mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-29 02:54:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/04/08 18:08:01

Browse source
This commit is contained in:
motikan2010-bot 2020-04-08 18:08:01 +09:00
parent 636c6d57e9
commit 87b6c8bef4
35 changed files with 778 additions and 137 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2014/CVE-2014-4210.json
View file

@ -36,13 +36,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-04-08T01:06:22Z",
"updated_at": "2020-04-08T09:01:20Z",
"pushed_at": "2020-03-27T09:16:40Z",
"stargazers_count": 338,
"watchers_count": 338,
"stargazers_count": 346,
"watchers_count": 346,
"forks_count": 71,
"forks": 71,
"watchers": 338,
"watchers": 346,
"score": 0
}
]

8
2015/CVE-2015-1701.json
View file

@ -13,13 +13,13 @@
"description": "Win32k LPE vulnerability used in APT attack",
"fork": false,
"created_at": "2015-05-12T18:04:48Z",
"updated_at": "2020-03-15T13:54:27Z",
"updated_at": "2020-04-08T06:36:15Z",
"pushed_at": "2017-12-18T14:11:29Z",
"stargazers_count": 261,
"watchers_count": 261,
"stargazers_count": 262,
"watchers_count": 262,
"forks_count": 177,
"forks": 177,
"watchers": 261,
"watchers": 262,
"score": 0
}
]

4
2015/CVE-2015-8562.json
View file

@ -109,8 +109,8 @@
"pushed_at": "2017-01-08T13:06:13Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 3,
"forks": 3,
"forks_count": 4,
"forks": 4,
"watchers": 4,
"score": 0
},

8
2016/CVE-2016-0638.json
View file

@ -13,13 +13,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-04-08T01:06:22Z",
"updated_at": "2020-04-08T09:01:20Z",
"pushed_at": "2020-03-27T09:16:40Z",
"stargazers_count": 338,
"watchers_count": 338,
"stargazers_count": 346,
"watchers_count": 346,
"forks_count": 71,
"forks": 71,
"watchers": 338,
"watchers": 346,
"score": 0
}
]

8
2017/CVE-2017-0785.json
View file

@ -13,13 +13,13 @@
"description": "Blueborne CVE-2017-0785 Android information leak vulnerability",
"fork": false,
"created_at": "2017-09-20T23:32:29Z",
"updated_at": "2020-03-25T16:47:31Z",
"updated_at": "2020-04-08T08:14:44Z",
"pushed_at": "2017-09-23T05:11:45Z",
"stargazers_count": 414,
"watchers_count": 414,
"stargazers_count": 413,
"watchers_count": 413,
"forks_count": 187,
"forks": 187,
"watchers": 414,
"watchers": 413,
"score": 0
},
{

8
2017/CVE-2017-3248.json
View file

@ -36,13 +36,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-04-08T01:06:22Z",
"updated_at": "2020-04-08T09:01:20Z",
"pushed_at": "2020-03-27T09:16:40Z",
"stargazers_count": 338,
"watchers_count": 338,
"stargazers_count": 346,
"watchers_count": 346,
"forks_count": 71,
"forks": 71,
"watchers": 338,
"watchers": 346,
"score": 0
}
]

8
2018/CVE-2018-11776.json
View file

@ -105,13 +105,13 @@
"description": " An exploit for Apache Struts CVE-2018-11776",
"fork": false,
"created_at": "2018-08-25T01:53:30Z",
"updated_at": "2020-04-06T11:33:37Z",
"updated_at": "2020-04-08T03:27:08Z",
"pushed_at": "2018-08-26T02:31:39Z",
"stargazers_count": 286,
"watchers_count": 286,
"stargazers_count": 287,
"watchers_count": 287,
"forks_count": 101,
"forks": 101,
"watchers": 286,
"watchers": 287,
"score": 0
},
{

