From 714691a146bfabbf44d9788d932e940c0bf330fd Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 3 Feb 2023 09:29:45 +0900 Subject: [PATCH] Auto Update 2023/02/03 00:29:45 --- 2018/CVE-2018-5955.json | 8 ++++---- 2019/CVE-2019-12725.json | 8 ++++---- 2021/CVE-2021-1056.json | 8 ++++---- 2021/CVE-2021-21972.json | 8 ++++---- 2021/CVE-2021-26855.json | 4 ++-- 2021/CVE-2021-36749.json | 8 ++++---- 2021/CVE-2021-4034.json | 4 ++-- 2021/CVE-2021-40449.json | 8 ++++---- 2021/CVE-2021-41773.json | 4 ++-- 2021/CVE-2021-44228.json | 36 ++++++++++++++++++------------------ 2022/CVE-2022-0847.json | 8 ++++---- 2022/CVE-2022-22954.json | 8 ++++---- 2022/CVE-2022-3602.json | 8 ++++---- 2022/CVE-2022-3699.json | 8 ++++---- 2022/CVE-2022-44268.json | 12 ++++++------ 2022/CVE-2022-46169.json | 2 +- 2022/CVE-2022-46689.json | 8 ++++---- 2023/CVE-2023-0179.json | 8 ++++---- 2023/CVE-2023-21608.json | 12 ++++++------ 2023/CVE-2023-24055.json | 8 ++++---- README.md | 24 ++++++++++++------------ 21 files changed, 101 insertions(+), 101 deletions(-) diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index 8d758b0476..2c403ed796 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -42,10 +42,10 @@ "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", "fork": false, "created_at": "2019-12-21T22:45:55Z", - "updated_at": "2023-02-02T11:40:21Z", + "updated_at": "2023-02-02T19:20:35Z", "pushed_at": "2020-01-05T21:46:25Z", - "stargazers_count": 590, - "watchers_count": 590, + "stargazers_count": 591, + "watchers_count": 591, "has_discussions": false, "forks_count": 129, "allow_forking": true, @@ -67,7 +67,7 @@ ], "visibility": "public", "forks": 129, - "watchers": 590, + "watchers": 591, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-12725.json b/2019/CVE-2019-12725.json index 8349e5c09e..3374df46f0 100644 --- a/2019/CVE-2019-12725.json +++ b/2019/CVE-2019-12725.json @@ -42,10 +42,10 @@ "description": "漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露", "fork": false, "created_at": "2021-05-22T05:06:33Z", - "updated_at": "2023-01-23T22:13:01Z", + "updated_at": "2023-02-02T20:33:33Z", "pushed_at": "2021-11-21T10:34:06Z", - "stargazers_count": 126, - "watchers_count": 126, + "stargazers_count": 127, + "watchers_count": 127, "has_discussions": false, "forks_count": 34, "allow_forking": true, @@ -58,7 +58,7 @@ ], "visibility": "public", "forks": 34, - "watchers": 126, + "watchers": 127, "score": 0 }, { diff --git a/2021/CVE-2021-1056.json b/2021/CVE-2021-1056.json index 48913a7988..e9fcd6bc05 100644 --- a/2021/CVE-2021-1056.json +++ b/2021/CVE-2021-1056.json @@ -13,10 +13,10 @@ "description": "PoC for CVE-2021-1056, related to GPU Container Security", "fork": false, "created_at": "2021-01-08T11:29:48Z", - "updated_at": "2022-06-22T02:08:32Z", + "updated_at": "2023-02-02T21:21:57Z", "pushed_at": "2021-01-12T09:21:02Z", - "stargazers_count": 14, - "watchers_count": 14, + "stargazers_count": 15, + "watchers_count": 15, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 6, - "watchers": 14, + "watchers": 15, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 201c8ecd4b..dc7ba282d9 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -778,10 +778,10 @@ "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", "fork": false, "created_at": "2022-10-04T03:39:27Z", - "updated_at": "2023-02-02T09:50:54Z", + "updated_at": "2023-02-02T20:25:48Z", "pushed_at": "2022-12-15T04:07:54Z", - "stargazers_count": 829, - "watchers_count": 829, + "stargazers_count": 830, + "watchers_count": 830, "has_discussions": false, "forks_count": 92, "allow_forking": true, @@ -797,7 +797,7 @@ ], "visibility": "public", "forks": 92, - "watchers": 829, + "watchers": 830, "score": 0 }, { diff --git a/2021/CVE-2021-26855.json b/2021/CVE-2021-26855.json index 3369ed770e..02fea991f0 100644 --- a/2021/CVE-2021-26855.json +++ b/2021/CVE-2021-26855.json @@ -1374,13 +1374,13 @@ "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 0, "score": 0 } diff --git a/2021/CVE-2021-36749.json b/2021/CVE-2021-36749.json index 683a530dd8..eb11923f52 100644 --- a/2021/CVE-2021-36749.json +++ b/2021/CVE-2021-36749.json @@ -13,10 +13,10 @@ "description": "漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露", "fork": false, "created_at": "2021-05-22T05:06:33Z", - "updated_at": "2023-01-23T22:13:01Z", + "updated_at": "2023-02-02T20:33:33Z", "pushed_at": "2021-11-21T10:34:06Z", - "stargazers_count": 126, - "watchers_count": 126, + "stargazers_count": 127, + "watchers_count": 127, "has_discussions": false, "forks_count": 34, "allow_forking": true, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 34, - "watchers": 126, + "watchers": 127, "score": 0 }, { diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index 1fe8e1b8be..21a27c7c32 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -169,7 +169,7 @@ "stargazers_count": 940, "watchers_count": 940, "has_discussions": false, - "forks_count": 311, + "forks_count": 312, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -179,7 +179,7 @@ "poc" ], "visibility": "public", - "forks": 311, + "forks": 312, "watchers": 940, "score": 0 }, diff --git a/2021/CVE-2021-40449.json b/2021/CVE-2021-40449.json index 5383fc3d13..a281862252 100644 --- a/2021/CVE-2021-40449.json +++ b/2021/CVE-2021-40449.json @@ -191,10 +191,10 @@ "description": "Using CVE-2021-40449 to manual map kernel mode driver", "fork": false, "created_at": "2022-03-04T17:55:52Z", - "updated_at": "2023-02-02T01:07:26Z", + "updated_at": "2023-02-02T23:30:40Z", "pushed_at": "2022-03-05T18:34:25Z", - "stargazers_count": 61, - "watchers_count": 61, + "stargazers_count": 62, + "watchers_count": 62, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -203,7 +203,7 @@ "topics": [], "visibility": "public", "forks": 29, - "watchers": 61, + "watchers": 62, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json index d3ca47b875..8e4d8cb94d 100644 --- a/2021/CVE-2021-41773.json +++ b/2021/CVE-2021-41773.json @@ -1739,13 +1739,13 @@ "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 2, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 1, "watchers": 1, "score": 0 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 362e958513..9a49fa1bac 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -3281,10 +3281,10 @@ "description": "Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)", "fork": false, "created_at": "2021-12-12T22:52:02Z", - "updated_at": "2023-01-31T08:27:25Z", + "updated_at": "2023-02-02T23:09:58Z", "pushed_at": "2021-12-20T15:34:21Z", - "stargazers_count": 339, - "watchers_count": 339, + "stargazers_count": 340, + "watchers_count": 340, "has_discussions": false, "forks_count": 49, "allow_forking": true, @@ -3293,7 +3293,7 @@ "topics": [], "visibility": "public", "forks": 49, - "watchers": 339, + "watchers": 340, "score": 0 }, { @@ -4873,10 +4873,10 @@ "description": "Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)", "fork": false, "created_at": "2021-12-13T20:17:14Z", - "updated_at": "2023-02-01T17:52:24Z", + "updated_at": "2023-02-02T23:06:38Z", "pushed_at": "2021-12-17T17:23:57Z", - "stargazers_count": 56, - "watchers_count": 56, + "stargazers_count": 57, + "watchers_count": 57, "has_discussions": false, "forks_count": 20, "allow_forking": true, @@ -4892,7 +4892,7 @@ ], "visibility": "public", "forks": 20, - "watchers": 56, + "watchers": 57, "score": 0 }, { @@ -5769,10 +5769,10 @@ "description": "Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228", "fork": false, "created_at": "2021-12-14T18:08:45Z", - "updated_at": "2022-11-19T15:00:18Z", + "updated_at": "2023-02-02T21:13:05Z", "pushed_at": "2021-12-20T14:44:27Z", - "stargazers_count": 144, - "watchers_count": 144, + "stargazers_count": 145, + "watchers_count": 