mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2025/01/13 18:33:09

Browse source
This commit is contained in:
motikan2010-bot 2025-01-14 03:33:09 +09:00
parent a68d6b8f4a
commit 8411bc01c9
67 changed files with 364 additions and 328 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2014/CVE-2014-0160.json
View file

@ -953,13 +953,13 @@
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 4,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"forks": 1,
"watchers": 3,
"score": 0,
"subscribers_count": 5

2
2014/CVE-2014-3566.json
View file

@ -182,7 +182,7 @@
"fork": false,
"created_at": "2024-11-14T04:35:59Z",
"updated_at": "2025-01-05T15:26:10Z",
"pushed_at": "2025-01-13T05:14:03Z",
"pushed_at": "2025-01-13T17:07:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2018/CVE-2018-6242.json
View file

@ -14,10 +14,10 @@
"description": "My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)",
"fork": false,
"created_at": "2018-04-28T11:50:00Z",
"updated_at": "2024-12-28T22:48:00Z",
"updated_at": "2025-01-13T15:46:09Z",
"pushed_at": "2022-12-11T10:44:39Z",
"stargazers_count": 527,
"watchers_count": 527,
"stargazers_count": 528,
"watchers_count": 528,
"has_discussions": false,
"forks_count": 55,
"allow_forking": true,
@ -33,7 +33,7 @@
],
"visibility": "public",
"forks": 55,
"watchers": 527,
"watchers": 528,
"score": 0,
"subscribers_count": 55
},

8
2021/CVE-2021-1675.json
View file

@ -45,10 +45,10 @@
"description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527",
"fork": false,
"created_at": "2021-06-29T17:24:14Z",
"updated_at": "2025-01-09T16:05:31Z",
"updated_at": "2025-01-13T17:20:01Z",
"pushed_at": "2021-07-20T15:28:13Z",
"stargazers_count": 1854,
"watchers_count": 1854,
"stargazers_count": 1855,
"watchers_count": 1855,
"has_discussions": false,
"forks_count": 585,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 585,
"watchers": 1854,
"watchers": 1855,
"score": 0,
"subscribers_count": 43
},

8
2021/CVE-2021-29442.json
View file

@ -45,10 +45,10 @@
"description": "Nacos Derby命令执行漏洞利用脚本",
"fork": false,
"created_at": "2024-11-22T01:32:37Z",
"updated_at": "2024-12-08T18:37:41Z",
"updated_at": "2025-01-13T18:17:52Z",
"pushed_at": "2024-11-22T01:33:26Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
}

62
2021/CVE-2021-30955.json
View file

@ -154,37 +154,6 @@
"score": 0,
"subscribers_count": 3
},
{
"id": 470172833,
"name": "desc_race",
"full_name": "Dylbin\/desc_race",
"owner": {
"login": "Dylbin",
"id": 94767639,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94767639?v=4",
"html_url": "https:\/\/github.com\/Dylbin",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Dylbin\/desc_race",
"description": "desc_race exploit for iOS 15.0 - 15.1.1 (with stable kernel r\/w primitives) (CVE-2021-30955) ",
"fork": false,
"created_at": "2022-03-15T13:30:38Z",
"updated_at": "2024-05-27T20:46:33Z",
"pushed_at": "2022-04-15T21:22:07Z",
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 10,
"score": 0,
"subscribers_count": 1
},
{
"id": 471360094,
"name": "Pentagram-exploit-tester",
@ -219,5 +188,36 @@
"watchers": 18,
"score": 0,
"subscribers_count": 1
},
{
"id": 473545777,
"name": "desc_race-1",
"full_name": "st-rnd\/desc_race-1",
"owner": {
"login": "st-rnd",
"id": 42543506,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42543506?v=4",
"html_url": "https:\/\/github.com\/st-rnd",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/st-rnd\/desc_race-1",
"description": "desc_race exploit for iOS 15.0 - 15.1.1 (with stable kernel r\/w primitives) (CVE-2021-30955) ",
"fork": false,
"created_at": "2022-03-24T09:52:34Z",
"updated_at": "2022-03-15T14:08:51Z",
"pushed_at": "2022-03-15T13:51:44Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2021/CVE-2021-39433.json
View file

@ -14,10 +14,10 @@
"description": "BIQS IT Biqs-drive v1.83",
"fork": false,
"created_at": "2021-10-04T19:02:35Z",
"updated_at": "2022-12-10T12:13:04Z",
"updated_at": "2025-01-13T15:27:11Z",
"pushed_at": "2021-10-04T19:02:53Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 6,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}

31
2021/CVE-2021-4034.json
View file

@ -2405,37 +2405,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 453080818,
"name": "CVE-2021-4034",
"full_name": "Sakura-nee\/CVE-2021-4034",
"owner": {
"login": "Sakura-nee",
"id": 74785477,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74785477?v=4",
"html_url": "https:\/\/github.com\/Sakura-nee",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Sakura-nee\/CVE-2021-4034",
"description": "CVE-2021-4034",
"fork": false,
"created_at": "2022-01-28T13:38:24Z",
"updated_at": "2022-01-28T13:42:53Z",
"pushed_at": "2022-06-02T21:17:34Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 453085145,
"name": "pwnkit",

