mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/01/21 18:29:21

Browse source
This commit is contained in:
motikan2010-bot 2023-01-22 03:29:21 +09:00
parent 50477494dc
commit 82ffedde3b
28 changed files with 219 additions and 102 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2015/CVE-2015-3864.json
View file

@ -42,10 +42,10 @@
"description": "Python script to generate a malicious MP4 file and start a CherryPy web server hosting a simple HTML page with the embedded file. Exploits another Stagefright vulnerability, the integer overflow (CVE-2015-3864).",
"fork": false,
"created_at": "2015-12-08T18:27:52Z",
"updated_at": "2022-03-04T05:03:01Z",
"updated_at": "2023-01-21T16:07:47Z",
"pushed_at": "2015-12-08T18:35:47Z",
"stargazers_count": 17,
"watchers_count": 17,
"stargazers_count": 18,
"watchers_count": 18,
"has_discussions": false,
"forks_count": 15,
"allow_forking": true,
@ -54,7 +54,7 @@
"topics": [],
"visibility": "public",
"forks": 15,
"watchers": 17,
"watchers": 18,
"score": 0
},
{

8
2016/CVE-2016-0638.json
View file

@ -13,10 +13,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2023-01-21T06:26:42Z",
"updated_at": "2023-01-21T16:53:26Z",
"pushed_at": "2022-07-17T12:41:46Z",
"stargazers_count": 1589,
"watchers_count": 1589,
"stargazers_count": 1590,
"watchers_count": 1590,
"has_discussions": false,
"forks_count": 317,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 317,
"watchers": 1589,
"watchers": 1590,
"score": 0
},
{

8
2017/CVE-2017-3248.json
View file

@ -42,10 +42,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2023-01-21T06:26:42Z",
"updated_at": "2023-01-21T16:53:26Z",
"pushed_at": "2022-07-17T12:41:46Z",
"stargazers_count": 1589,
"watchers_count": 1589,
"stargazers_count": 1590,
"watchers_count": 1590,
"has_discussions": false,
"forks_count": 317,
"allow_forking": true,
@ -75,7 +75,7 @@
],
"visibility": "public",
"forks": 317,
"watchers": 1589,
"watchers": 1590,
"score": 0
},
{

8
2018/CVE-2018-14847.json
View file

@ -13,10 +13,10 @@
"description": "Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847)",
"fork": false,
"created_at": "2018-06-24T05:34:05Z",
"updated_at": "2023-01-17T16:46:51Z",
"updated_at": "2023-01-21T15:44:38Z",
"pushed_at": "2020-10-16T12:09:45Z",
"stargazers_count": 479,
"watchers_count": 479,
"stargazers_count": 480,
"watchers_count": 480,
"has_discussions": false,
"forks_count": 468,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 468,
"watchers": 479,
"watchers": 480,
"score": 0
},
{

8
2018/CVE-2018-2628.json
View file

@ -568,10 +568,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2023-01-21T06:26:42Z",
"updated_at": "2023-01-21T16:53:26Z",
"pushed_at": "2022-07-17T12:41:46Z",
"stargazers_count": 1589,
"watchers_count": 1589,
"stargazers_count": 1590,
"watchers_count": 1590,
"has_discussions": false,
"forks_count": 317,
"allow_forking": true,
@ -601,7 +601,7 @@
],
"visibility": "public",
"forks": 317,
"watchers": 1589,
"watchers": 1590,
"score": 0
},
{

8
2019/CVE-2019-16278.json
View file

@ -129,10 +129,10 @@
"description": "A quick python exploit for the Nostromo 1.9.6 remote code execution vulnerability. Simply takes a host and port that the web server is running on. ",
"fork": false,
"created_at": "2019-11-22T18:35:14Z",
"updated_at": "2022-11-09T18:05:19Z",
"updated_at": "2023-01-21T16:12:32Z",
"pushed_at": "2019-11-22T18:57:29Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -141,7 +141,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 6,
"watchers": 7,
"score": 0
},
{

