mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/04/12 12:28:16

Browse source
This commit is contained in:
motikan2010-bot 2024-04-12 21:28:16 +09:00
parent 6aa694b254
commit 85b51ee59d
50 changed files with 513 additions and 178 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2014/CVE-2014-0160.json
View file

@ -13,10 +13,10 @@
"description": "A checker (site and tool) for CVE-2014-0160",
"fork": false,
"created_at": "2014-04-07T23:03:09Z",
"updated_at": "2024-04-09T20:11:41Z",
"updated_at": "2024-04-12T06:53:22Z",
"pushed_at": "2021-02-24T09:17:24Z",
"stargazers_count": 2304,
"watchers_count": 2304,
"stargazers_count": 2305,
"watchers_count": 2305,
"has_discussions": false,
"forks_count": 466,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 466,
"watchers": 2304,
"watchers": 2305,
"score": 0,
"subscribers_count": 117
},

8
2016/CVE-2016-5195.json
View file

@ -447,10 +447,10 @@
"description": "Dirty Cow exploit - CVE-2016-5195",
"fork": false,
"created_at": "2016-11-25T21:08:01Z",
"updated_at": "2024-04-09T07:00:10Z",
"updated_at": "2024-04-12T12:02:36Z",
"pushed_at": "2021-04-08T11:35:12Z",
"stargazers_count": 814,
"watchers_count": 814,
"stargazers_count": 815,
"watchers_count": 815,
"has_discussions": false,
"forks_count": 426,
"allow_forking": true,
@ -463,7 +463,7 @@
],
"visibility": "public",
"forks": 426,
"watchers": 814,
"watchers": 815,
"score": 0,
"subscribers_count": 11
},

2
2018/CVE-2018-17240.json
View file

@ -44,7 +44,7 @@
"fork": false,
"created_at": "2024-01-04T21:44:21Z",
"updated_at": "2024-01-05T06:29:51Z",
"pushed_at": "2024-04-03T04:35:50Z",
"pushed_at": "2024-04-12T08:40:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2018/CVE-2018-5955.json
View file

@ -43,10 +43,10 @@
"description": "一款功能强大的漏洞扫描器子域名爆破使用aioDNSasyncio异步快速扫描覆盖目标全方位资产进行批量漏洞扫描中间件信息收集自动收集ip代理探测Waf信息时自动使用来保护本机真实Ip在本机Ip被Waf杀死后自动切换代理Ip进行扫描Waf信息收集(国内外100+款waf信息)包括安全狗云锁阿里云云盾腾讯云等提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能",
"fork": false,
"created_at": "2019-12-21T22:45:55Z",
"updated_at": "2024-04-10T06:05:14Z",
"updated_at": "2024-04-12T09:09:52Z",
"pushed_at": "2020-01-05T21:46:25Z",
"stargazers_count": 636,
"watchers_count": 636,
"stargazers_count": 637,
"watchers_count": 637,
"has_discussions": false,
"forks_count": 130,
"allow_forking": true,
@ -68,7 +68,7 @@
],
"visibility": "public",
"forks": 130,
"watchers": 636,
"watchers": 637,
"score": 0,
"subscribers_count": 16
},

16
2019/CVE-2019-0708.json
View file

@ -1691,10 +1691,10 @@
"description": "Only Hitting PoC [Tested on Windows Server 2008 r2]",
"fork": false,
"created_at": "2019-05-28T02:25:21Z",
"updated_at": "2024-01-04T16:34:14Z",
"updated_at": "2024-04-12T11:32:24Z",
"pushed_at": "2019-05-28T02:46:19Z",
"stargazers_count": 127,
"watchers_count": 127,
"stargazers_count": 128,
"watchers_count": 128,
"has_discussions": false,
"forks_count": 43,
"allow_forking": true,
@ -1703,7 +1703,7 @@
"topics": [],
"visibility": "public",
"forks": 43,
"watchers": 127,
"watchers": 128,
"score": 0,
"subscribers_count": 10
},
@ -1841,10 +1841,10 @@
"description": "Proof of concept for CVE-2019-0708",
"fork": false,
"created_at": "2019-05-29T16:53:54Z",
"updated_at": "2024-03-29T12:23:33Z",
"updated_at": "2024-04-12T09:11:05Z",
"pushed_at": "2021-12-02T12:00:46Z",
"stargazers_count": 1162,
"watchers_count": 1162,
"stargazers_count": 1163,
"watchers_count": 1163,
"has_discussions": false,
"forks_count": 346,
"allow_forking": true,
@ -1853,7 +1853,7 @@
"topics": [],
"visibility": "public",
"forks": 346,
"watchers": 1162,
"watchers": 1163,
"score": 0,
"subscribers_count": 68
},