16
2021/CVE-2021-44228.json
View file

@ -935,10 +935,10 @@
"description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ",
"fork": false,
"created_at": "2021-12-10T23:19:28Z",
"updated_at": "2025-01-12T10:31:59Z",
"updated_at": "2025-01-13T14:46:25Z",
"pushed_at": "2024-02-12T22:37:25Z",
"stargazers_count": 1814,
"watchers_count": 1814,
"stargazers_count": 1815,
"watchers_count": 1815,
"has_discussions": false,
"forks_count": 530,
"allow_forking": true,
@ -952,7 +952,7 @@
],
"visibility": "public",
"forks": 530,
"watchers": 1814,
"watchers": 1815,
"score": 0,
"subscribers_count": 26
},
@ -11350,10 +11350,10 @@
"description": "Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection.",
"fork": false,
"created_at": "2022-05-09T15:02:29Z",
"updated_at": "2024-07-16T09:47:08Z",
"updated_at": "2025-01-13T16:29:11Z",
"pushed_at": "2022-05-26T03:18:31Z",
"stargazers_count": 21,
"watchers_count": 21,
"stargazers_count": 22,
"watchers_count": 22,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -11369,7 +11369,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 21,
"watchers": 22,
"score": 0,
"subscribers_count": 1
},

31
2021/CVE-2021-46068.json
View file

@ -29,5 +29,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 448062357,
"name": "CVE-2021-46068",
"full_name": "plsanu\/CVE-2021-46068",
"owner": {
"login": "plsanu",
"id": 61007700,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4",
"html_url": "https:\/\/github.com\/plsanu",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46068",
"description": "CVE-2021-46068 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.",
"fork": false,
"created_at": "2022-01-14T18:04:01Z",
"updated_at": "2023-12-30T08:24:13Z",
"pushed_at": "2022-01-14T19:34:08Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

8
2022/CVE-2022-1388.json
View file

@ -2102,10 +2102,10 @@
"description": "CVE-2022-1388 是一个影响 F5 BIG-IP 应用交付控制器ADC的严重漏洞。以下是对其原理和危害的详细介绍",
"fork": false,
"created_at": "2024-11-23T05:39:26Z",
"updated_at": "2024-12-08T18:36:57Z",
"updated_at": "2025-01-13T18:17:27Z",
"pushed_at": "2024-11-23T05:41:08Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -2118,7 +2118,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2022/CVE-2022-26134.json
View file

@ -2176,10 +2176,10 @@
"description": "CVE-2022-26134 是一个影响 Atlassian Confluence Server 和 Data Center 的 远程代码执行漏洞RCE其成因是服务器处理 OGNL 表达式时未能正确过滤输入,从而允许攻击者以特权账户权限执行任意代码。",
"fork": false,
"created_at": "2024-11-23T05:35:59Z",
"updated_at": "2024-12-08T18:36:58Z",
"updated_at": "2025-01-13T18:17:27Z",
"pushed_at": "2024-11-23T05:38:10Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -2192,7 +2192,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2022/CVE-2022-34169.json
View file

@ -45,10 +45,10 @@
"description": "cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具可根据不同的Jdk生成出其所对应的xslt文件",
"fork": false,
"created_at": "2023-01-17T03:48:11Z",
"updated_at": "2024-11-26T12:57:54Z",
"updated_at": "2025-01-13T16:25:18Z",
"pushed_at": "2023-01-17T12:27:08Z",
"stargazers_count": 88,
"watchers_count": 88,
"stargazers_count": 89,
"watchers_count": 89,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 88,
"watchers": 89,
"score": 0,
"subscribers_count": 1
}

8
2022/CVE-2022-47966.json
View file

@ -14,10 +14,10 @@
"description": "POC for CVE-2022-47966 affecting multiple ManageEngine products",
"fork": false,
"created_at": "2023-01-17T21:26:28Z",
"updated_at": "2024-12-29T04:36:41Z",
"updated_at": "2025-01-13T16:48:12Z",
"pushed_at": "2023-01-19T13:10:07Z",
"stargazers_count": 125,
"watchers_count": 125,
"stargazers_count": 126,
"watchers_count": 126,
"has_discussions": false,
"forks_count": 32,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 32,
"watchers": 125,
"watchers": 126,
"score": 0,
"subscribers_count": 4
},

8
2023/CVE-2023-20198.json
View file

@ -798,10 +798,10 @@
"description": "CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户从而完全控制设备。",
"fork": false,
"created_at": "2024-11-22T04:10:28Z",
"updated_at": "2024-12-10T03:08:29Z",
"updated_at": "2025-01-13T18:17:50Z",
"pushed_at": "2024-11-22T04:12:11Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -810,7 +810,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 2
}

8
2023/CVE-2023-34468.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi",
"fork": false,
"created_at": "2023-11-25T12:21:48Z",
"updated_at": "2023-11-29T07:01:37Z",
"updated_at": "2025-01-13T12:31:40Z",
"pushed_at": "2023-12-01T10:46:02Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -33,7 +33,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-3519.json
View file

@ -14,10 +14,10 @@
"description": "Citrix Scanner for CVE-2023-3519",
"fork": false,
"created_at": "2023-07-20T13:16:38Z",
"updated_at": "2024-10-04T10:12:49Z",
"updated_at": "2025-01-13T17:05:29Z",
"pushed_at": "2023-07-24T11:49:37Z",
"stargazers_count": 48,
"watchers_count": 48,
"stargazers_count": 49,
"watchers_count": 49,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 7,
"watchers": 48,
"watchers": 49,
"score": 0,
"subscribers_count": 4
},