145, "has_discussions": false, "forks_count": 24, "allow_forking": true, @@ -5781,7 +5781,7 @@ "topics": [], "visibility": "public", "forks": 24, - "watchers": 144, + "watchers": 145, "score": 0 }, { @@ -9585,19 +9585,19 @@ "description": "Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more.", "fork": false, "created_at": "2021-12-24T13:18:49Z", - "updated_at": "2023-01-29T21:44:19Z", + "updated_at": "2023-02-02T20:29:37Z", "pushed_at": "2022-08-12T20:12:50Z", - "stargazers_count": 99, - "watchers_count": 99, + "stargazers_count": 100, + "watchers_count": 100, "has_discussions": false, - "forks_count": 24, + "forks_count": 25, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 24, - "watchers": 99, + "forks": 25, + "watchers": 100, "score": 0 }, { diff --git a/2022/CVE-2022-0847.json b/2022/CVE-2022-0847.json index af52b48ce3..b24422f9c9 100644 --- a/2022/CVE-2022-0847.json +++ b/2022/CVE-2022-0847.json @@ -100,10 +100,10 @@ "description": "CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”", "fork": false, "created_at": "2022-03-07T18:36:50Z", - "updated_at": "2023-02-02T12:59:54Z", + "updated_at": "2023-02-02T23:08:29Z", "pushed_at": "2023-02-02T02:17:30Z", - "stargazers_count": 229, - "watchers_count": 229, + "stargazers_count": 230, + "watchers_count": 230, "has_discussions": false, "forks_count": 77, "allow_forking": true, @@ -112,7 +112,7 @@ "topics": [], "visibility": "public", "forks": 77, - "watchers": 229, + "watchers": 230, "score": 0 }, { diff --git a/2022/CVE-2022-22954.json b/2022/CVE-2022-22954.json index 20cff785b5..62bdc87058 100644 --- a/2022/CVE-2022-22954.json +++ b/2022/CVE-2022-22954.json @@ -680,10 +680,10 @@ "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", "fork": false, "created_at": "2022-10-04T03:39:27Z", - "updated_at": "2023-02-02T09:50:54Z", + "updated_at": "2023-02-02T20:25:48Z", "pushed_at": "2022-12-15T04:07:54Z", - "stargazers_count": 829, - "watchers_count": 829, + "stargazers_count": 830, + "watchers_count": 830, "has_discussions": false, "forks_count": 92, "allow_forking": true, @@ -699,7 +699,7 @@ ], "visibility": "public", "forks": 92, - "watchers": 829, + "watchers": 830, "score": 0 }, { diff --git a/2022/CVE-2022-3602.json b/2022/CVE-2022-3602.json index df93910879..b27b73797a 100644 --- a/2022/CVE-2022-3602.json +++ b/2022/CVE-2022-3602.json @@ -13,10 +13,10 @@ "description": "Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3", "fork": false, "created_at": "2022-10-28T09:51:41Z", - "updated_at": "2023-02-01T00:57:28Z", + "updated_at": "2023-02-02T18:38:52Z", "pushed_at": "2022-11-18T15:47:17Z", - "stargazers_count": 533, - "watchers_count": 533, + "stargazers_count": 532, + "watchers_count": 532, "has_discussions": false, "forks_count": 108, "allow_forking": true, @@ -30,7 +30,7 @@ ], "visibility": "public", "forks": 108, - "watchers": 533, + "watchers": 532, "score": 0 }, { diff --git a/2022/CVE-2022-3699.json b/2022/CVE-2022-3699.json index 75593c3f1f..86efbdc45f 100644 --- a/2022/CVE-2022-3699.json +++ b/2022/CVE-2022-3699.json @@ -42,10 +42,10 @@ "description": "CVE-2022-3699 with arbitrary kernel code execution capability", "fork": false, "created_at": "2022-12-25T04:34:26Z", - "updated_at": "2023-02-02T13:41:11Z", + "updated_at": "2023-02-02T19:37:56Z", "pushed_at": "2022-12-27T21:30:08Z", - "stargazers_count": 44, - "watchers_count": 44, + "stargazers_count": 45, + "watchers_count": 45, "has_discussions": false, "forks_count": 19, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 19, - "watchers": 44, + "watchers": 45, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-44268.json b/2022/CVE-2022-44268.json index 7f5fc9c883..cacbd06a08 100644 --- a/2022/CVE-2022-44268.json +++ b/2022/CVE-2022-44268.json @@ -13,19 +13,19 @@ "description": "CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator", "fork": false, "created_at": "2023-02-02T15:34:28Z", - "updated_at": "2023-02-02T17:04:04Z", + "updated_at": "2023-02-03T00:07:59Z", "pushed_at": "2023-02-02T16:53:37Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 11, + "watchers_count": 11, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 1, + "forks": 2, + "watchers": 11, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-46169.json b/2022/CVE-2022-46169.json index c1f4784b43..73ed48b4d1 100644 --- a/2022/CVE-2022-46169.json +++ b/2022/CVE-2022-46169.json @@ -228,7 +228,7 @@ "fork": false, "created_at": "2023-02-02T18:21:08Z", "updated_at": "2023-02-02T18:25:02Z", - "pushed_at": "2023-02-02T18:29:29Z", + "pushed_at": "2023-02-02T18:42:54Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index 7b886aaab2..601ed6a60d 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -129,10 +129,10 @@ "description": "CVE-2022-46689", "fork": false, "created_at": "2023-01-03T21:46:37Z", - "updated_at": "2023-01-31T21:54:01Z", + "updated_at": "2023-02-02T20:05:08Z", "pushed_at": "2023-01-19T08:04:02Z", - "stargazers_count": 53, - "watchers_count": 53, + "stargazers_count": 52, + "watchers_count": 52, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -141,7 +141,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 53, + "watchers": 52, "score": 0 }, { diff --git a/2023/CVE-2023-0179.json b/2023/CVE-2023-0179.json index 3c8c28c752..c20ab9d333 100644 --- a/2023/CVE-2023-0179.json +++ b/2023/CVE-2023-0179.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2023-01-21T01:02:01Z", - "updated_at": "2023-02-02T10:40:25Z", + "updated_at": "2023-02-02T20:01:51Z", "pushed_at": "2023-01-21T14:23:42Z", - "stargazers_count": 37, - "watchers_count": 37, + "stargazers_count": 38, + "watchers_count": 38, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 6, - "watchers": 37, + "watchers": 38, "score": 0 } ] \ No newline at end of file diff --git a/2023/CVE-2023-21608.json b/2023/CVE-2023-21608.json index 56e0af0a5a..f669c35991 100644 --- a/2023/CVE-2023-21608.json +++ b/2023/CVE-2023-21608.json @@ -13,12 +13,12 @@ "description": "Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit", "fork": false, "created_at": "2023-01-30T12:57:48Z", - "updated_at": "2023-02-02T18:03:58Z", + "updated_at": "2023-02-02T20:04:24Z", "pushed_at": "2023-02-02T12:37:35Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 12, + "watchers_count": 12, "has_discussions": false, - "forks_count": 3, + "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -34,8 +34,8 @@ "use-after-free" ], "visibility": "public", - "forks": 3, - "watchers": 9, + "forks": 4, + "watchers": 12, "score": 0 } ] \ No newline at end of file diff --git a/2023/CVE-2023-24055.json b/2023/CVE-2023-24055.json index 29f7b6482f..61c05f2fdf 100644 --- a/2023/CVE-2023-24055.json +++ b/2023/CVE-2023-24055.json @@ -42,10 +42,10 @@ "description": "CVE-2023-24055 PoC (KeePass 2.5x)", "fork": false, "created_at": "2023-01-25T03:21:42Z", - "updated_at": "2023-02-02T11:52:47Z", + "updated_at": "2023-02-02T21:40:08Z", "pushed_at": "2023-01-25T06:29:15Z", - "stargazers_count": 184, - "watchers_count": 184, + "stargazers_count": 185, + "watchers_count": 185, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 29, - "watchers": 184, + "watchers": 185, "score": 0 }, { diff --git a/README.md b/README.md index 8d6fe7202f..a34ae6c5e6 100644 --- a/README.md +++ b/README.md @@ -387,7 +387,7 @@ A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak ### CVE-2022-0918 (2022-03-16) -A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing. +A vulnerability was found in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection. No bind or other authentication is required. This message triggers a segmentation fault that results in slapd crashing. - [NathanMulbrook/CVE-2022-0918](https://github.com/NathanMulbrook/CVE-2022-0918) @@ -6669,7 +6669,7 @@ A potential vulnerability