updated_at": "2024-12-03T09:05:33Z",
"pushed_at": "2024-11-18T23:48:31Z",
- "stargazers_count": 30,
- "watchers_count": 30,
+ "stargazers_count": 0,
+ "watchers_count": 0,
"has_discussions": false,
- "forks_count": 4,
+ "forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
- "forks": 4,
- "watchers": 30,
+ "forks": 3,
+ "watchers": 0,
"score": 0,
- "subscribers_count": 1
+ "subscribers_count": 0
}
]
\ No newline at end of file
diff --git a/2024/CVE-2024-42327.json b/2024/CVE-2024-42327.json
index 77cdc1cc30..7aee21a46a 100644
--- a/2024/CVE-2024-42327.json
+++ b/2024/CVE-2024-42327.json
@@ -14,10 +14,10 @@
"description": "cve-2024-42327 ZBX-25623",
"fork": false,
"created_at": "2024-12-01T00:15:27Z",
- "updated_at": "2024-12-04T18:29:22Z",
+ "updated_at": "2024-12-04T22:18:19Z",
"pushed_at": "2024-12-01T01:18:36Z",
- "stargazers_count": 15,
- "watchers_count": 15,
+ "stargazers_count": 17,
+ "watchers_count": 17,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
- "watchers": 15,
+ "watchers": 17,
"score": 0,
"subscribers_count": 1
},
@@ -45,10 +45,10 @@
"description": "PoC for CVE-2024-42327 \/ ZBX-25623",
"fork": false,
"created_at": "2024-12-03T12:44:07Z",
- "updated_at": "2024-12-04T14:31:56Z",
+ "updated_at": "2024-12-04T23:45:49Z",
"pushed_at": "2024-12-03T12:56:52Z",
- "stargazers_count": 10,
- "watchers_count": 10,
+ "stargazers_count": 11,
+ "watchers_count": 11,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
- "watchers": 10,
+ "watchers": 11,
"score": 0,
"subscribers_count": 1
}
diff --git a/2024/CVE-2024-45216.json b/2024/CVE-2024-45216.json
index a4e75db040..bf44ecb8cd 100644
--- a/2024/CVE-2024-45216.json
+++ b/2024/CVE-2024-45216.json
@@ -14,7 +14,7 @@
"description": null,
"fork": false,
"created_at": "2024-12-02T04:09:04Z",
- "updated_at": "2024-12-03T03:57:36Z",
+ "updated_at": "2024-12-05T00:10:27Z",
"pushed_at": "2024-12-02T04:16:09Z",
"stargazers_count": 2,
"watchers_count": 2,
diff --git a/2024/CVE-2024-46483.json b/2024/CVE-2024-46483.json
index 45a3d47929..448173df85 100644
--- a/2024/CVE-2024-46483.json
+++ b/2024/CVE-2024-46483.json
@@ -14,10 +14,10 @@
"description": "Pre-Authentication Heap Overflow in Xlight SFTP server <= 3.9.4.2",
"fork": false,
"created_at": "2024-10-18T11:46:14Z",
- "updated_at": "2024-11-14T08:20:38Z",
+ "updated_at": "2024-12-04T22:39:12Z",
"pushed_at": "2024-10-18T12:29:36Z",
- "stargazers_count": 11,
- "watchers_count": 11,
+ "stargazers_count": 12,
+ "watchers_count": 12,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
- "watchers": 11,
+ "watchers": 12,
"score": 0,
"subscribers_count": 1
}
diff --git a/2024/CVE-2024-47575.json b/2024/CVE-2024-47575.json
index 11581b866f..f0e0b94452 100644
--- a/2024/CVE-2024-47575.json
+++ b/2024/CVE-2024-47575.json
@@ -14,10 +14,10 @@
"description": "Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575",
"fork": false,
"created_at": "2024-11-07T21:03:30Z",
- "updated_at": "2024-11-29T01:40:56Z",
+ "updated_at": "2024-12-04T22:33:44Z",
"pushed_at": "2024-11-14T16:25:52Z",
- "stargazers_count": 70,
- "watchers_count": 70,
+ "stargazers_count": 71,
+ "watchers_count": 71,
"has_discussions": false,
"forks_count": 22,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 22,
- "watchers": 70,
+ "watchers": 71,
"score": 0,
"subscribers_count": 0
},
diff --git a/2024/CVE-2024-49039.json b/2024/CVE-2024-49039.json
index 5798890de5..1b11a4be23 100644
--- a/2024/CVE-2024-49039.json
+++ b/2024/CVE-2024-49039.json
@@ -14,10 +14,10 @@
"description": "WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler",
"fork": false,
"created_at": "2024-11-19T08:57:18Z",
- "updated_at": "2024-12-04T18:26:55Z",
+ "updated_at": "2024-12-04T23:54:55Z",
"pushed_at": "2024-11-19T09:15:26Z",
- "stargazers_count": 52,
- "watchers_count": 52,
+ "stargazers_count": 53,
+ "watchers_count": 53,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 13,
- "watchers": 52,