8
2023/CVE-2023-38646.json
View file

@ -1145,10 +1145,10 @@
"description": "CVE-2023-38646是Metabase中的一个远程代码执行漏洞。该漏洞源于Metabase在处理未经身份验证的API端点\/api\/setup\/validate时对JDBC连接字符串的处理存在安全缺陷。攻击者可以通过构造特定的JDBC连接字符串利用该端点在服务器上执行任意命令而无需进行身份验证。",
"fork": false,
"created_at": "2024-11-22T04:15:25Z",
"updated_at": "2025-01-12T18:32:12Z",
"updated_at": "2025-01-13T18:17:49Z",
"pushed_at": "2024-11-22T04:18:53Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1157,7 +1157,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},

4
2023/CVE-2023-38709.json
View file

@ -19,7 +19,7 @@
"stargazers_count": 65,
"watchers_count": 65,
"has_discussions": false,
"forks_count": 12,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -36,7 +36,7 @@
"cve-2024-39573"
],
"visibility": "public",
"forks": 12,
"forks": 13,
"watchers": 65,
"score": 0,
"subscribers_count": 1

8
2023/CVE-2023-44976.json
View file

@ -14,10 +14,10 @@
"description": "A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering them ineffective, working for both x32 and x64(CVE-2023-44976).",
"fork": false,
"created_at": "2023-10-01T18:24:38Z",
"updated_at": "2025-01-05T12:06:15Z",
"updated_at": "2025-01-13T16:43:49Z",
"pushed_at": "2024-12-26T13:43:18Z",
"stargazers_count": 91,
"watchers_count": 91,
"stargazers_count": 92,
"watchers_count": 92,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 91,
"watchers": 92,
"score": 0,
"subscribers_count": 2
}

8
2023/CVE-2023-47246.json
View file

@ -113,10 +113,10 @@
"description": "CVE-2023-47246 是 SysAid On-Premise 软件(版本 23.3.36 之前)中的一个路径遍历漏洞。攻击者可以利用该漏洞将文件写入 Tomcat 的 webroot 目录,从而在服务器上执行任意代码。",
"fork": false,
"created_at": "2024-11-23T05:21:22Z",
"updated_at": "2024-12-08T18:36:59Z",
"updated_at": "2025-01-13T18:17:27Z",
"pushed_at": "2024-11-23T05:24:07Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -129,7 +129,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-0012.json
View file

@ -169,10 +169,10 @@
"description": "CVE-2024-0012是Palo Alto Networks PAN-OS软件中的一个身份验证绕过漏洞。该漏洞允许未经身份验证的攻击者通过网络访问管理Web界面获取PAN-OS管理员权限从而执行管理操作、篡改配置或利用其他需要身份验证的特权提升漏洞如CVE-2024-9474 ",
"fork": false,
"created_at": "2024-11-22T14:11:56Z",
"updated_at": "2024-12-08T18:37:20Z",
"updated_at": "2025-01-13T18:17:29Z",
"pushed_at": "2024-11-22T14:37:04Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -181,7 +181,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-10220.json
View file

@ -76,10 +76,10 @@
"description": "CVE-2024-10220 Test repo",
"fork": false,
"created_at": "2024-12-01T05:15:25Z",
"updated_at": "2024-12-08T18:31:58Z",
"updated_at": "2025-01-13T18:16:22Z",
"pushed_at": "2024-12-01T05:18:39Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-1086.json
View file

@ -14,10 +14,10 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2025-01-12T05:23:21Z",
"updated_at": "2025-01-13T15:34:14Z",
"pushed_at": "2024-04-17T16:09:54Z",
"stargazers_count": 2328,
"watchers_count": 2328,
"stargazers_count": 2329,
"watchers_count": 2329,
"has_discussions": false,
"forks_count": 302,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 302,
"watchers": 2328,
"watchers": 2329,
"score": 0,
"subscribers_count": 27
},

8
2024/CVE-2024-11972.json
View file

@ -14,10 +14,10 @@
"description": "Exploit for CVE-2024-11972, Hunk Companion < 1.9.0 Unauthenticated Plugin Installation",
"fork": false,
"created_at": "2024-12-15T23:54:15Z",
"updated_at": "2024-12-28T16:44:18Z",
"updated_at": "2025-01-13T16:55:26Z",
"pushed_at": "2024-12-28T16:44:15Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-1709.json
View file

@ -14,10 +14,10 @@
"description": "ScreenConnect AuthBypass(cve-2024-1709) --> RCE!!!",
"fork": false,
"created_at": "2024-02-21T09:42:04Z",
"updated_at": "2024-11-21T14:01:57Z",
"updated_at": "2025-01-13T13:31:43Z",
"pushed_at": "2024-07-16T09:26:55Z",
"stargazers_count": 94,
"watchers_count": 94,
"stargazers_count": 95,
"watchers_count": 95,
"has_discussions": false,
"forks_count": 26,
"allow_forking": true,
@ -35,7 +35,7 @@
],
"visibility": "public",
"forks": 26,
"watchers": 94,
"watchers": 95,
"score": 0,
"subscribers_count": 4
},

