From 84d3e60eb60f8b3c5faf7c6ab549a730d0aaeaf2 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sun, 29 Nov 2020 00:10:30 +0900 Subject: [PATCH] Auto Update 2020/11/29 00:10:30 --- 2014/CVE-2014-0160.json | 12 +++++------ 2015/CVE-2015-1579.json | 8 +++---- 2017/CVE-2017-12615.json | 46 ++++++++++++++++++++-------------------- 2017/CVE-2017-17485.json | 30 +++++++++++++------------- 2017/CVE-2017-7525.json | 32 ++++++++++++++-------------- 2018/CVE-2018-19126.json | 8 +++---- 2019/CVE-2019-0708.json | 16 +++++++------- 2019/CVE-2019-11580.json | 8 +++---- 2019/CVE-2019-17558.json | 8 +++---- 2019/CVE-2019-2725.json | 16 +++++++------- 2020/CVE-2020-1066.json | 8 +++---- 2020/CVE-2020-14181.json | 8 +++---- 2020/CVE-2020-1472.json | 4 ++-- 2020/CVE-2020-14882.json | 24 ++++++++++----------- 2020/CVE-2020-1948.json | 4 ++-- 2020/CVE-2020-27955.json | 16 +++++++------- README.md | 6 +++--- 17 files changed, 127 insertions(+), 127 deletions(-) diff --git a/2014/CVE-2014-0160.json b/2014/CVE-2014-0160.json index 7a2fee2797..d7f52171ff 100644 --- a/2014/CVE-2014-0160.json +++ b/2014/CVE-2014-0160.json @@ -312,13 +312,13 @@ "description": "Test for SSL heartbeat vulnerability (CVE-2014-0160)", "fork": false, "created_at": "2014-04-09T15:59:14Z", - "updated_at": "2020-09-08T02:02:26Z", + "updated_at": "2020-11-28T11:02:54Z", "pushed_at": "2014-07-10T21:17:22Z", - "stargazers_count": 123, - "watchers_count": 123, + "stargazers_count": 124, + "watchers_count": 124, "forks_count": 74, "forks": 74, - "watchers": 123, + "watchers": 124, "score": 0 }, { @@ -799,8 +799,8 @@ "pushed_at": "2015-03-15T17:18:56Z", "stargazers_count": 52, "watchers_count": 52, - "forks_count": 34, - "forks": 34, + "forks_count": 35, + "forks": 35, "watchers": 52, "score": 0 }, diff --git a/2015/CVE-2015-1579.json b/2015/CVE-2015-1579.json index 9da98e414a..af832f641f 100644 --- a/2015/CVE-2015-1579.json +++ b/2015/CVE-2015-1579.json @@ -13,13 +13,13 @@ "description": "[discontinued] Mass exploiter of CVE-2015-1579 for WordPress CMS", "fork": false, "created_at": "2016-02-03T21:44:11Z", - "updated_at": "2020-11-27T12:33:46Z", + "updated_at": "2020-11-28T09:43:45Z", "pushed_at": "2018-05-21T21:20:54Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 20, + "watchers_count": 20, "forks_count": 10, "forks": 10, - "watchers": 19, + "watchers": 20, "score": 0 }, { diff --git a/2017/CVE-2017-12615.json b/2017/CVE-2017-12615.json index bac05b6695..6ec48716d8 100644 --- a/2017/CVE-2017-12615.json +++ b/2017/CVE-2017-12615.json @@ -68,29 +68,6 @@ "watchers": 3, "score": 0 }, - { - "id": 107175138, - "name": "CVE-2017-12615", - "full_name": "iBearcat\/CVE-2017-12615", - "owner": { - "login": "iBearcat", - "id": 22558737, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22558737?v=4", - "html_url": "https:\/\/github.com\/iBearcat" - }, - "html_url": "https:\/\/github.com\/iBearcat\/CVE-2017-12615", - "description": "Tomcat 远程代码执行漏洞 Exploit", - "fork": false, - "created_at": "2017-10-16T19:44:04Z", - "updated_at": "2020-10-12T07:50:44Z", - "pushed_at": "2017-10-18T13:15:07Z", - "stargazers_count": 39, - "watchers_count": 39, - "forks_count": 21, - "forks": 21, - "watchers": 39, - "score": 0 - }, { "id": 109152824, "name": "cve-2017-12615", @@ -114,6 +91,29 @@ "watchers": 2, "score": 0 }, + { + "id": 112277075, + "name": "CVE-2017-12615", + "full_name": "BeyondCy\/CVE-2017-12615", + "owner": { + "login": "BeyondCy", + "id": 4694785, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4694785?v=4", + "html_url": "https:\/\/github.com\/BeyondCy" + }, + "html_url": "https:\/\/github.com\/BeyondCy\/CVE-2017-12615", + "description": "Tomcat 远程代码执行漏洞 Exploit", + "fork": false, + "created_at": "2017-11-28T02:51:16Z", + "updated_at": "2020-11-28T11:13:12Z", + "pushed_at": "2017-10-18T13:15:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 115383252, "name": "CVE-2017-12615", diff --git a/2017/CVE-2017-17485.json b/2017/CVE-2017-17485.json index 15b092e369..7c83a93387 100644 --- a/2017/CVE-2017-17485.json +++ b/2017/CVE-2017-17485.json @@ -1,25 +1,25 @@ [ { - "id": 118484077, + "id": 123458951, "name": "Jackson-CVE-2017-17485", - "full_name": "iBearcat\/Jackson-CVE-2017-17485", + "full_name": "maxbitcoin\/Jackson-CVE-2017-17485", "owner": { - "login": "iBearcat", - "id": 22558737, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22558737?v=4", - "html_url": "https:\/\/github.com\/iBearcat" + "login": "maxbitcoin", + "id": 5998127, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5998127?v=4", + "html_url": "https:\/\/github.com\/maxbitcoin" }, - "html_url": "https:\/\/github.com\/iBearcat\/Jackson-CVE-2017-17485", + "html_url": "https:\/\/github.com\/maxbitcoin\/Jackson-CVE-2017-17485", "description": "Jackson 反序列化", "fork": false, - "created_at": "2018-01-22T16:33:55Z", - "updated_at": "2019-10-31T14:31:56Z", - "pushed_at": "2018-08-17T10:01:54Z", - "stargazers_count": 23, - "watchers_count": 23, - "forks_count": 9, - "forks": 9, - "watchers": 23, + "created_at": "2018-03-01T16:09:20Z", + "updated_at": "2020-11-28T11:13:43Z", + "pushed_at": "2018-01-24T03:03:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, "score": 0 }, { diff --git a/2017/CVE-2017-7525.json b/2017/CVE-2017-7525.json index 16f8d4a9cb..af2352b867 100644 --- a/2017/CVE-2017-7525.json +++ b/2017/CVE-2017-7525.json @@ -23,26 +23,26 @@ "score": 0 }, { - "id": 114625863, + "id": 114703214, "name": "S2-055", - "full_name": "iBearcat\/S2-055", + "full_name": "Nazicc\/S2-055", "owner": { - "login": "iBearcat", - "id": 22558737, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22558737?v=4", - "html_url": "https:\/\/github.com\/iBearcat" + "login": "Nazicc", + "id": 12894927, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12894927?v=4", + "html_url": "https:\/\/github.com\/Nazicc" }, - "html_url": "https:\/\/github.com\/iBearcat\/S2-055", - "description": "S2-055 反序列化 CVE-2017-7525 ", + "html_url": "https:\/\/github.com\/Nazicc\/S2-055", + "description": "CVE-2017-7525 S2-055 Exploit", "fork": false, - "created_at": "2017-12-18T10:10:01Z", - "updated_at": "2019-12-23T04:33:18Z", - "pushed_at": "2018-05-09T19:21:00Z", - "stargazers_count": 66, - "watchers_count": 66, - "forks_count": 28, - "forks": 28, - "watchers": 66, + "created_at": "2017-12-19T01:02:04Z", + "updated_at": "2020-11-28T11:14:21Z", + "pushed_at": "2017-12-18T10:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, "score": 0 }, { diff --git a/2018/CVE-2018-19126.json b/2018/CVE-2018-19126.json index 3f9e65f0aa..b8a8c34634 