8
2019/CVE-2019-17558.json
View file

@ -43,10 +43,10 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2024-04-11T14:52:46Z",
"updated_at": "2024-04-12T09:37:59Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 4021,
"watchers_count": 4021,
"stargazers_count": 4022,
"watchers_count": 4022,
"has_discussions": false,
"forks_count": 1081,
"allow_forking": true,
@ -75,7 +75,7 @@
],
"visibility": "public",
"forks": 1081,
"watchers": 4021,
"watchers": 4022,
"score": 0,
"subscribers_count": 151
},

8
2020/CVE-2020-0796.json
View file

@ -1444,10 +1444,10 @@
"description": "CVE-2020-0796 Remote Code Execution POC",
"fork": false,
"created_at": "2020-04-20T14:35:48Z",
"updated_at": "2024-03-16T11:24:21Z",
"updated_at": "2024-04-12T11:31:19Z",
"pushed_at": "2020-06-09T20:46:45Z",
"stargazers_count": 509,
"watchers_count": 509,
"stargazers_count": 510,
"watchers_count": 510,
"has_discussions": false,
"forks_count": 166,
"allow_forking": true,
@ -1462,7 +1462,7 @@
],
"visibility": "public",
"forks": 166,
"watchers": 509,
"watchers": 510,
"score": 0,
"subscribers_count": 27
},

8
2020/CVE-2020-1034.json
View file

@ -13,10 +13,10 @@
"description": "PoC demonstrating the use of cve-2020-1034 for privilege escalation",
"fork": false,
"created_at": "2020-11-23T10:24:07Z",
"updated_at": "2023-11-13T04:01:53Z",
"updated_at": "2024-04-12T09:22:53Z",
"pushed_at": "2021-03-16T13:53:37Z",
"stargazers_count": 110,
"watchers_count": 110,
"stargazers_count": 111,
"watchers_count": 111,
"has_discussions": false,
"forks_count": 39,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 39,
"watchers": 110,
"watchers": 111,
"score": 0,
"subscribers_count": 6
},

8
2020/CVE-2020-12695.json
View file

@ -13,10 +13,10 @@
"description": "Vulnerability checker for Callstranger (CVE-2020-12695)",
"fork": false,
"created_at": "2020-06-08T07:37:49Z",
"updated_at": "2024-04-09T12:35:54Z",
"updated_at": "2024-04-12T09:03:26Z",
"pushed_at": "2021-08-07T16:48:55Z",
"stargazers_count": 400,
"watchers_count": 400,
"stargazers_count": 401,
"watchers_count": 401,
"has_discussions": false,
"forks_count": 70,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 70,
"watchers": 400,
"watchers": 401,
"score": 0,
"subscribers_count": 11
},

8
2020/CVE-2020-14882.json
View file

@ -13,10 +13,10 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2024-04-11T14:52:46Z",
"updated_at": "2024-04-12T09:37:59Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 4021,
"watchers_count": 4021,
"stargazers_count": 4022,
"watchers_count": 4022,
"has_discussions": false,
"forks_count": 1081,
"allow_forking": true,
@ -45,7 +45,7 @@
],
"visibility": "public",
"forks": 1081,
"watchers": 4021,
"watchers": 4022,
"score": 0,
"subscribers_count": 151
},

8
2021/CVE-2021-1732.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2021-1732 Exploit",
"fork": false,
"created_at": "2021-03-05T02:11:10Z",
"updated_at": "2024-02-26T20:56:06Z",
"updated_at": "2024-04-12T07:21:10Z",
"pushed_at": "2021-03-05T03:10:26Z",
"stargazers_count": 410,
"watchers_count": 410,
"stargazers_count": 411,
"watchers_count": 411,
"has_discussions": false,
"forks_count": 128,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 128,
"watchers": 410,
"watchers": 411,
"score": 0,
"subscribers_count": 6
},

8
2021/CVE-2021-3493.json
View file

@ -13,10 +13,10 @@
"description": "Ubuntu OverlayFS Local Privesc",
"fork": false,
"created_at": "2021-04-19T20:07:01Z",
"updated_at": "2024-04-09T03:59:46Z",
"updated_at": "2024-04-12T07:10:22Z",
"pushed_at": "2024-04-02T02:48:18Z",
"stargazers_count": 389,
"watchers_count": 389,
"stargazers_count": 390,
"watchers_count": 390,
"has_discussions": false,
"forks_count": 132,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 132,
"watchers": 389,
"watchers": 390,
"score": 0,
"subscribers_count": 4
},