8
2024/CVE-2024-21534.json
View file

@ -45,10 +45,10 @@
"description": "jsonpath-plus 包(版本 <=10.0.7存在严重的远程代码执行RCE漏洞允许攻击者通过 Node.js 的 VM 模块执行任意代码。该漏洞由于输入验证不严格导致,影响版本为 10.0.7 以下CVSS 分数为 9.8(极其严重)。漏洞首次公开于 2024 年 10 月 11 日。",
"fork": false,
"created_at": "2024-11-23T05:54:24Z",
"updated_at": "2024-12-08T18:36:54Z",
"updated_at": "2025-01-13T18:17:27Z",
"pushed_at": "2024-11-23T05:57:35Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -61,7 +61,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-21683.json
View file

@ -173,10 +173,10 @@
"description": "CVE-2024-21683 Confluence Post Auth RCE",
"fork": false,
"created_at": "2024-11-29T13:27:37Z",
"updated_at": "2024-12-08T18:32:02Z",
"updated_at": "2025-01-13T18:16:26Z",
"pushed_at": "2024-11-29T13:33:23Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -185,7 +185,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-21762.json
View file

@ -200,10 +200,10 @@
"description": "CVE-2024-21762 是 Fortinet 公司的 FortiOS 和 FortiProxy 产品中的一个严重漏洞,存在于其 SSL VPN 组件中。",
"fork": false,
"created_at": "2024-11-24T07:20:45Z",
"updated_at": "2025-01-07T16:51:27Z",
"updated_at": "2025-01-13T18:17:24Z",
"pushed_at": "2024-11-24T08:07:19Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -212,7 +212,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
}

16
2024/CVE-2024-23113.json
View file

@ -169,10 +169,10 @@
"description": "CVE-2024-23113 是一个严重的安全漏洞,影响 Fortinet 的多款产品,包括 FortiOS、FortiProxy、FortiPAM 和 FortiSwitchManager。该漏洞允许未经身份验证的远程攻击者通过特制的请求在受影响的设备上执行任意代码或命令可能导致系统被完全控制。",
"fork": false,
"created_at": "2024-11-22T01:46:58Z",
"updated_at": "2024-12-08T18:37:40Z",
"updated_at": "2025-01-13T18:17:50Z",
"pushed_at": "2024-11-22T01:53:45Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -186,7 +186,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
@ -205,10 +205,10 @@
"description": "CVE-2024-23113 是一个在 Linux Kernel 中被发现的漏洞,它属于 任意代码执行漏洞,影响了 bpf (Berkeley Packet Filter) 子系统。具体来说,这个漏洞影响了 bpf 程序的 bpf_prog 类型的对象,并且可以允许攻击者通过构造恶意的 BPF 程序来在内核空间执行恶意代码。",
"fork": false,
"created_at": "2024-11-28T06:30:02Z",
"updated_at": "2024-12-08T18:32:09Z",
"updated_at": "2025-01-13T18:16:41Z",
"pushed_at": "2024-11-28T06:35:22Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -217,7 +217,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-23692.json
View file

@ -329,10 +329,10 @@
"description": "CVE-2024-23692 是影响 Rejetto HTTP File ServerHFS2.3m 及之前版本的模板注入漏洞。该漏洞允许远程未授权的攻击者通过发送特制的 HTTP 请求,在受影响的系统上执行任意命令。",
"fork": false,
"created_at": "2024-11-23T03:59:13Z",
"updated_at": "2025-01-12T18:32:20Z",
"updated_at": "2025-01-13T18:17:27Z",
"pushed_at": "2024-11-23T04:00:55Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -341,7 +341,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},

4
2024/CVE-2024-23897.json
View file

@ -610,8 +610,8 @@
"description": "POC for CVE-2024-23897 Jenkins File-Read ",
"fork": false,
"created_at": "2024-02-16T07:16:04Z",
"updated_at": "2025-01-05T07:57:38Z",
"pushed_at": "2024-02-17T16:39:19Z",
"updated_at": "2025-01-13T15:00:23Z",
"pushed_at": "2025-01-13T15:00:21Z",
"stargazers_count": 21,
"watchers_count": 21,
"has_discussions": false,

8
2024/CVE-2024-25641.json
View file

@ -155,10 +155,10 @@
"description": "PoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26",
"fork": false,
"created_at": "2024-11-22T14:05:37Z",
"updated_at": "2024-12-08T18:37:24Z",
"updated_at": "2025-01-13T18:17:48Z",
"pushed_at": "2024-11-22T14:09:15Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -167,7 +167,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-27130.json
View file

@ -76,10 +76,10 @@
"description": "CVE-2024-27130是影响QNAP网络附加存储NAS设备的一个严重漏洞。该漏洞源于QTS操作系统中share.cgi脚本的No_Support_ACL函数中不安全地使用strcpy函数导致堆栈缓冲区溢出。攻击者可以利用此漏洞通过精心构造的请求在目标系统上执行任意代码进而完全控制受影响的设备。 ",
"fork": false,
"created_at": "2024-11-22T14:18:08Z",
"updated_at": "2024-12-08T18:37:22Z",
"updated_at": "2025-01-13T18:17:47Z",
"pushed_at": "2024-11-22T14:20:28Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-3094.json
View file