8
2019/CVE-2019-2618.json
View file

@ -187,10 +187,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2023-01-21T06:26:42Z",
"updated_at": "2023-01-21T16:53:26Z",
"pushed_at": "2022-07-17T12:41:46Z",
"stargazers_count": 1589,
"watchers_count": 1589,
"stargazers_count": 1590,
"watchers_count": 1590,
"has_discussions": false,
"forks_count": 317,
"allow_forking": true,
@ -220,7 +220,7 @@
],
"visibility": "public",
"forks": 317,
"watchers": 1589,
"watchers": 1590,
"score": 0
}
]

20
2020/CVE-2020-1472.json
View file

@ -42,10 +42,10 @@
"description": "Test tool for CVE-2020-1472",
"fork": false,
"created_at": "2020-09-08T08:58:37Z",
"updated_at": "2023-01-18T13:43:58Z",
"updated_at": "2023-01-21T18:16:06Z",
"pushed_at": "2021-12-08T10:31:54Z",
"stargazers_count": 1543,
"watchers_count": 1543,
"stargazers_count": 1544,
"watchers_count": 1544,
"has_discussions": false,
"forks_count": 351,
"allow_forking": true,
@ -54,7 +54,7 @@
"topics": [],
"visibility": "public",
"forks": 351,
"watchers": 1543,
"watchers": 1544,
"score": 0
},
{
@ -105,13 +105,13 @@
"stargazers_count": 994,
"watchers_count": 994,
"has_discussions": false,
"forks_count": 272,
"forks_count": 273,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 272,
"forks": 273,
"watchers": 994,
"score": 0
},
@ -165,10 +165,10 @@
"description": "Exploit for zerologon cve-2020-1472",
"fork": false,
"created_at": "2020-09-14T19:19:07Z",
"updated_at": "2023-01-18T19:48:44Z",
"updated_at": "2023-01-21T17:59:40Z",
"pushed_at": "2020-10-15T18:31:15Z",
"stargazers_count": 506,
"watchers_count": 506,
"stargazers_count": 507,
"watchers_count": 507,
"has_discussions": false,
"forks_count": 138,
"allow_forking": true,
@ -177,7 +177,7 @@
"topics": [],
"visibility": "public",
"forks": 138,
"watchers": 506,
"watchers": 507,
"score": 0
},
{

8
2020/CVE-2020-2551.json
View file

@ -13,10 +13,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2023-01-21T06:26:42Z",
"updated_at": "2023-01-21T16:53:26Z",
"pushed_at": "2022-07-17T12:41:46Z",
"stargazers_count": 1589,
"watchers_count": 1589,
"stargazers_count": 1590,
"watchers_count": 1590,
"has_discussions": false,
"forks_count": 317,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 317,
"watchers": 1589,
"watchers": 1590,
"score": 0
},
{

31
2021/CVE-2021-20294.json Normal file
View file

@ -0,0 +1,31 @@
[
{
"id": 591711046,
"name": "CVE-2021-20294-POC",
"full_name": "tin-z\/CVE-2021-20294-POC",
"owner": {
"login": "tin-z",
"id": 32848129,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32848129?v=4",
"html_url": "https:\/\/github.com\/tin-z"
},
"html_url": "https:\/\/github.com\/tin-z\/CVE-2021-20294-POC",
"description": "Simple CVE-2021-20294 poc",
"fork": false,
"created_at": "2023-01-21T16:15:21Z",
"updated_at": "2023-01-21T16:55:57Z",
"pushed_at": "2023-01-21T16:28:15Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0
}
]

8
2021/CVE-2021-31166.json
View file

@ -330,10 +330,10 @@
"description": "PoC for CVE-2021-31166 and CVE-2022-21907",
"fork": false,
"created_at": "2022-11-22T09:10:36Z",
"updated_at": "2023-01-07T10:32:31Z",
"updated_at": "2023-01-21T17:00:27Z",
"pushed_at": "2022-12-08T11:05:50Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -342,7 +342,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0
}
]