8
2021/CVE-2021-44228.json
View file

@ -5170,10 +5170,10 @@
"description": "PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs",
"fork": false,
"created_at": "2021-12-13T21:39:51Z",
"updated_at": "2024-03-04T15:46:12Z",
"updated_at": "2024-04-12T10:41:42Z",
"pushed_at": "2021-12-21T01:24:46Z",
"stargazers_count": 291,
"watchers_count": 291,
"stargazers_count": 292,
"watchers_count": 292,
"has_discussions": false,
"forks_count": 32,
"allow_forking": true,
@ -5182,7 +5182,7 @@
"topics": [],
"visibility": "public",
"forks": 32,
"watchers": 291,
"watchers": 292,
"score": 0,
"subscribers_count": 12
},

8
2022/CVE-2022-0847.json
View file

@ -1185,10 +1185,10 @@
"description": "A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.",
"fork": false,
"created_at": "2022-03-12T20:57:24Z",
"updated_at": "2024-04-12T05:43:19Z",
"updated_at": "2024-04-12T09:02:26Z",
"pushed_at": "2023-05-20T05:55:45Z",
"stargazers_count": 506,
"watchers_count": 506,
"stargazers_count": 507,
"watchers_count": 507,
"has_discussions": false,
"forks_count": 136,
"allow_forking": true,
@ -1197,7 +1197,7 @@
"topics": [],
"visibility": "public",
"forks": 136,
"watchers": 506,
"watchers": 507,
"score": 0,
"subscribers_count": 15
},

32
2022/CVE-2022-26377.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 785525373,
"name": "ibm-qradar-ajp_smuggling_CVE-2022-26377_poc",
"full_name": "watchtowrlabs\/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc",
"owner": {
"login": "watchtowrlabs",
"id": 99977116,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4",
"html_url": "https:\/\/github.com\/watchtowrlabs"
},
"html_url": "https:\/\/github.com\/watchtowrlabs\/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc",
"description": null,
"fork": false,
"created_at": "2024-04-12T03:59:03Z",
"updated_at": "2024-04-12T08:34:41Z",
"pushed_at": "2024-04-12T04:05:19Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2022/CVE-2022-39197.json
View file

@ -227,12 +227,12 @@
"description": "CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch. ",
"fork": false,
"created_at": "2022-09-26T08:58:21Z",
"updated_at": "2024-04-03T03:02:17Z",
"updated_at": "2024-04-12T11:36:33Z",
"pushed_at": "2022-09-26T13:20:38Z",
"stargazers_count": 302,
"watchers_count": 302,
"stargazers_count": 303,
"watchers_count": 303,
"has_discussions": false,
"forks_count": 45,
"forks_count": 46,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -242,8 +242,8 @@
"cve-2022-39197"
],
"visibility": "public",
"forks": 45,
"watchers": 302,
"forks": 46,
"watchers": 303,
"score": 0,
"subscribers_count": 5
},

8
2023/CVE-2023-0386.json
View file

@ -103,10 +103,10 @@
"description": "CVE-2023-0386 analysis and Exp",
"fork": false,
"created_at": "2023-05-06T06:07:23Z",
"updated_at": "2024-03-12T07:06:25Z",
"updated_at": "2024-04-12T08:19:06Z",
"pushed_at": "2023-05-06T06:19:25Z",
"stargazers_count": 112,
"watchers_count": 112,
"stargazers_count": 111,
"watchers_count": 111,
"has_discussions": false,
"forks_count": 22,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 22,
"watchers": 112,
"watchers": 111,
"score": 0,
"subscribers_count": 4
},

4
2023/CVE-2023-21768.json
View file

@ -116,13 +116,13 @@
"stargazers_count": 39,
"watchers_count": 39,
"has_discussions": false,
"forks_count": 11,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 11,
"forks": 12,
"watchers": 39,
"score": 0,
"subscribers_count": 1

8
2023/CVE-2023-22809.json
View file

@ -13,10 +13,10 @@
"description": "A script to automate privilege escalation with CVE-2023-22809 vulnerability",
"fork": false,
"created_at": "2023-01-21T15:19:23Z",
"updated_at": "2024-03-25T06:26:27Z",
"updated_at": "2024-04-12T09:07:44Z",
"pushed_at": "2023-02-15T18:10:53Z",
"stargazers_count": 132,
"watchers_count": 132,
"stargazers_count": 133,
"watchers_count": 133,
"has_discussions": false,
"forks_count": 37,
"allow_forking": true,
@ -34,7 +34,7 @@
],
"visibility": "public",
"forks": 37,
"watchers": 132,
"watchers": 133,
"score": 0,
"subscribers_count": 3
},