@ -1856,10 +1856,10 @@
"description": "CVE-2024-3094 (XZ Backdoor) Tools",
"fork": false,
"created_at": "2024-12-01T05:22:08Z",
"updated_at": "2024-12-20T17:22:03Z",
"updated_at": "2025-01-13T18:16:22Z",
"pushed_at": "2024-12-01T05:30:15Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -1868,7 +1868,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-32002.json
View file

@ -1969,10 +1969,10 @@
"description": "CVE-2024-32002 是 Git 中的一个严重漏洞,允许攻击者在用户执行 git clone 操作时远程执行任意代码RCE。",
"fork": false,
"created_at": "2024-11-23T04:06:33Z",
"updated_at": "2024-12-08T18:37:03Z",
"updated_at": "2025-01-13T18:17:28Z",
"pushed_at": "2024-11-23T04:07:03Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -1981,7 +1981,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-3400.json
View file

@ -1176,10 +1176,10 @@
"description": "CVE-2024-3400的攻击脚本",
"fork": false,
"created_at": "2025-01-10T02:20:26Z",
"updated_at": "2025-01-12T18:36:58Z",
"updated_at": "2025-01-13T18:15:02Z",
"pushed_at": "2025-01-10T02:22:27Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1188,7 +1188,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}

31
2024/CVE-2024-35250.json
View file

@ -95,5 +95,36 @@
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
{
"id": 916248338,
"name": "GiveMeKernel",
"full_name": "Brentlyw\/GiveMeKernel",
"owner": {
"login": "Brentlyw",
"id": 104942265,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104942265?v=4",
"html_url": "https:\/\/github.com\/Brentlyw",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Brentlyw\/GiveMeKernel",
"description": "CVE-2024-35250 PoC - Optimized & Condensed Form of Varwara's PoC",
"fork": false,
"created_at": "2025-01-13T18:24:48Z",
"updated_at": "2025-01-13T18:25:14Z",
"pushed_at": "2025-01-13T18:25:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-36401.json
View file

@ -455,10 +455,10 @@
"description": "CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理: 该漏洞源于GeoServer在处理属性名称时将其不安全地解析为XPath表达式。具体而言GeoServer调用的GeoTools库API在评估要素类型的属性名称时以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码攻击者可以通过构造特定的输入利用多个OGC请求参数如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等在未经身份验证的情况下远程执行任意代码。 ",
"fork": false,
"created_at": "2024-11-22T14:21:53Z",
"updated_at": "2024-12-08T18:37:21Z",
"updated_at": "2025-01-13T18:17:29Z",
"pushed_at": "2024-11-22T14:22:57Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -467,7 +467,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-37084.json
View file

@ -138,10 +138,10 @@
"description": "CVE-2024-37084是Spring Cloud Data Flow中的一个高危漏洞影响版本为2.11.0至2.11.3。该漏洞允许具有Skipper服务器API访问权限的攻击者通过精心构造的上传请求将任意文件写入服务器文件系统的任意位置进而可能导致远程代码执行严重威胁服务器安全。",
"fork": false,
"created_at": "2024-11-22T13:53:42Z",
"updated_at": "2024-12-08T18:37:26Z",
"updated_at": "2025-01-13T18:17:48Z",
"pushed_at": "2024-11-22T14:02:35Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -155,7 +155,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

4
2024/CVE-2024-38063.json
View file

@ -270,13 +270,13 @@
"stargazers_count": 642,
"watchers_count": 642,
"has_discussions": false,
"forks_count": 115,
"forks_count": 116,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 115,
"forks": 116,
"watchers": 642,
"score": 0,
"subscribers_count": 5

4
2024/CVE-2024-38472.json
View file

@ -50,7 +50,7 @@
"stargazers_count": 65,
"watchers_count": 65,
"has_discussions": false,
"forks_count": 12,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -67,7 +67,7 @@
"cve-2024-39573"
],
"visibility": "public",
"forks": 12,
"forks": 13,
"watchers": 65,
"score": 0,
"subscribers_count": 1

8
2024/CVE-2024-38856.json
View file

@ -208,10 +208,10 @@
"description": "CVE-2024-38856 是 Apache OFBiz 中的一个严重漏洞,允许未经身份验证的攻击者在受影响的系统上执行任意代码。 ",
"fork": false,
"created_at": "2024-11-23T03:54:28Z",
"updated_at": "2024-12-08T18:37:06Z",
"updated_at": "2025-01-13T18:17:29Z",
"pushed_at": "2024-11-23T03:57:02Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -220,7 +220,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

16
2024/CVE-2024-40711.json
View file

@ -45,10 +45,10 @@
"description": "CVE-2024-40711-exp",
"fork": false,
"created_at": "2024-10-16T05:02:27Z",
"updated_at": "2024-12-17T10:12:05Z",
"updated_at": "2025-01-13T13:24:01Z",
"pushed_at": "2024-10-17T01:06:42Z",
"stargazers_count": 37,
"watchers_count": 37,
"stargazers_count": 38,
"watchers_count": 38,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 37,
"watchers": 38,
"score": 0,
"subscribers_count": 1
},
@ -76,10 +76,10 @@
"description": "CVE-2024-40711 是 Veeam Backup & Replication 软件中的一个严重漏洞,允许未经身份验证的攻击者远程执行代码。 ",
"fork": false,
"created_at": "2024-11-23T04:02:34Z",
"updated_at": "2024-12-08T18:37:03Z",
"updated_at": "2025-01-13T18:17:28Z",
"pushed_at": "2024-11-23T04:02:59Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-4358.json
View file