by a driver used during manufacturing process on some ### CVE-2021-4034 (2022-01-28) -A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. +CVE-2021-4034 polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector - [ryaagard/CVE-2021-4034](https://github.com/ryaagard/CVE-2021-4034) @@ -14723,7 +14723,7 @@ A vulnerability was found in all versions of containernetworking/plugins before ### CVE-2020-10757 (2020-06-09) -A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. +A flaw was found in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. - [ShaikUsaf/linux-4.19.72_CVE-2020-10757](https://github.com/ShaikUsaf/linux-4.19.72_CVE-2020-10757) @@ -14731,7 +14731,7 @@ A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap ### CVE-2020-10759 (2020-09-15) -A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity. +A PGP signature bypass flaw was found in fwupd, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity. - [justinsteven/CVE-2020-10759-poc](https://github.com/justinsteven/CVE-2020-10759-poc) @@ -19437,7 +19437,7 @@ A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML ### CVE-2019-10207 (2019-11-25) -A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash. +A flaw was found in the Linux kernel’s Bluetooth implementation of UART. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash. - [butterflyhack/CVE-2019-10207](https://github.com/butterflyhack/CVE-2019-10207) @@ -28075,7 +28075,7 @@ The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework befo ### CVE-2016-4971 (2016-06-30) -GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. +It was found that wget used a file name provided by the server for the downloaded file when following a HTTP redirect to a FTP server resource. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client. - [gitcollect/CVE-2016-4971](https://github.com/gitcollect/CVE-2016-4971) @@ -28179,7 +28179,7 @@ net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine ### CVE-2016-5699 (2016-09-02) -CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. +It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. - [bunseokbot/CVE-2016-5699-poc](https://github.com/bunseokbot/CVE-2016-5699-poc) @@ -29060,7 +29060,7 @@ Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) ### CVE-2015-5195 (2017-07-21) -ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. +It was found that ntpd would exit with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) was referenced by the statistics or filegen configuration command. - [theglife214/CVE-2015-5195](https://github.com/theglife214/CVE-2015-5195) @@ -29245,7 +29245,7 @@ The (1) git-remote-ext and (2) unspecified other remote helper programs in Git b ### CVE-2015-7547 (2016-02-18) -Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. +A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module. - [fjserna/CVE-2015-7547](https://github.com/fjserna/CVE-2015-7547) @@ -29399,7 +29399,7 @@ Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in A ### CVE-2014-0130 (2014-05-07) -Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request. +A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted request. - [omarkurt/cve-2014-0130](https://github.com/omarkurt/cve-2014-0130) @@ -29639,7 +29639,7 @@ Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in G ### CVE-2014-3566 (2014-10-14) -The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. +A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. - [mikesplain/CVE-2014-3566-poodle-cookbook](https://github.com/mikesplain/CVE-2014-3566-poodle-cookbook) @@ -30197,7 +30197,7 @@ MySecureShell 1.31 has a Local Denial of Service Vulnerability ### CVE-2013-4348 (2013-11-04) -The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation. +CVE-2013-4348 kernel: net: deadloop path in skb_flow_dissect() - [bl4ck5un/cve-2013-4348](https://github.com/bl4ck5un/cve-2013-4348)