+ "watchers": 53,
"score": 0,
"subscribers_count": 1
}
diff --git a/2024/CVE-2024-52680.json b/2024/CVE-2024-52680.json
deleted file mode 100644
index 310390ba2a..0000000000
--- a/2024/CVE-2024-52680.json
+++ /dev/null
@@ -1,33 +0,0 @@
-[
- {
- "id": 897723885,
- "name": "CVE-2024-52680",
- "full_name": "cyb3res3c\/CVE-2024-52680",
- "owner": {
- "login": "cyb3res3c",
- "id": 109259351,
- "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109259351?v=4",
- "html_url": "https:\/\/github.com\/cyb3res3c",
- "user_view_type": "public"
- },
- "html_url": "https:\/\/github.com\/cyb3res3c\/CVE-2024-52680",
- "description": null,
- "fork": false,
- "created_at": "2024-12-03T05:58:44Z",
- "updated_at": "2024-12-03T06:16:05Z",
- "pushed_at": "2024-12-03T06:16:02Z",
- "stargazers_count": 0,
- "watchers_count": 0,
- "has_discussions": false,
- "forks_count": 0,
- "allow_forking": true,
- "is_template": false,
- "web_commit_signoff_required": false,
- "topics": [],
- "visibility": "public",
- "forks": 0,
- "watchers": 0,
- "score": 0,
- "subscribers_count": 1
- }
-]
\ No newline at end of file
diff --git a/2024/CVE-2024-9264.json b/2024/CVE-2024-9264.json
index de72ee85b2..09718aeccc 100644
--- a/2024/CVE-2024-9264.json
+++ b/2024/CVE-2024-9264.json
@@ -14,10 +14,10 @@
"description": "Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)",
"fork": false,
"created_at": "2024-10-19T13:50:52Z",
- "updated_at": "2024-11-24T11:10:43Z",
+ "updated_at": "2024-12-04T22:45:28Z",
"pushed_at": "2024-11-21T17:43:56Z",
- "stargazers_count": 83,
- "watchers_count": 83,
+ "stargazers_count": 84,
+ "watchers_count": 84,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@@ -38,7 +38,7 @@
],
"visibility": "public",
"forks": 17,
- "watchers": 83,
+ "watchers": 84,
"score": 0,
"subscribers_count": 1
},
diff --git a/2024/CVE-2024-9474.json b/2024/CVE-2024-9474.json
index fd680bba38..c3533ec026 100644
--- a/2024/CVE-2024-9474.json
+++ b/2024/CVE-2024-9474.json
@@ -14,10 +14,10 @@
"description": "PAN-OS auth bypass + RCE",
"fork": false,
"created_at": "2024-11-19T17:26:27Z",
- "updated_at": "2024-12-03T05:18:54Z",
+ "updated_at": "2024-12-04T20:47:07Z",
"pushed_at": "2024-11-19T17:38:29Z",
- "stargazers_count": 36,
- "watchers_count": 36,
+ "stargazers_count": 37,
+ "watchers_count": 37,
"has_discussions": false,
"forks_count": 19,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 19,
- "watchers": 36,
+ "watchers": 37,
"score": 0,
"subscribers_count": 1
},
diff --git a/README.md b/README.md
index 0140142ad7..b27ed7d01e 100644
--- a/README.md
+++ b/README.md
@@ -2250,6 +2250,13 @@
- [TheN00bBuilder/cve-2024-11477-writeup](https://github.com/TheN00bBuilder/cve-2024-11477-writeup)
+### CVE-2024-11680 (2024-11-26)
+
+ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript.
+
+
+- [D3N14LD15K/CVE-2024-11680_PoC_Exploit](https://github.com/D3N14LD15K/CVE-2024-11680_PoC_Exploit)
+
### CVE-2024-12345
- [RoyaRadin/CVE-2024-12345-POC](https://github.com/RoyaRadin/CVE-2024-12345-POC)
@@ -5526,7 +5533,7 @@
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
-- [Nephster/CVE-2024-38193](https://github.com/Nephster/CVE-2024-38193)
+- [killvxk/CVE-2024-38193-Nephster](https://github.com/killvxk/CVE-2024-38193-Nephster)
### CVE-2024-38200 (2024-08-08)
@@ -7204,9 +7211,6 @@
- [ubaii/CVE-2024-52475](https://github.com/ubaii/CVE-2024-52475)
-### CVE-2024-52680
-- [cyb3res3c/CVE-2024-52680](https://github.com/cyb3res3c/CVE-2024-52680)
-
### CVE-2024-52711 (2024-11-19)
DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter.
@@ -8146,6 +8150,7 @@
- [H4cking4All/CVE-2023-4220](https://github.com/H4cking4All/CVE-2023-4220)
- [oxapavan/CVE-2023-4220-HTB-PermX](https://github.com/oxapavan/CVE-2023-4220-HTB-PermX)
- [numaan911098/CVE-2023-4220](https://github.com/numaan911098/CVE-2023-4220)
+- [MikeyPPPPPPPP/CVE-2023-4220](https://github.com/MikeyPPPPPPPP/CVE-2023-4220)
### CVE-2023-4226 (2023-11-28)