8
2018/CVE-2018-2628.json
View file

@ -450,13 +450,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-04-08T01:06:22Z",
"updated_at": "2020-04-08T09:01:20Z",
"pushed_at": "2020-03-27T09:16:40Z",
"stargazers_count": 338,
"watchers_count": 338,
"stargazers_count": 346,
"watchers_count": 346,
"forks_count": 71,
"forks": 71,
"watchers": 338,
"watchers": 346,
"score": 0
}
]

8
2018/CVE-2018-3252.json
View file

@ -59,13 +59,13 @@
"description": "CVE-2018-3252-PoC",
"fork": false,
"created_at": "2018-12-06T13:48:53Z",
"updated_at": "2020-03-21T15:41:07Z",
"updated_at": "2020-04-08T08:54:29Z",
"pushed_at": "2018-12-07T04:31:50Z",
"stargazers_count": 68,
"watchers_count": 68,
"stargazers_count": 69,
"watchers_count": 69,
"forks_count": 22,
"forks": 22,
"watchers": 68,
"watchers": 69,
"score": 0
}
]

8
2018/CVE-2018-5955.json
View file

@ -36,13 +36,13 @@
"description": "一款功能强大的漏洞扫描器子域名爆破使用aioDNSasyncio异步快速扫描覆盖目标全方位资产进行批量漏洞扫描中间件信息收集自动收集ip代理探测Waf信息时自动使用来保护本机真实Ip在本机Ip被Waf杀死后自动切换代理Ip进行扫描Waf信息收集(国内外100+款waf信息)包括安全狗云锁阿里云云盾腾讯云等提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能",
"fork": false,
"created_at": "2019-12-21T22:45:55Z",
"updated_at": "2020-04-07T14:29:28Z",
"updated_at": "2020-04-08T05:24:32Z",
"pushed_at": "2020-01-05T21:46:25Z",
"stargazers_count": 223,
"watchers_count": 223,
"stargazers_count": 224,
"watchers_count": 224,
"forks_count": 41,
"forks": 41,
"watchers": 223,
"watchers": 224,
"score": 0
}
]

8
2019/CVE-2019-0708.json
View file

@ -2037,13 +2037,13 @@
"description": "rce exploit , made to work with pocsuite3",
"fork": false,
"created_at": "2019-08-17T17:23:53Z",
"updated_at": "2020-04-07T23:59:53Z",
"updated_at": "2020-04-08T07:10:24Z",
"pushed_at": "2019-08-19T02:52:11Z",
"stargazers_count": 104,
"watchers_count": 104,
"stargazers_count": 105,
"watchers_count": 105,
"forks_count": 52,
"forks": 52,
"watchers": 104,
"watchers": 105,
"score": 0
},
{

23
2019/CVE-2019-1003000.json
View file

@ -45,6 +45,29 @@
"watchers": 249,
"score": 0
},
{
"id": 172198653,
"name": "CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins",
"full_name": "0xtavian\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins",
"owner": {
"login": "0xtavian",
"id": 21030907,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/21030907?v=4",
"html_url": "https:\/\/github.com\/0xtavian"
},
"html_url": "https:\/\/github.com\/0xtavian\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins",
"description": "Python CVE-2019-1003000 and CVE-2018-1999002 Pre-Auth RCE Jenkins ",
"fork": false,
"created_at": "2019-02-23T10:00:03Z",
"updated_at": "2020-04-06T10:44:19Z",
"pushed_at": "2019-02-23T10:01:26Z",
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 4,
"forks": 4,
"watchers": 6,
"score": 0
},
{
"id": 183322760,
"name": "CVE-2019-1003000_RCE-DETECTION",

8
2019/CVE-2019-1064.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2019-1064 Local Privilege Escalation Vulnerability",
"fork": false,
"created_at": "2019-06-12T10:21:35Z",
"updated_at": "2020-04-01T15:58:32Z",
"updated_at": "2020-04-08T07:47:33Z",
"pushed_at": "2019-06-13T09:55:07Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"forks_count": 6,
"forks": 6,
"watchers": 8,
"watchers": 9,
"score": 0
},
{