8
2023/CVE-2023-24955.json
View file

@ -43,10 +43,10 @@
"description": "RCE exploit for Microsoft SharePoint 2019",
"fork": false,
"created_at": "2024-03-30T06:26:48Z",
"updated_at": "2024-04-10T13:43:56Z",
"updated_at": "2024-04-12T11:46:49Z",
"pushed_at": "2024-03-30T06:58:57Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-27703.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-27703 An Android version of pikpak version V1.29.2 element debugging interface leakage vulnerability",
"fork": false,
"created_at": "2023-04-11T06:24:04Z",
"updated_at": "2023-05-21T15:58:26Z",
"updated_at": "2024-04-12T08:19:06Z",
"pushed_at": "2023-04-11T06:39:41Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

2
2023/CVE-2023-28252.json
View file

@ -13,7 +13,7 @@
"description": null,
"fork": false,
"created_at": "2023-06-27T12:22:05Z",
"updated_at": "2024-03-22T05:25:31Z",
"updated_at": "2024-04-12T09:09:48Z",
"pushed_at": "2023-07-10T16:57:44Z",
"stargazers_count": 165,
"watchers_count": 165,

2
2023/CVE-2023-36407.json
View file

@ -44,7 +44,7 @@
"fork": false,
"created_at": "2024-04-07T16:59:55Z",
"updated_at": "2024-04-07T17:00:01Z",
"pushed_at": "2024-04-07T16:59:58Z",
"pushed_at": "2024-04-12T08:05:08Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

4
2023/CVE-2023-38545.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 16,
"watchers_count": 16,
"has_discussions": false,
"forks_count": 4,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"forks": 3,
"watchers": 16,
"score": 0,
"subscribers_count": 1

8
2023/CVE-2023-44487.json
View file

@ -13,10 +13,10 @@
"description": "Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487",
"fork": false,
"created_at": "2023-10-10T14:20:42Z",
"updated_at": "2024-04-11T04:16:52Z",
"updated_at": "2024-04-12T09:46:03Z",
"pushed_at": "2024-01-08T11:12:08Z",
"stargazers_count": 210,
"watchers_count": 210,
"stargazers_count": 211,
"watchers_count": 211,
"has_discussions": false,
"forks_count": 47,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 47,
"watchers": 210,
"watchers": 211,
"score": 0,
"subscribers_count": 6
},

32
2023/CVE-2023-45288.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 785588887,
"name": "cont-flood-poc",
"full_name": "hex0punk\/cont-flood-poc",
"owner": {
"login": "hex0punk",
"id": 1915998,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1915998?v=4",
"html_url": "https:\/\/github.com\/hex0punk"
},
"html_url": "https:\/\/github.com\/hex0punk\/cont-flood-poc",
"description": "PoC for CVE-2023-45288, continuation flood vulnerability",
"fork": false,
"created_at": "2024-04-12T07:36:39Z",
"updated_at": "2024-04-12T07:36:49Z",
"pushed_at": "2024-04-12T08:18:40Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-45779.json
View file

@ -13,10 +13,10 @@
"description": "Proof-of-concept code for the Android APEX key reuse vulnerability described in https:\/\/rtx.meta.security\/exploitation\/2024\/01\/30\/Android-vendors-APEX-test-keys.html",
"fork": false,
"created_at": "2024-01-26T21:17:38Z",
"updated_at": "2024-03-27T01:45:23Z",
"updated_at": "2024-04-12T10:46:05Z",
"pushed_at": "2024-01-31T19:33:59Z",
"stargazers_count": 52,
"watchers_count": 52,
"stargazers_count": 53,
"watchers_count": 53,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 52,
"watchers": 53,
"score": 0,
"subscribers_count": 5
}

8
2023/CVE-2023-45866.json
View file

@ -13,10 +13,10 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
"updated_at": "2024-04-11T23:41:44Z",
"updated_at": "2024-04-12T11:49:14Z",
"pushed_at": "2024-04-08T13:43:21Z",
"stargazers_count": 383,
"watchers_count": 383,
"stargazers_count": 385,
"watchers_count": 385,
"has_discussions": false,
"forks_count": 60,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 60,
"watchers": 383,
"watchers": 385,
"score": 0,
"subscribers_count": 7
},