@ -14,10 +14,10 @@
"description": "Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358\/CVE-2024-1800)",
"fork": false,
"created_at": "2024-06-03T08:22:10Z",
"updated_at": "2024-12-05T18:13:45Z",
"updated_at": "2025-01-13T17:23:41Z",
"pushed_at": "2024-06-06T16:18:08Z",
"stargazers_count": 74,
"watchers_count": 74,
"stargazers_count": 75,
"watchers_count": 75,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 16,
"watchers": 74,
"watchers": 75,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-45436.json
View file

@ -45,10 +45,10 @@
"description": "This repository contains an exploit demonstration for CVE-2024-45436, a critical vulnerability affecting specific software versions. It highlights the exploitation mechanism and provides insights for security researchers to understand and mitigate the risk. ",
"fork": false,
"created_at": "2024-11-21T09:03:21Z",
"updated_at": "2024-12-08T18:37:47Z",
"updated_at": "2025-01-13T18:17:53Z",
"pushed_at": "2024-11-21T09:08:28Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -62,7 +62,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

16
2024/CVE-2024-45519.json
View file

@ -45,10 +45,10 @@
"description": "Zimbra - Remote Command Execution (CVE-2024-45519)",
"fork": false,
"created_at": "2024-10-05T00:15:18Z",
"updated_at": "2025-01-07T09:54:13Z",
"updated_at": "2025-01-13T13:28:50Z",
"pushed_at": "2024-11-05T10:10:40Z",
"stargazers_count": 119,
"watchers_count": 119,
"stargazers_count": 120,
"watchers_count": 120,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 119,
"watchers": 120,
"score": 0,
"subscribers_count": 3
},
@ -107,10 +107,10 @@
"description": "CVE-2024-45519是Zimbra CollaborationZCS中的一个高危漏洞存在于其postjournal服务中。当该服务被启用时未经身份验证的攻击者可以通过构造特定的SMTP请求远程执行任意命令从而完全控制受影响的服务器。",
"fork": false,
"created_at": "2024-11-22T01:56:21Z",
"updated_at": "2024-12-08T18:37:39Z",
"updated_at": "2025-01-13T18:17:51Z",
"pushed_at": "2024-11-22T02:00:35Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -124,7 +124,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-47575.json
View file

@ -107,10 +107,10 @@
"description": "CVE-2024-47575是Fortinet的FortiManager和FortiManager Cloud产品中的一个严重漏洞源于fgfmsd守护进程缺乏对关键功能的身份验证。",
"fork": false,
"created_at": "2024-11-22T03:13:03Z",
"updated_at": "2024-12-11T05:22:35Z",
"updated_at": "2025-01-13T18:17:50Z",
"pushed_at": "2024-11-22T03:17:57Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-49113.json
View file

@ -14,10 +14,10 @@
"description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113",
"fork": false,
"created_at": "2025-01-01T15:48:38Z",
"updated_at": "2025-01-13T10:22:25Z",
"updated_at": "2025-01-13T13:37:39Z",
"pushed_at": "2025-01-02T16:07:23Z",
"stargazers_count": 437,
"watchers_count": 437,
"stargazers_count": 438,
"watchers_count": 438,
"has_discussions": false,
"forks_count": 103,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 103,
"watchers": 437,
"watchers": 438,
"score": 0,
"subscribers_count": 3
},

8
2024/CVE-2024-4956.json
View file

@ -538,10 +538,10 @@
"description": "CVE-2024-4956 Python exploitation utility",
"fork": false,
"created_at": "2024-12-12T04:05:10Z",
"updated_at": "2024-12-13T22:26:06Z",
"updated_at": "2025-01-13T18:15:54Z",
"pushed_at": "2024-12-12T04:07:35Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -550,7 +550,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

16
2024/CVE-2024-50379.json
View file

@ -107,10 +107,10 @@
"description": "Apache TomcatCVE-2024-50379条件竞争致远程代码执行漏洞批量检测脚本",
"fork": false,
"created_at": "2024-12-20T05:24:10Z",
"updated_at": "2024-12-31T04:22:20Z",
"updated_at": "2025-01-13T14:22:11Z",
"pushed_at": "2024-12-20T05:41:23Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 2
},
@ -262,10 +262,10 @@
"description": "CVE-2024-50379-exp",
"fork": false,
"created_at": "2024-12-25T02:41:31Z",
"updated_at": "2025-01-13T01:24:50Z",
"updated_at": "2025-01-13T14:24:53Z",
"pushed_at": "2024-12-31T07:11:13Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -274,7 +274,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-50404.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-50404",
"fork": false,
"created_at": "2025-01-13T09:47:03Z",
"updated_at": "2025-01-13T10:15:15Z",
"updated_at": "2025-01-13T13:51:03Z",
"pushed_at": "2025-01-13T10:15:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