2
2021/CVE-2021-3156.json
View file

@ -1039,7 +1039,7 @@
"description": "Sudo Baron Samedit Exploit",
"fork": false,
"created_at": "2021-03-15T17:37:02Z",
"updated_at": "2023-01-18T18:18:30Z",
"updated_at": "2023-01-21T17:21:45Z",
"pushed_at": "2022-01-13T05:48:01Z",
"stargazers_count": 560,
"watchers_count": 560,

2
2021/CVE-2021-4034.json
View file

@ -3867,7 +3867,7 @@
"fork": false,
"created_at": "2022-03-16T23:05:53Z",
"updated_at": "2022-03-16T23:20:31Z",
"pushed_at": "2022-12-27T12:08:27Z",
"pushed_at": "2023-01-21T18:23:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

16
2021/CVE-2021-44228.json
View file

@ -2042,10 +2042,10 @@
"description": "CVE-2021-44228log4j2 burp插件 Java版本dnslog选取了非dnslog.cn域名",
"fork": false,
"created_at": "2021-12-12T01:24:39Z",
"updated_at": "2022-12-19T05:13:42Z",
"updated_at": "2023-01-21T17:34:17Z",
"pushed_at": "2021-12-11T10:39:41Z",
"stargazers_count": 22,
"watchers_count": 22,
"stargazers_count": 23,
"watchers_count": 23,
"has_discussions": false,
"forks_count": 43,
"allow_forking": true,
@ -2054,7 +2054,7 @@
"topics": [],
"visibility": "public",
"forks": 43,
"watchers": 22,
"watchers": 23,
"score": 0
},
{
@ -3614,10 +3614,10 @@
"description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ",
"fork": false,
"created_at": "2021-12-13T03:57:50Z",
"updated_at": "2023-01-21T09:56:55Z",
"updated_at": "2023-01-21T14:10:33Z",
"pushed_at": "2022-11-23T18:23:24Z",
"stargazers_count": 3170,
"watchers_count": 3170,
"stargazers_count": 3171,
"watchers_count": 3171,
"has_discussions": true,
"forks_count": 743,
"allow_forking": true,
@ -3626,7 +3626,7 @@
"topics": [],
"visibility": "public",
"forks": 743,
"watchers": 3170,
"watchers": 3171,
"score": 0
},
{

8
2022/CVE-2022-21661.json
View file

@ -187,10 +187,10 @@
"description": "The first poc video presenting the sql injection test from ( WordPress Core 5.8.2-'WP_Query' \/ CVE-2022-21661) ",
"fork": false,
"created_at": "2022-11-06T20:44:10Z",
"updated_at": "2023-01-16T17:28:44Z",
"updated_at": "2023-01-21T18:26:18Z",
"pushed_at": "2022-11-23T21:09:11Z",
"stargazers_count": 86,
"watchers_count": 86,
"stargazers_count": 85,
"watchers_count": 85,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -205,7 +205,7 @@
],
"visibility": "public",
"forks": 17,
"watchers": 86,
"watchers": 85,
"score": 0
},
{

8
2022/CVE-2022-21907.json
View file

@ -377,10 +377,10 @@
"description": "PoC for CVE-2021-31166 and CVE-2022-21907",
"fork": false,
"created_at": "2022-11-22T09:10:36Z",
"updated_at": "2023-01-07T10:32:31Z",
"updated_at": "2023-01-21T17:00:27Z",
"pushed_at": "2022-12-08T11:05:50Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -389,7 +389,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0
}
]

4
2022/CVE-2022-22963.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 341,
"watchers_count": 341,
"has_discussions": false,
"forks_count": 84,
"forks_count": 85,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -34,7 +34,7 @@
"spring-cloud-function"
],
"visibility": "public",
"forks": 84,
"forks": 85,
"watchers": 341,
"score": 0
},