100644 --- a/2018/CVE-2018-19126.json +++ b/2018/CVE-2018-19126.json @@ -13,13 +13,13 @@ "description": "PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)", "fork": false, "created_at": "2018-12-01T10:53:45Z", - "updated_at": "2020-09-07T09:19:01Z", + "updated_at": "2020-11-28T10:03:37Z", "pushed_at": "2018-12-12T22:11:45Z", - "stargazers_count": 37, - "watchers_count": 37, + "stargazers_count": 38, + "watchers_count": 38, "forks_count": 8, "forks": 8, - "watchers": 37, + "watchers": 38, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index 9cccc08420..9ccaf89e42 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1554,13 +1554,13 @@ "description": "An Attempt to Port BlueKeep PoC from @Ekultek to actual exploits", "fork": false, "created_at": "2019-05-31T00:04:12Z", - "updated_at": "2020-11-18T09:18:56Z", + "updated_at": "2020-11-28T14:19:47Z", "pushed_at": "2020-05-09T09:49:14Z", - "stargazers_count": 343, - "watchers_count": 343, + "stargazers_count": 342, + "watchers_count": 342, "forks_count": 117, "forks": 117, - "watchers": 343, + "watchers": 342, "score": 0 }, { @@ -2474,13 +2474,13 @@ "description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell", "fork": false, "created_at": "2020-01-21T02:22:29Z", - "updated_at": "2020-11-28T08:20:13Z", + "updated_at": "2020-11-28T14:29:10Z", "pushed_at": "2020-01-21T03:15:41Z", - "stargazers_count": 67, - "watchers_count": 67, + "stargazers_count": 76, + "watchers_count": 76, "forks_count": 24, "forks": 24, - "watchers": 67, + "watchers": 76, "score": 0 }, { diff --git a/2019/CVE-2019-11580.json b/2019/CVE-2019-11580.json index 2f82797bae..ad273654fc 100644 --- a/2019/CVE-2019-11580.json +++ b/2019/CVE-2019-11580.json @@ -13,13 +13,13 @@ "description": "CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE", "fork": false, "created_at": "2019-07-17T07:54:38Z", - "updated_at": "2020-11-27T21:24:02Z", + "updated_at": "2020-11-28T09:22:12Z", "pushed_at": "2019-07-18T10:03:28Z", - "stargazers_count": 79, - "watchers_count": 79, + "stargazers_count": 80, + "watchers_count": 80, "forks_count": 20, "forks": 20, - "watchers": 79, + "watchers": 80, "score": 0 }, { diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index b2cd3fd14c..e8289b88bd 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -36,13 +36,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-11-28T05:45:05Z", + "updated_at": "2020-11-28T13:51:53Z", "pushed_at": "2020-11-07T05:55:00Z", - "stargazers_count": 2100, - "watchers_count": 2100, + "stargazers_count": 2101, + "watchers_count": 2101, "forks_count": 582, "forks": 582, - "watchers": 2100, + "watchers": 2101, "score": 0 }, { diff --git a/2019/CVE-2019-2725.json b/2019/CVE-2019-2725.json index b801a48052..a01c030352 100644 --- a/2019/CVE-2019-2725.json +++ b/2019/CVE-2019-2725.json @@ -174,13 +174,13 @@ "description": "CVE-2019-2725 命令回显", "fork": false, "created_at": "2019-05-29T01:57:05Z", - "updated_at": "2020-11-27T13:04:46Z", + "updated_at": "2020-11-28T15:02:36Z", "pushed_at": "2019-08-08T09:48:20Z", - "stargazers_count": 371, - "watchers_count": 371, + "stargazers_count": 372, + "watchers_count": 372, "forks_count": 155, "forks": 155, - "watchers": 371, + "watchers": 372, "score": 0 }, { @@ -220,13 +220,13 @@ "description": "CVE-2019-2725命令回显+webshell上传+最新绕过", "fork": false, "created_at": "2019-06-10T05:12:44Z", - "updated_at": "2020-11-27T13:04:33Z", + "updated_at": "2020-11-28T14:57:36Z", "pushed_at": "2019-06-21T03:33:05Z", - "stargazers_count": 139, - "watchers_count": 139, + "stargazers_count": 140, + "watchers_count": 140, "forks_count": 59, "forks": 59, - "watchers": 139, + "watchers": 140, "score": 0 }, { diff --git a/2020/CVE-2020-1066.json b/2020/CVE-2020-1066.json index 62ffdf2c40..29b4dc0cea 100644 --- a/2020/CVE-2020-1066.json +++ b/2020/CVE-2020-1066.json @@ -13,13 +13,13 @@ "description": "CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统", "fork": false, "created_at": "2020-06-01T04:44:05Z", - "updated_at": "2020-11-28T07:20:20Z", + "updated_at": "2020-11-28T11:22:12Z", "pushed_at": "2020-06-17T00:56:08Z", - "stargazers_count": 142, - "watchers_count": 142, + "stargazers_count": 143, + "watchers_count": 143, "forks_count": 38, "forks": 38, - "watchers": 142, + "watchers": 143, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-14181.json b/2020/CVE-2020-14181.json index eceaa6f343..b4c8ba397f 100644 --- a/2020/CVE-2020-14181.json +++ b/2020/CVE-2020-14181.json @@ -13,13 +13,13 @@ "description": "POC For CVE-2020-1481 - Jira Username Enumerator\/Validator", "fork": false, "created_at": "2020-10-26T17:07:28Z", - "updated_at": "2020-11-14T11:37:40Z", + "updated_at": "2020-11-28T13:11:51Z", "pushed_at": "2020-10-30T09:36:23Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "forks_count": 0, "forks": 0, - "watchers": 3, + "watchers": 4, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index eca3ed25bb..8acdd6f81f 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -132,8 +132,8 @@ "pushed_at": "2020-10-15T18:31:15Z", "stargazers_count": 236, "watchers_count": 236, - "forks_count": 87, - "forks": 87, + "forks_count": 88, + "forks": 88, "watchers": 236, "score": 0 }, diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 3c71254b96..7bde2af929 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -13,13 +13,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-11-28T05:45:05Z", + "updated_at": "2020-11-28T13:51:53Z", "pushed_at": "2020-11-07T05:55:00Z", - "stargazers_count": 2100, - "watchers_count": 2100, + "stargazers_count": 2101, + "watchers_count": 2101, "forks_count": 582, "forks": 582, - "watchers": 2100, + "watchers": 2101, "score": 0 }, { @@ -59,13 +59,13 @@ "description": "CVE-2020–14882、CVE-2020–14883", "fork": false, "created_at": "2020-10-28T11:43:37Z", - "updated_at": "2020-11-28T08:40:24Z", + "updated_at": "2020-11-28T11:36:44Z", "pushed_at": "2020-11-16T04:23:09Z", - "stargazers_count": 189, - "watchers_count": 189, + "stargazers_count": 190, + "watchers_count": 190, "forks_count": 36, "forks": 36, - "watchers": 189, + "watchers": 190, "score": 0 }, { @@ -86,8 +86,8 @@ "pushed_at": "2020-10-29T03:57:09Z", "stargazers_count": 24, "watchers_count": 24, - "forks_count": 17, - "forks": 17, + "forks_count": 18, + "forks": 18, "watchers": 24, "score": 0 }, @@ -178,8 +178,8 @@ "pushed_at": "2020-11-09T09:55:10Z", "stargazers_count": 2, "watchers_count": 2, - "forks_count": 2, - "forks": 2, + "forks_count": 1, + "forks": 1, "watchers": 2, "score": 0 }, diff --git a/2020/CVE-2020-1948.json