mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/10/09 06:11:17

Browse source
This commit is contained in:
motikan2010-bot 2020-10-09 06:11:17 +09:00
parent 274187ec25
commit 81b32e1f88
18 changed files with 165 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
2015/CVE-2015-4335.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 302425563,
"name": "CVE-2015-4335",
"full_name": "EMCELLY\/CVE-2015-4335",
"owner": {
"login": "EMCELLY",
"id": 984191,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/984191?v=4",
"html_url": "https:\/\/github.com\/EMCELLY"
},
"html_url": "https:\/\/github.com\/EMCELLY\/CVE-2015-4335",
"description": "CVE-2015-4335 Redis Lua Sandbox Escape",
"fork": false,
"created_at": "2020-10-08T18:15:14Z",
"updated_at": "2020-10-08T18:24:36Z",
"pushed_at": "2020-10-08T18:24:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

23
2017/CVE-2017-5638.json
View file

@ -206,6 +206,29 @@
"watchers": 2,
"score": 0
},
{
"id": 84640546,
"name": "test_struts2_vulnerability_CVE-2017-5638",
"full_name": "sjitech\/test_struts2_vulnerability_CVE-2017-5638",
"owner": {
"login": "sjitech",
"id": 5180638,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5180638?v=4",
"html_url": "https:\/\/github.com\/sjitech"
},
"html_url": "https:\/\/github.com\/sjitech\/test_struts2_vulnerability_CVE-2017-5638",
"description": "test struts2 vulnerability CVE-2017-5638 in Mac OS X",
"fork": false,
"created_at": "2017-03-11T10:03:54Z",
"updated_at": "2017-03-13T11:14:00Z",
"pushed_at": "2017-03-13T07:38:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 84642680,
"name": "CVE-2017-5638",

4
2018/CVE-2018-2392.json
View file

@ -13,8 +13,8 @@
"description": "SAP IGS XXE attack CVE-2018-2392 and CVE-2018-2393",
"fork": false,
"created_at": "2020-10-02T17:57:22Z",
"updated_at": "2020-10-02T19:04:26Z",
"pushed_at": "2020-10-02T19:04:23Z",
"updated_at": "2020-10-08T18:58:12Z",
"pushed_at": "2020-10-08T18:58:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2018/CVE-2018-2894.json
View file

@ -36,13 +36,13 @@
"description": "CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script",
"fork": false,
"created_at": "2018-07-20T03:59:18Z",
"updated_at": "2020-06-19T04:46:51Z",
"updated_at": "2020-10-08T21:02:47Z",
"pushed_at": "2018-07-20T12:46:50Z",
"stargazers_count": 126,
"watchers_count": 126,
"stargazers_count": 127,
"watchers_count": 127,
"forks_count": 48,
"forks": 48,
"watchers": 126,
"watchers": 127,
"score": 0
},
{

4
2018/CVE-2018-6242.json
View file

@ -105,8 +105,8 @@
"description": "Rust implementation of the Fusée Gelée exploit (CVE-2018-6242) for Tegra processors.",
"fork": false,
"created_at": "2020-09-07T03:28:15Z",
"updated_at": "2020-10-07T18:04:23Z",
"pushed_at": "2020-10-07T18:04:21Z",
"updated_at": "2020-10-08T17:07:42Z",
"pushed_at": "2020-10-08T17:07:40Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2019/CVE-2019-15107.json
View file

@ -289,13 +289,13 @@
"description": "CVE-2019-15107 exploit",
"fork": false,
"created_at": "2020-09-13T03:11:29Z",
"updated_at": "2020-09-14T21:06:39Z",
"updated_at": "2020-10-08T20:11:48Z",
"pushed_at": "2020-09-14T20:46:02Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0
}
]

8
2019/CVE-2019-17558.json
View file

@ -36,13 +36,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-10-08T09:32:25Z",
"updated_at": "2020-10-08T16:30:51Z",
"pushed_at": "2020-10-03T04:00:20Z",
"stargazers_count": 1910,
"watchers_count": 1910,
"stargazers_count": 1911,
"watchers_count": 1911,
"forks_count": 497,
"forks": 497,
"watchers": 1910,
"watchers": 1911,
"score": 0
},
{