20
2022/CVE-2022-22965.json
View file

@ -90,7 +90,7 @@
"stargazers_count": 120,
"watchers_count": 120,
"has_discussions": false,
"forks_count": 84,
"forks_count": 85,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -107,7 +107,7 @@
"working-example"
],
"visibility": "public",
"forks": 84,
"forks": 85,
"watchers": 120,
"score": 0
},
@ -130,13 +130,13 @@
"stargazers_count": 276,
"watchers_count": 276,
"has_discussions": false,
"forks_count": 217,
"forks_count": 218,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 217,
"forks": 218,
"watchers": 276,
"score": 0
},
@ -1434,19 +1434,19 @@
"description": "CVE-2022-22965写入冰蝎webshell脚本",
"fork": false,
"created_at": "2022-04-07T03:50:14Z",
"updated_at": "2023-01-18T11:33:21Z",
"updated_at": "2023-01-21T15:18:22Z",
"pushed_at": "2022-05-10T03:54:23Z",
"stargazers_count": 59,
"watchers_count": 59,
"stargazers_count": 60,
"watchers_count": 60,
"has_discussions": false,
"forks_count": 20,
"forks_count": 21,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 59,
"forks": 21,
"watchers": 60,
"score": 0
},
{

8
2022/CVE-2022-33679.json
View file

@ -13,10 +13,10 @@
"description": "One day based on https:\/\/googleprojectzero.blogspot.com\/2022\/10\/rc4-is-still-considered-harmful.html",
"fork": false,
"created_at": "2022-11-02T18:38:01Z",
"updated_at": "2023-01-17T16:18:45Z",
"updated_at": "2023-01-21T18:26:58Z",
"pushed_at": "2022-12-13T15:26:57Z",
"stargazers_count": 357,
"watchers_count": 357,
"stargazers_count": 356,
"watchers_count": 356,
"has_discussions": false,
"forks_count": 65,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 65,
"watchers": 357,
"watchers": 356,
"score": 0
},
{

8
2022/CVE-2022-34718.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2022-10-03T11:39:25Z",
"updated_at": "2023-01-12T10:35:51Z",
"updated_at": "2023-01-21T17:50:11Z",
"pushed_at": "2022-10-10T08:57:29Z",
"stargazers_count": 40,
"watchers_count": 40,
"stargazers_count": 41,
"watchers_count": 41,
"has_discussions": false,
"forks_count": 15,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 15,
"watchers": 40,
"watchers": 41,
"score": 0
}
]

8
2022/CVE-2022-42864.json
View file

@ -13,10 +13,10 @@
"description": "Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition",
"fork": false,
"created_at": "2023-01-19T20:36:49Z",
"updated_at": "2023-01-21T08:36:35Z",
"updated_at": "2023-01-21T17:37:18Z",
"pushed_at": "2023-01-20T17:58:39Z",
"stargazers_count": 15,
"watchers_count": 15,
"stargazers_count": 16,
"watchers_count": 16,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 15,
"watchers": 16,
"score": 0
}
]

4
2022/CVE-2022-44877.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 91,
"watchers_count": 91,
"has_discussions": false,
"forks_count": 19,
"forks_count": 20,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 19,
"forks": 20,
"watchers": 91,
"score": 0
},

31
2022/CVE-2022-44900.json Normal file
View file

@ -0,0 +1,31 @@
[
{
"id": 591689085,
"name": "CVE-2022-44900-demo-lab",
"full_name": "0xless\/CVE-2022-44900-demo-lab",
"owner": {
"login": "0xless",
"id": 78535423,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78535423?v=4",
"html_url": "https:\/\/github.com\/0xless"
},
"html_url": "https:\/\/github.com\/0xless\/CVE-2022-44900-demo-lab",
"description": "Demo webapp vulnerable to CVE-2022-44900",
"fork": false,
"created_at": "2023-01-21T14:52:59Z",
"updated_at": "2023-01-21T14:53:53Z",
"pushed_at": "2023-01-21T15:17:49Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