24
2023/CVE-2023-46805.json
View file

@ -13,10 +13,10 @@
"description": "Scanner for CVE-2023-46805 - Ivanti Connect Secure",
"fork": false,
"created_at": "2024-01-14T18:30:11Z",
"updated_at": "2024-04-11T18:34:16Z",
"updated_at": "2024-04-12T10:31:16Z",
"pushed_at": "2024-01-24T07:15:43Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 2
},
@ -47,10 +47,10 @@
"description": "Simple scanner for scanning a list of ip-addresses for vulnerable Ivanti Pulse Secure devices",
"fork": false,
"created_at": "2024-01-16T08:05:58Z",
"updated_at": "2024-01-30T08:26:45Z",
"updated_at": "2024-04-12T10:31:35Z",
"pushed_at": "2024-01-19T09:02:40Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -59,7 +59,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},
@ -167,10 +167,10 @@
"description": "Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research",
"fork": false,
"created_at": "2024-01-19T02:23:13Z",
"updated_at": "2024-03-24T21:09:38Z",
"updated_at": "2024-04-12T10:31:25Z",
"pushed_at": "2024-01-19T03:17:13Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -179,7 +179,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 2
},

8
2023/CVE-2023-48788.json
View file

@ -43,10 +43,10 @@
"description": null,
"fork": false,
"created_at": "2024-04-09T10:54:31Z",
"updated_at": "2024-04-10T13:43:56Z",
"updated_at": "2024-04-12T11:47:02Z",
"pushed_at": "2024-04-09T10:54:33Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-6319.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-6319 proof of concept",
"fork": false,
"created_at": "2024-04-11T18:58:17Z",
"updated_at": "2024-04-11T22:53:32Z",
"updated_at": "2024-04-12T08:29:54Z",
"pushed_at": "2024-04-11T19:25:30Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-6548.json
View file

@ -13,10 +13,10 @@
"description": "0day for Citrix Netscaler ADC and NetScaler Gateway latest versions",
"fork": false,
"created_at": "2024-03-04T08:57:27Z",
"updated_at": "2024-04-10T13:43:56Z",
"updated_at": "2024-04-12T11:46:38Z",
"pushed_at": "2024-03-04T09:36:29Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 9,
"watchers": 10,
"score": 0,
"subscribers_count": 1
}

12
2024/CVE-2024-0015.json
View file

@ -13,19 +13,19 @@
"description": "a demo poc for CVE-2024-0015",
"fork": false,
"created_at": "2024-03-19T10:00:21Z",
"updated_at": "2024-03-24T01:41:03Z",
"updated_at": "2024-04-12T07:43:03Z",
"pushed_at": "2024-03-19T10:05:07Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"forks": 1,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-0582.json
View file

@ -13,10 +13,10 @@
"description": "LPE exploit for CVE-2024-0582 (io_uring)",
"fork": false,
"created_at": "2024-03-29T14:45:22Z",
"updated_at": "2024-04-11T16:16:50Z",
"updated_at": "2024-04-12T08:00:15Z",
"pushed_at": "2024-03-29T16:05:31Z",
"stargazers_count": 71,
"watchers_count": 71,
"stargazers_count": 72,
"watchers_count": 72,
"has_discussions": false,
"forks_count": 21,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 21,
"watchers": 71,
"watchers": 72,
"score": 0,
"subscribers_count": 3
},

8
2024/CVE-2024-1086.json
View file

@ -13,10 +13,10 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2024-04-12T03:43:52Z",
"updated_at": "2024-04-12T12:20:23Z",
"pushed_at": "2024-04-10T23:22:55Z",
"stargazers_count": 1799,
"watchers_count": 1799,
"stargazers_count": 1808,
"watchers_count": 1808,
"has_discussions": false,
"forks_count": 220,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 220,
"watchers": 1799,
"watchers": 1808,
"score": 0,
"subscribers_count": 18
},

32
2024/CVE-2024-21426.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 785618269,
"name": "CVE-2024-21426-SharePoint-RCE",
"full_name": "Geniorio01\/CVE-2024-21426-SharePoint-RCE",
"owner": {
"login": "Geniorio01",
"id": 166803225,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166803225?v=4",
"html_url": "https:\/\/github.com\/Geniorio01"
},
"html_url": "https:\/\/github.com\/Geniorio01\/CVE-2024-21426-SharePoint-RCE",
"description": null,
"fork": false,
"created_at": "2024-04-12T08:58:09Z",
"updated_at": "2024-04-12T11:47:05Z",
"pushed_at": "2024-04-12T08:58:12Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 0
}
]

32
2024/CVE-2024-21508.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 785639282,
"name": "CVE-2024-21508-mysql2-RCE",
"full_name": "Geniorio01\/CVE-2024-21508-mysql2-RCE",
"owner": {
"login": "Geniorio01",
"id": 166803225,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166803225?v=4",
"html_url": "https:\/\/github.com\/Geniorio01"
},
"html_url": "https:\/\/github.com\/Geniorio01\/CVE-2024-21508-mysql2-RCE",
"description": null,
"fork": false,
"created_at": "2024-04-12T09:54:56Z",
"updated_at": "2024-04-12T11:47:07Z",
"pushed_at": "2024-04-12T09:55:00Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-21626.json
View file