2
2019/CVE-2019-19781.json
View file

@ -83,7 +83,7 @@
"fork": false,
"created_at": "2020-01-11T00:26:16Z",
"updated_at": "2020-09-08T14:13:36Z",
"pushed_at": "2020-10-07T21:25:31Z",
"pushed_at": "2020-10-08T16:53:51Z",
"stargazers_count": 98,
"watchers_count": 98,
"forks_count": 29,

8
2019/CVE-2019-2729.json
View file

@ -36,13 +36,13 @@
"description": "CVE-2019-2729 Exploit Script",
"fork": false,
"created_at": "2020-02-19T03:49:51Z",
"updated_at": "2020-10-05T12:56:52Z",
"updated_at": "2020-10-08T18:22:22Z",
"pushed_at": "2020-02-19T08:48:02Z",
"stargazers_count": 12,
"watchers_count": 12,
"stargazers_count": 13,
"watchers_count": 13,
"forks_count": 5,
"forks": 5,
"watchers": 12,
"watchers": 13,
"score": 0
}
]

8
2020/CVE-2020-0787.json
View file

@ -13,13 +13,13 @@
"description": "Support ALL Windows Version",
"fork": false,
"created_at": "2020-06-16T08:57:51Z",
"updated_at": "2020-10-08T01:43:37Z",
"updated_at": "2020-10-08T19:38:03Z",
"pushed_at": "2020-09-11T07:38:22Z",
"stargazers_count": 425,
"watchers_count": 425,
"stargazers_count": 426,
"watchers_count": 426,
"forks_count": 100,
"forks": 100,
"watchers": 425,
"watchers": 426,
"score": 0
}
]

23
2020/CVE-2020-11492.json
View file

@ -1,4 +1,27 @@
[
{
"id": 267392741,
"name": "CVE-2020-11492",
"full_name": "joshfinley\/CVE-2020-11492",
"owner": {
"login": "joshfinley",
"id": 13423441,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13423441?v=4",
"html_url": "https:\/\/github.com\/joshfinley"
},
"html_url": "https:\/\/github.com\/joshfinley\/CVE-2020-11492",
"description": null,
"fork": false,
"created_at": "2020-05-27T18:11:18Z",
"updated_at": "2020-10-08T18:53:13Z",
"pushed_at": "2020-06-14T16:42:43Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 267493495,
"name": "CVE-2020-11492",

24
2020/CVE-2020-1472.json
View file

@ -82,13 +82,13 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2020-10-08T08:29:09Z",
"updated_at": "2020-10-08T18:58:43Z",
"pushed_at": "2020-09-25T15:32:01Z",
"stargazers_count": 646,
"watchers_count": 646,
"stargazers_count": 648,
"watchers_count": 648,
"forks_count": 185,
"forks": 185,
"watchers": 646,
"watchers": 648,
"score": 0
},
{
@ -105,13 +105,13 @@
"description": "Exploit Code for CVE-2020-1472 aka Zerologon",
"fork": false,
"created_at": "2020-09-14T16:57:49Z",
"updated_at": "2020-10-07T20:37:42Z",
"updated_at": "2020-10-08T20:27:47Z",
"pushed_at": "2020-10-06T06:58:55Z",
"stargazers_count": 111,
"watchers_count": 111,
"stargazers_count": 112,
"watchers_count": 112,
"forks_count": 28,
"forks": 28,
"watchers": 111,
"watchers": 112,
"score": 0
},
{
@ -128,13 +128,13 @@
"description": "Exploit for zerologon cve-2020-1472",
"fork": false,
"created_at": "2020-09-14T19:19:07Z",
"updated_at": "2020-10-08T11:34:32Z",
"updated_at": "2020-10-08T16:53:27Z",
"pushed_at": "2020-09-17T18:06:57Z",
"stargazers_count": 172,
"watchers_count": 172,
"stargazers_count": 174,
"watchers_count": 174,
"forks_count": 64,
"forks": 64,
"watchers": 172,
"watchers": 174,
"score": 0
},
{