2
2022/CVE-2022-46689.json
View file

@ -221,7 +221,7 @@
"description": "CVE-2022-46689",
"fork": false,
"created_at": "2023-01-05T21:50:25Z",
"updated_at": "2023-01-21T12:17:20Z",
"updated_at": "2023-01-21T17:20:43Z",
"pushed_at": "2023-01-21T07:09:05Z",
"stargazers_count": 107,
"watchers_count": 107,

8
2022/CVE-2022-47966.json
View file

@ -13,10 +13,10 @@
"description": "POC for CVE-2022-47966 affecting multiple ManageEngine products",
"fork": false,
"created_at": "2023-01-17T21:26:28Z",
"updated_at": "2023-01-21T09:54:44Z",
"updated_at": "2023-01-21T18:15:49Z",
"pushed_at": "2023-01-19T13:10:07Z",
"stargazers_count": 55,
"watchers_count": 55,
"stargazers_count": 57,
"watchers_count": 57,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 16,
"watchers": 55,
"watchers": 57,
"score": 0
},
{

14
2023/CVE-2023-0179.json
View file

@ -13,19 +13,19 @@
"description": null,
"fork": false,
"created_at": "2023-01-21T01:02:01Z",
"updated_at": "2023-01-21T11:10:05Z",
"pushed_at": "2023-01-21T01:09:11Z",
"stargazers_count": 7,
"watchers_count": 7,
"updated_at": "2023-01-21T18:09:48Z",
"pushed_at": "2023-01-21T14:23:42Z",
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 7,
"forks": 2,
"watchers": 10,
"score": 0
}
]

31
2023/CVE-2023-22809.json Normal file
View file

@ -0,0 +1,31 @@
[
{
"id": 591696201,
"name": "CVE-2023-22809-sudoedit-privesc",
"full_name": "n3m1dotsys\/CVE-2023-22809-sudoedit-privesc",
"owner": {
"login": "n3m1dotsys",
"id": 30940342,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30940342?v=4",
"html_url": "https:\/\/github.com\/n3m1dotsys"
},
"html_url": "https:\/\/github.com\/n3m1dotsys\/CVE-2023-22809-sudoedit-privesc",
"description": "A script to automate privilege escalation with CVE-2023-22809 vulnerability",
"fork": false,
"created_at": "2023-01-21T15:19:23Z",
"updated_at": "2023-01-21T15:52:37Z",
"pushed_at": "2023-01-21T15:25:38Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0
}
]

24
README.md
View file

@ -20,6 +20,14 @@ Windows Backup Service Elevation of Privilege Vulnerability.
- [Wh04m1001/CVE-2023-21752](https://github.com/Wh04m1001/CVE-2023-21752)
### CVE-2023-22809 (2023-01-18)
<code>
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a &quot;--&quot; argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
</code>
- [n3m1dotsys/CVE-2023-22809-sudoedit-privesc](https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc)
### CVE-2023-23161
- [rahulpatwari/CVE-2023-23161](https://github.com/rahulpatwari/CVE-2023-23161)
@ -5086,6 +5094,14 @@ login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.
- [numanturle/CVE-2022-44877](https://github.com/numanturle/CVE-2022-44877)
- [komomon/CVE-2022-44877-RCE](https://github.com/komomon/CVE-2022-44877-RCE)
### CVE-2022-44900 (2022-12-06)
<code>
A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file.
</code>
- [0xless/CVE-2022-44900-demo-lab](https://github.com/0xless/CVE-2022-44900-demo-lab)
### CVE-2022-45025 (2022-12-06)
<code>
@ -6694,6 +6710,14 @@ A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the me
- [pauljrowland/BootHoleFix](https://github.com/pauljrowland/BootHoleFix)
### CVE-2021-20294 (2021-04-29)
<code>
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.
</code>
- [tin-z/CVE-2021-20294-POC](https://github.com/tin-z/CVE-2021-20294-POC)
### CVE-2021-20323 (2022-03-25)
<code>