8
2024/CVE-2024-50603.json
View file

@ -45,10 +45,10 @@
"description": "CVE-2024-50603: Aviatrix Controller Unauthenticated Command Injection",
"fork": false,
"created_at": "2025-01-12T11:20:21Z",
"updated_at": "2025-01-13T10:07:24Z",
"updated_at": "2025-01-13T16:47:29Z",
"pushed_at": "2025-01-12T16:35:36Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 5,
"watchers": 7,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-5124.json
View file

@ -45,10 +45,10 @@
"description": "CVE-2024-5124 poc",
"fork": false,
"created_at": "2024-12-03T03:18:48Z",
"updated_at": "2025-01-08T16:41:20Z",
"updated_at": "2025-01-13T18:16:21Z",
"pushed_at": "2024-12-03T04:01:32Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-51567.json
View file

@ -79,10 +79,10 @@
"description": "CVE-2024-51567 is a Python PoC exploit targeting an RCE vulnerability in CyberPanel v2.3.6s upgrademysqlstatus endpoint, bypassing CSRF protections.",
"fork": false,
"created_at": "2024-11-26T02:18:24Z",
"updated_at": "2024-12-08T18:32:12Z",
"updated_at": "2025-01-13T18:16:45Z",
"pushed_at": "2024-11-26T02:21:21Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -91,7 +91,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-53677.json
View file

@ -138,10 +138,10 @@
"description": "A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.",
"fork": false,
"created_at": "2024-12-18T02:03:56Z",
"updated_at": "2024-12-24T04:04:41Z",
"updated_at": "2025-01-13T18:15:05Z",
"pushed_at": "2024-12-18T02:08:09Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -150,7 +150,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 2
},

8
2024/CVE-2024-53691.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-53691",
"fork": false,
"created_at": "2025-01-13T10:07:25Z",
"updated_at": "2025-01-13T10:17:01Z",
"updated_at": "2025-01-13T13:49:31Z",
"pushed_at": "2025-01-13T10:16:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

12
2024/CVE-2024-54498.json
View file

@ -14,19 +14,19 @@
"description": "Escape macOS Sandbox using sharedfilelistd exploit",
"fork": false,
"created_at": "2025-01-08T09:55:44Z",
"updated_at": "2025-01-13T08:23:43Z",
"updated_at": "2025-01-13T18:15:27Z",
"pushed_at": "2025-01-09T06:34:50Z",
"stargazers_count": 29,
"watchers_count": 29,
"stargazers_count": 31,
"watchers_count": 31,
"has_discussions": false,
"forks_count": 4,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 29,
"forks": 5,
"watchers": 31,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-5452.json
View file

@ -14,10 +14,10 @@
"description": "此漏洞的根本原因是**深度差异库deepdiff**在反序列化用户输入时未正确处理双下划线dunder属性。 PyTorch Lightning 使用 deepdiff.Delta 对象根据前端操作修改应用状态,设计目标是仅允许特定状态变量的修改。",
"fork": false,
"created_at": "2024-11-22T06:56:12Z",
"updated_at": "2024-12-08T18:37:31Z",
"updated_at": "2025-01-13T18:17:48Z",
"pushed_at": "2024-11-22T06:56:32Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

4
2024/CVE-2024-56145.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 37,
"watchers_count": 37,
"has_discussions": false,
"forks_count": 9,
"forks_count": 10,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 9,
"forks": 10,
"watchers": 37,
"score": 0,
"subscribers_count": 2

16
2024/CVE-2024-6387.json
View file

@ -269,10 +269,10 @@
"description": "CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH",
"fork": false,
"created_at": "2024-07-01T20:33:20Z",
"updated_at": "2025-01-12T15:28:21Z",
"updated_at": "2025-01-13T14:14:28Z",
"pushed_at": "2024-09-24T19:18:56Z",
"stargazers_count": 463,
"watchers_count": 463,
"stargazers_count": 464,
"watchers_count": 464,
"has_discussions": false,
"forks_count": 91,
"allow_forking": true,
@ -287,7 +287,7 @@
],
"visibility": "public",
"forks": 91,
"watchers": 463,
"watchers": 464,
"score": 0,
"subscribers_count": 7
},
@ -2180,10 +2180,10 @@
"description": "Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)",
"fork": false,
"created_at": "2024-07-08T11:27:49Z",
"updated_at": "2025-01-08T22:15:30Z",
"updated_at": "2025-01-13T14:30:19Z",
"pushed_at": "2024-08-22T08:50:25Z",
"stargazers_count": 73,
"watchers_count": 73,
"stargazers_count": 74,
"watchers_count": 74,
"has_discussions": false,
"forks_count": 31,
"allow_forking": true,
@ -2192,7 +2192,7 @@
"topics": [],
"visibility": "public",
"forks": 31,
"watchers": 73,
"watchers": 74,
"score": 0,
"subscribers_count": 3
},

8
2024/CVE-2024-7965.json
View file

@ -45,10 +45,10 @@
"description": "CVE-2024-7965是Google Chrome浏览器中V8 JavaScript引擎的一个高危漏洞。该漏洞源于V8引擎在处理特定JavaScript代码时实现不当导致堆内存损坏。攻击者可通过诱导用户访问包含特制JavaScript的恶意网页利用此漏洞在Chrome渲染器中执行任意代码。",
"fork": false,
"created_at": "2024-11-22T02:55:33Z",
"updated_at": "2024-12-08T18:37:36Z",
"updated_at": "2025-01-13T18:17:50Z",
"pushed_at": "2024-11-22T02:58:00Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -62,7 +62,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-8069.json
View file