@ -193,10 +193,10 @@
"description": null,
"fork": false,
"created_at": "2024-02-05T17:47:01Z",
"updated_at": "2024-04-11T06:53:33Z",
"updated_at": "2024-04-12T10:50:03Z",
"pushed_at": "2024-02-05T19:12:00Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -205,7 +205,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-21762.json
View file

@ -193,10 +193,10 @@
"description": null,
"fork": false,
"created_at": "2024-04-08T13:30:55Z",
"updated_at": "2024-04-10T13:43:56Z",
"updated_at": "2024-04-12T11:46:59Z",
"pushed_at": "2024-04-08T13:30:57Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -205,7 +205,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 1
}

30
2024/CVE-2024-21894.json
View file

@ -28,5 +28,35 @@
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 785615377,
"name": "CVE-2024-21894-Proof-of-concept",
"full_name": "AlexLondan\/CVE-2024-21894-Proof-of-concept",
"owner": {
"login": "AlexLondan",
"id": 166403276,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166403276?v=4",
"html_url": "https:\/\/github.com\/AlexLondan"
},
"html_url": "https:\/\/github.com\/AlexLondan\/CVE-2024-21894-Proof-of-concept",
"description": null,
"fork": false,
"created_at": "2024-04-12T08:50:40Z",
"updated_at": "2024-04-12T08:50:40Z",
"pushed_at": "2024-04-12T09:12:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

22
2024/CVE-2024-24576.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 34,
"watchers_count": 34,
"has_discussions": false,
"forks_count": 7,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 7,
"forks": 8,
"watchers": 34,
"score": 0,
"subscribers_count": 1
@ -43,10 +43,10 @@
"description": null,
"fork": false,
"created_at": "2024-04-10T10:27:55Z",
"updated_at": "2024-04-12T02:12:07Z",
"pushed_at": "2024-04-11T06:01:17Z",
"stargazers_count": 3,
"watchers_count": 3,
"updated_at": "2024-04-12T11:31:59Z",
"pushed_at": "2024-04-12T09:22:40Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
@ -73,10 +73,10 @@
"description": "CVE-2024-24576 Proof of Concept",
"fork": false,
"created_at": "2024-04-10T14:06:09Z",
"updated_at": "2024-04-12T00:50:10Z",
"updated_at": "2024-04-12T07:17:37Z",
"pushed_at": "2024-04-10T14:42:34Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -90,7 +90,7 @@
],
"visibility": "public",
"forks": 3,
"watchers": 11,
"watchers": 12,
"score": 0,
"subscribers_count": 1
},

32
2024/CVE-2024-25693.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 785615404,
"name": "CVE-2024-25693-exploit",
"full_name": "MrSecby\/CVE-2024-25693-exploit",
"owner": {
"login": "MrSecby",
"id": 166445529,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166445529?v=4",
"html_url": "https:\/\/github.com\/MrSecby"
},
"html_url": "https:\/\/github.com\/MrSecby\/CVE-2024-25693-exploit",
"description": null,
"fork": false,
"created_at": "2024-04-12T08:50:43Z",
"updated_at": "2024-04-12T08:50:43Z",
"pushed_at": "2024-04-12T09:12:13Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-26198.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2024-04-09T10:54:28Z",
"updated_at": "2024-04-10T13:43:56Z",
"updated_at": "2024-04-12T11:47:00Z",
"pushed_at": "2024-04-09T10:54:30Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-28247.json
View file

@ -13,10 +13,10 @@
"description": "This repository provides an exploit for CVE-2024-28247, highlighting a vulnerability that permits a remote attacker to read arbitrary files on the system.",
"fork": false,
"created_at": "2024-03-31T15:25:15Z",
"updated_at": "2024-04-08T13:30:47Z",
"updated_at": "2024-04-12T11:56:00Z",
"pushed_at": "2024-03-31T15:49:26Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

30
2024/CVE-2024-29269.json
View file

@ -28,5 +28,35 @@
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 785588692,
"name": "CVE-2024-29269",
"full_name": "YongYe-Security\/CVE-2024-29269",
"owner": {
"login": "YongYe-Security",
"id": 90460865,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4",
"html_url": "https:\/\/github.com\/YongYe-Security"
},
"html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2024-29269",
"description": "Telesquare TLR-2005KSH_RCE (CVE-2024-29269) Batch scan\/exploit",
"fork": false,
"created_at": "2024-04-12T07:36:08Z",
"updated_at": "2024-04-12T08:33:10Z",
"pushed_at": "2024-04-12T07:58:16Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