25
2020/CVE-2020-15169.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 302388307,
"name": "CVE-2020-15169",
"full_name": "glasses618\/CVE-2020-15169",
"owner": {
"login": "glasses618",
"id": 10650655,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10650655?v=4",
"html_url": "https:\/\/github.com\/glasses618"
},
"html_url": "https:\/\/github.com\/glasses618\/CVE-2020-15169",
"description": null,
"fork": false,
"created_at": "2020-10-08T15:42:37Z",
"updated_at": "2020-10-08T15:43:15Z",
"pushed_at": "2020-10-08T15:43:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2020/CVE-2020-2034.json
View file

@ -13,13 +13,13 @@
"description": "Determine the Version Running on the Palo Alto Network Firewall for the Global Protect Portal",
"fork": false,
"created_at": "2020-08-08T14:19:44Z",
"updated_at": "2020-10-05T18:21:11Z",
"updated_at": "2020-10-08T16:13:55Z",
"pushed_at": "2020-08-14T09:24:34Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 2,
"forks": 2,
"watchers": 2,
"watchers": 3,
"score": 0
}
]

8
2020/CVE-2020-3452.json
View file

@ -59,13 +59,13 @@
"description": "CVE-2020-3452 Cisco ASA Scanner -unauth Path Traversal Check",
"fork": false,
"created_at": "2020-07-24T15:04:45Z",
"updated_at": "2020-10-08T05:07:16Z",
"updated_at": "2020-10-08T15:24:21Z",
"pushed_at": "2020-08-30T21:34:41Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 3,
"forks": 3,
"watchers": 11,
"watchers": 10,
"score": 0
},
{

8
2020/CVE-2020-5902.json
View file

@ -13,13 +13,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-10-08T09:32:25Z",
"updated_at": "2020-10-08T16:30:51Z",
"pushed_at": "2020-10-03T04:00:20Z",
"stargazers_count": 1910,
"watchers_count": 1910,
"stargazers_count": 1911,
"watchers_count": 1911,
"forks_count": 497,
"forks": 497,
"watchers": 1910,
"watchers": 1911,
"score": 0
},
{

4
2020/CVE-2020-9484.json
View file

@ -109,8 +109,8 @@
"pushed_at": "2020-06-05T21:04:43Z",
"stargazers_count": 12,
"watchers_count": 12,
"forks_count": 6,
"forks": 6,
"forks_count": 7,
"forks": 7,
"watchers": 12,
"score": 0
},

18
README.md
View file

@ -1635,6 +1635,7 @@ Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect A
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonate their privileges.
</code>
- [joshfinley/CVE-2020-11492](https://github.com/joshfinley/CVE-2020-11492)
- [CrackerCat/CVE-2020-11492](https://github.com/CrackerCat/CVE-2020-11492)
### CVE-2020-11493
@ -2161,6 +2162,14 @@ Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code executio
- [Maskhe/CVE-2020-15148-bypasses](https://github.com/Maskhe/CVE-2020-15148-bypasses)
### CVE-2020-15169
<code>
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory.
</code>
- [glasses618/CVE-2020-15169](https://github.com/glasses618/CVE-2020-15169)
### CVE-2020-15367
<code>
@ -9658,6 +9667,7 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be
- [immunio/apache-struts2-CVE-2017-5638](https://github.com/immunio/apache-struts2-CVE-2017-5638)
- [Masahiro-Yamada/OgnlContentTypeRejectorValve](https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve)
- [aljazceru/CVE-2017-5638-Apache-Struts2](https://github.com/aljazceru/CVE-2017-5638-Apache-Struts2)
- [sjitech/test_struts2_vulnerability_CVE-2017-5638](https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638)
- [jrrombaldo/CVE-2017-5638](https://github.com/jrrombaldo/CVE-2017-5638)
- [random-robbie/CVE-2017-5638](https://github.com/random-robbie/CVE-2017-5638)
- [initconf/CVE-2017-5638_struts](https://github.com/initconf/CVE-2017-5638_struts)
@ -12876,6 +12886,14 @@ Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.c
- [eudemonics/scaredycat](https://github.com/eudemonics/scaredycat)
- [HenryVHuang/CVE-2015-3864](https://github.com/HenryVHuang/CVE-2015-3864)
### CVE-2015-4335
<code>
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.
</code>
- [EMCELLY/CVE-2015-4335](https://github.com/EMCELLY/CVE-2015-4335)
### CVE-2015-4495
<code>