@ -14,10 +14,10 @@
"description": "Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE",
"fork": false,
"created_at": "2024-11-13T02:50:56Z",
"updated_at": "2024-12-30T08:36:13Z",
"updated_at": "2025-01-13T18:16:27Z",
"pushed_at": "2024-11-29T03:02:09Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 3,
"watchers": 14,
"watchers": 15,
"score": 0,
"subscribers_count": 0
}

8
2024/CVE-2024-9441.json
View file

@ -76,10 +76,10 @@
"description": "CVE-2024-9441是影响Linear eMerge e3系列版本1.00-07及之前的操作系统命令注入漏洞。未经身份验证的远程攻击者可通过HTTP请求中“forgot_password”功能的“login_id”参数执行任意操作系统命令。",
"fork": false,
"created_at": "2024-11-22T02:04:21Z",
"updated_at": "2024-12-08T18:37:37Z",
"updated_at": "2025-01-13T18:17:50Z",
"pushed_at": "2024-11-22T02:07:52Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -93,7 +93,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-9465.json
View file

@ -76,10 +76,10 @@
"description": "Proof of Concept Exploit for CVE-2024-9465",
"fork": false,
"created_at": "2024-12-03T12:16:44Z",
"updated_at": "2025-01-13T01:24:06Z",
"updated_at": "2025-01-13T18:16:00Z",
"pushed_at": "2024-12-03T12:21:35Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
}

16
2025/CVE-2025-0282.json
View file

@ -45,10 +45,10 @@
"description": "Safely detect if an Ivanti server is vulnerable to CVE-2025-0282",
"fork": false,
"created_at": "2025-01-09T18:43:08Z",
"updated_at": "2025-01-13T04:36:15Z",
"updated_at": "2025-01-13T13:21:23Z",
"pushed_at": "2025-01-10T21:27:47Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 0
},
@ -107,10 +107,10 @@
"description": "CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit.",
"fork": false,
"created_at": "2025-01-11T02:06:51Z",
"updated_at": "2025-01-13T01:56:53Z",
"updated_at": "2025-01-13T15:38:47Z",
"pushed_at": "2025-01-11T23:54:06Z",
"stargazers_count": 23,
"watchers_count": 23,
"stargazers_count": 25,
"watchers_count": 25,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 23,
"watchers": 25,
"score": 0,
"subscribers_count": 0
},

11
README.md
View file

@ -5522,6 +5522,7 @@
- [varwara/CVE-2024-35250](https://github.com/varwara/CVE-2024-35250)
- [ro0tmylove/CVE-2024-35250-BOF](https://github.com/ro0tmylove/CVE-2024-35250-BOF)
- [yinsel/CVE-2024-35250-BOF](https://github.com/yinsel/CVE-2024-35250-BOF)
- [Brentlyw/GiveMeKernel](https://github.com/Brentlyw/GiveMeKernel)
### CVE-2024-35286 (2024-10-21)
@ -8279,7 +8280,11 @@
- [absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit](https://github.com/absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit)
### CVE-2024-57487
### CVE-2024-57487 (2025-01-13)
<code>In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP shell without any restrictions and execute commands on the server.
</code>
- [aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488](https://github.com/aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488)
### CVE-2024-1642470
@ -24821,7 +24826,6 @@
- [galoget/PwnKit-CVE-2021-4034](https://github.com/galoget/PwnKit-CVE-2021-4034)
- [Yakumwamba/POC-CVE-2021-4034](https://github.com/Yakumwamba/POC-CVE-2021-4034)
- [ayoub-elbouzi/CVE-2021-4034-Pwnkit](https://github.com/ayoub-elbouzi/CVE-2021-4034-Pwnkit)
- [Sakura-nee/CVE-2021-4034](https://github.com/Sakura-nee/CVE-2021-4034)
- [oreosec/pwnkit](https://github.com/oreosec/pwnkit)
- [CYB3RK1D/CVE-2021-4034-POC](https://github.com/CYB3RK1D/CVE-2021-4034-POC)
- [Rvn0xsy/CVE-2021-4034](https://github.com/Rvn0xsy/CVE-2021-4034)
@ -26794,8 +26798,8 @@
- [verygenericname/CVE-2021-30955-POC-IPA](https://github.com/verygenericname/CVE-2021-30955-POC-IPA)
- [b1n4r1b01/desc_race](https://github.com/b1n4r1b01/desc_race)
- [markie-dev/desc_race_A15](https://github.com/markie-dev/desc_race_A15)
- [Dylbin/desc_race](https://github.com/Dylbin/desc_race)
- [GeoSn0w/Pentagram-exploit-tester](https://github.com/GeoSn0w/Pentagram-exploit-tester)
- [st-rnd/desc_race-1](https://github.com/st-rnd/desc_race-1)
### CVE-2021-30956 (2021-08-24)
@ -30144,6 +30148,7 @@
</code>
- [plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS)
- [plsanu/CVE-2021-46068](https://github.com/plsanu/CVE-2021-46068)
### CVE-2021-46069 (2022-01-06)