32
2024/CVE-2024-29988.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 785647385,
"name": "CVE-2024-29988-MS-Exchange-RCE",
"full_name": "mrobsidian1\/CVE-2024-29988-MS-Exchange-RCE",
"owner": {
"login": "mrobsidian1",
"id": 166446512,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166446512?v=4",
"html_url": "https:\/\/github.com\/mrobsidian1"
},
"html_url": "https:\/\/github.com\/mrobsidian1\/CVE-2024-29988-MS-Exchange-RCE",
"description": null,
"fork": false,
"created_at": "2024-04-12T10:17:58Z",
"updated_at": "2024-04-12T11:47:08Z",
"pushed_at": "2024-04-12T10:18:01Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 0
}
]

20
2024/CVE-2024-3094.json
View file

@ -1012,19 +1012,19 @@
"description": "notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)",
"fork": false,
"created_at": "2024-04-01T14:28:09Z",
"updated_at": "2024-04-12T05:54:21Z",
"updated_at": "2024-04-12T12:08:15Z",
"pushed_at": "2024-04-03T04:58:50Z",
"stargazers_count": 3316,
"watchers_count": 3316,
"stargazers_count": 3322,
"watchers_count": 3322,
"has_discussions": false,
"forks_count": 217,
"forks_count": 218,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 217,
"watchers": 3316,
"forks": 218,
"watchers": 3322,
"score": 0,
"subscribers_count": 34
},
@ -1723,10 +1723,10 @@
"description": null,
"fork": false,
"created_at": "2024-04-10T13:46:00Z",
"updated_at": "2024-04-10T13:46:01Z",
"updated_at": "2024-04-12T11:47:03Z",
"pushed_at": "2024-04-10T13:46:03Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1735,7 +1735,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

32
2024/CVE-2024-3136.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 785647931,
"name": "CVE-2024-3136-Wordpress-RCE",
"full_name": "drdry2\/CVE-2024-3136-Wordpress-RCE",
"owner": {
"login": "drdry2",
"id": 166447373,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166447373?v=4",
"html_url": "https:\/\/github.com\/drdry2"
},
"html_url": "https:\/\/github.com\/drdry2\/CVE-2024-3136-Wordpress-RCE",
"description": null,
"fork": false,
"created_at": "2024-04-12T10:19:40Z",
"updated_at": "2024-04-12T11:47:09Z",
"pushed_at": "2024-04-12T10:19:43Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 0
}
]

10
2024/CVE-2024-31777.json
View file

@ -1,20 +1,20 @@
[
{
"id": 785244056,
"name": "CVE-2024-31777",
"full_name": "FreySolarEye\/CVE-2024-31777",
"name": "Exploit-CVE-2024-31777",
"full_name": "FreySolarEye\/Exploit-CVE-2024-31777",
"owner": {
"login": "FreySolarEye",
"id": 44547688,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44547688?v=4",
"html_url": "https:\/\/github.com\/FreySolarEye"
},
"html_url": "https:\/\/github.com\/FreySolarEye\/CVE-2024-31777",
"html_url": "https:\/\/github.com\/FreySolarEye\/Exploit-CVE-2024-31777",
"description": "Public exploit for CVE-2024-31777",
"fork": false,
"created_at": "2024-04-11T13:48:19Z",
"updated_at": "2024-04-11T13:48:19Z",
"pushed_at": "2024-04-11T13:48:19Z",
"updated_at": "2024-04-12T08:35:01Z",
"pushed_at": "2024-04-12T08:40:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