b/2020/CVE-2020-1948.json index 646bbed116..35d8e0fcc6 100644 --- a/2020/CVE-2020-1948.json +++ b/2020/CVE-2020-1948.json @@ -86,8 +86,8 @@ "pushed_at": "2020-11-16T20:43:29Z", "stargazers_count": 5, "watchers_count": 5, - "forks_count": 2, - "forks": 2, + "forks_count": 3, + "forks": 3, "watchers": 5, "score": 0 } diff --git a/2020/CVE-2020-27955.json b/2020/CVE-2020-27955.json index 5bb90c796b..a44c70ade8 100644 --- a/2020/CVE-2020-27955.json +++ b/2020/CVE-2020-27955.json @@ -13,13 +13,13 @@ "description": "Git-lfs RCE exploit CVE-2020-27955 - tested on Windows on: git, gh cli, GitHub Desktop, Visual Studio, SourceTree etc.", "fork": false, "created_at": "2020-11-03T17:14:22Z", - "updated_at": "2020-11-25T16:03:20Z", + "updated_at": "2020-11-28T12:09:03Z", "pushed_at": "2020-11-25T16:03:18Z", - "stargazers_count": 20, - "watchers_count": 20, + "stargazers_count": 21, + "watchers_count": 21, "forks_count": 10, "forks": 10, - "watchers": 20, + "watchers": 21, "score": 0 }, { @@ -36,13 +36,13 @@ "description": null, "fork": false, "created_at": "2020-11-04T16:43:04Z", - "updated_at": "2020-11-22T01:26:04Z", + "updated_at": "2020-11-28T12:07:42Z", "pushed_at": "2020-11-04T19:09:31Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "forks_count": 1, "forks": 1, - "watchers": 11, + "watchers": 12, "score": 0 }, { diff --git a/README.md b/README.md index 2814289a9b..4fb3c0076d 100644 --- a/README.md +++ b/README.md @@ -10762,7 +10762,7 @@ A deserialization flaw was discovered in the jackson-databind, versions before 2 - [SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095](https://github.com/SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095) -- [iBearcat/S2-055](https://github.com/iBearcat/S2-055) +- [Nazicc/S2-055](https://github.com/Nazicc/S2-055) - [JavanXD/Demo-Exploit-Jackson-RCE](https://github.com/JavanXD/Demo-Exploit-Jackson-RCE) - [47bwy/CVE-2017-7525](https://github.com/47bwy/CVE-2017-7525) - [BassinD/jackson-RCE](https://github.com/BassinD/jackson-RCE) @@ -11459,8 +11459,8 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. - [breaktoprotect/CVE-2017-12615](https://github.com/breaktoprotect/CVE-2017-12615) - [mefulton/cve-2017-12615](https://github.com/mefulton/cve-2017-12615) - [zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717](https://github.com/zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717) -- [iBearcat/CVE-2017-12615](https://github.com/iBearcat/CVE-2017-12615) - [wsg00d/cve-2017-12615](https://github.com/wsg00d/cve-2017-12615) +- [BeyondCy/CVE-2017-12615](https://github.com/BeyondCy/CVE-2017-12615) - [1337g/CVE-2017-12615](https://github.com/1337g/CVE-2017-12615) - [Shellkeys/CVE-2017-12615](https://github.com/Shellkeys/CVE-2017-12615) - [cved-sources/cve-2017-12615](https://github.com/cved-sources/cve-2017-12615) @@ -11861,7 +11861,7 @@ Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. -- [iBearcat/Jackson-CVE-2017-17485](https://github.com/iBearcat/Jackson-CVE-2017-17485) +- [maxbitcoin/Jackson-CVE-2017-17485](https://github.com/maxbitcoin/Jackson-CVE-2017-17485) - [tafamace/CVE-2017-17485](https://github.com/tafamace/CVE-2017-17485) - [x7iaob/cve-2017-17485](https://github.com/x7iaob/cve-2017-17485) - [Al1ex/CVE-2017-17485](https://github.com/Al1ex/CVE-2017-17485)