53
README.md
View file

@ -325,6 +325,13 @@
- [FoxyProxys/CVE-2024-3116](https://github.com/FoxyProxys/CVE-2024-3116)
- [TechieNeurons/CVE-2024-3116_RCE_in_pgadmin_8.4](https://github.com/TechieNeurons/CVE-2024-3116_RCE_in_pgadmin_8.4)
### CVE-2024-3136 (2024-04-09)
<code>The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
</code>
- [drdry2/CVE-2024-3136-Wordpress-RCE](https://github.com/drdry2/CVE-2024-3136-Wordpress-RCE)
### CVE-2024-3272 (2024-04-04)
<code>Eine Schwachstelle wurde in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 entdeckt. Sie wurde als sehr kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Mit der Manipulation des Arguments user mit der Eingabe messagebus mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
@ -452,6 +459,20 @@
- [DevAkabari/CVE-2024-21413](https://github.com/DevAkabari/CVE-2024-21413)
- [dshabani96/CVE-2024-21413](https://github.com/dshabani96/CVE-2024-21413)
### CVE-2024-21426 (2024-03-12)
<code>Microsoft SharePoint Server Remote Code Execution Vulnerability
</code>
- [Geniorio01/CVE-2024-21426-SharePoint-RCE](https://github.com/Geniorio01/CVE-2024-21426-SharePoint-RCE)
### CVE-2024-21508 (2024-04-11)
<code>Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.
</code>
- [Geniorio01/CVE-2024-21508-mysql2-RCE](https://github.com/Geniorio01/CVE-2024-21508-mysql2-RCE)
### CVE-2024-21626 (2024-01-31)
<code>runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem (&quot;attack 2&quot;). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run (&quot;attack 1&quot;). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes (&quot;attack 3a&quot; and &quot;attack 3b&quot;). runc 1.1.12 includes patches for this issue.
@ -524,6 +545,7 @@
</code>
- [RansomGroupCVE/CVE-2024-21894-POC](https://github.com/RansomGroupCVE/CVE-2024-21894-POC)
- [AlexLondan/CVE-2024-21894-Proof-of-concept](https://github.com/AlexLondan/CVE-2024-21894-Proof-of-concept)
### CVE-2024-22024 (2024-02-13)
@ -1073,6 +1095,13 @@
- [hy011121/CVE-2024-25600-wordpress-Exploit-RCE](https://github.com/hy011121/CVE-2024-25600-wordpress-Exploit-RCE)
- [K3ysTr0K3R/CVE-2024-25600-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT)
### CVE-2024-25693 (2024-04-04)
<code>There is a path traversal in Esri Portal for ArcGIS versions &lt;= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory. 
</code>
- [MrSecby/CVE-2024-25693-exploit](https://github.com/MrSecby/CVE-2024-25693-exploit)
### CVE-2024-25723 (2024-02-27)
<code>ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched versions: 0.44.4, 0.43.1, and 0.42.2.
@ -1302,6 +1331,7 @@
</code>
- [wutalent/CVE-2024-29269](https://github.com/wutalent/CVE-2024-29269)
- [YongYe-Security/CVE-2024-29269](https://github.com/YongYe-Security/CVE-2024-29269)
### CVE-2024-29272 (2024-03-22)
@ -1338,6 +1368,13 @@
- [ally-petitt/CVE-2024-29399](https://github.com/ally-petitt/CVE-2024-29399)
### CVE-2024-29988 (2024-04-09)
<code>SmartScreen Prompt Security Feature Bypass Vulnerability
</code>
- [mrobsidian1/CVE-2024-29988-MS-Exchange-RCE](https://github.com/mrobsidian1/CVE-2024-29988-MS-Exchange-RCE)
### CVE-2024-30255 (2024-04-04)
<code>Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoy's header map limits. This allows an attacker to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic and culminating in denial of service through CPU exhaustion. Users should upgrade to version 1.29.3, 1.28.2, 1.27.4, or 1.26.8 to mitigate the effects of the CONTINUATION flood. As a workaround, disable HTTP/2 protocol for downstream connections.
@ -1376,7 +1413,7 @@
- [mortal-sec/CVE-2024-31025](https://github.com/mortal-sec/CVE-2024-31025)
### CVE-2024-31777
- [FreySolarEye/CVE-2024-31777](https://github.com/FreySolarEye/CVE-2024-31777)
- [FreySolarEye/Exploit-CVE-2024-31777](https://github.com/FreySolarEye/Exploit-CVE-2024-31777)
### CVE-2024-31819 (2024-04-10)
@ -7503,6 +7540,13 @@
- [afine-com/CVE-2023-45185](https://github.com/afine-com/CVE-2023-45185)
### CVE-2023-45288 (2024-04-04)
<code>An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
</code>
- [hex0punk/cont-flood-poc](https://github.com/hex0punk/cont-flood-poc)
### CVE-2023-45471 (2023-10-20)
<code>The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute whenever a user accesses the search page.
@ -11618,6 +11662,13 @@
- [h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318](https://github.com/h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318)
- [BabyTeam1024/CVE-2022-26318](https://github.com/BabyTeam1024/CVE-2022-26318)
### CVE-2022-26377 (2022-06-08)
<code>Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.
</code>
- [watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc](https://github.com/watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc)
### CVE-2022-26485 (2022-12-22)
<code>Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox &lt; 97.0.2, Firefox ESR &lt; 91.6.1, Firefox for Android &lt; 97.3.0, Thunderbird &lt; 91.6.2, and Focus &lt; 97.3.0.