8
2019/CVE-2019-10758.json
View file

@ -36,13 +36,13 @@
"description": "CVE-2019-10758",
"fork": false,
"created_at": "2020-01-05T14:05:56Z",
"updated_at": "2020-03-23T10:49:43Z",
"updated_at": "2020-04-08T09:00:56Z",
"pushed_at": "2020-01-05T14:21:15Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 0,
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0
}
]

8
2019/CVE-2019-12586.json
View file

@ -13,13 +13,13 @@
"description": "Proof of Concept of ESP32\/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)",
"fork": false,
"created_at": "2019-09-03T15:08:49Z",
"updated_at": "2020-04-06T19:56:10Z",
"updated_at": "2020-04-08T05:23:27Z",
"pushed_at": "2019-09-08T06:09:11Z",
"stargazers_count": 658,
"watchers_count": 658,
"stargazers_count": 659,
"watchers_count": 659,
"forks_count": 54,
"forks": 54,
"watchers": 658,
"watchers": 659,
"score": 0
}
]

8
2019/CVE-2019-1458.json
View file

@ -36,13 +36,13 @@
"description": "CVE-2019-1458 Windows LPE Exploit",
"fork": false,
"created_at": "2020-03-11T08:30:14Z",
"updated_at": "2020-04-08T02:38:25Z",
"updated_at": "2020-04-08T04:51:02Z",
"pushed_at": "2020-03-11T09:59:01Z",
"stargazers_count": 59,
"watchers_count": 59,
"stargazers_count": 60,
"watchers_count": 60,
"forks_count": 15,
"forks": 15,
"watchers": 59,
"watchers": 60,
"score": 0
}
]

8
2019/CVE-2019-15126.json
View file

@ -2,14 +2,14 @@
{
"id": 246015101,
"name": "kr00k",
"full_name": "BennyTW\/kr00k",
"full_name": "0x13enny\/kr00k",
"owner": {
"login": "BennyTW",
"login": "0x13enny",
"id": 43164540,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/43164540?v=4",
"html_url": "https:\/\/github.com\/BennyTW"
"html_url": "https:\/\/github.com\/0x13enny"
},
"html_url": "https:\/\/github.com\/BennyTW\/kr00k",
"html_url": "https:\/\/github.com\/0x13enny\/kr00k",
"description": "PoC of CVE-2019-15126 kr00k vulnerability",
"fork": false,
"created_at": "2020-03-09T11:15:08Z",

23
2019/CVE-2019-1653.json
View file

@ -1,4 +1,27 @@
[
{
"id": 168361115,
"name": "CVE-2019-1653",
"full_name": "dubfr33\/CVE-2019-1653",
"owner": {
"login": "dubfr33",
"id": 20056018,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/20056018?v=4",
"html_url": "https:\/\/github.com\/dubfr33"
},
"html_url": "https:\/\/github.com\/dubfr33\/CVE-2019-1653",
"description": "NSE script to scan for Cisco routers vulnerable to CVE-2019-1653",
"fork": false,
"created_at": "2019-01-30T14:58:48Z",
"updated_at": "2019-01-30T15:01:42Z",
"pushed_at": "2019-01-30T15:01:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
},
{
"id": 178810790,
"name": "CiscoSpill",

28
2019/CVE-2019-2618.json
View file

@ -82,13 +82,13 @@
"description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618CVE-2019-2729检测Python3支持",
"fork": false,
"created_at": "2019-06-21T09:22:43Z",
"updated_at": "2020-04-07T15:00:05Z",
"updated_at": "2020-04-08T05:57:03Z",
"pushed_at": "2019-06-24T06:06:48Z",
"stargazers_count": 511,
"watchers_count": 511,
"stargazers_count": 512,
"watchers_count": 512,
"forks_count": 114,
"forks": 114,
"watchers": 511,
"watchers": 512,
"score": 0
},
{
@ -151,13 +151,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-04-08T01:06:22Z",
"updated_at": "2020-04-08T09:01:20Z",
"pushed_at": "2020-03-27T09:16:40Z",
"stargazers_count": 338,
"watchers_count": 338,
"stargazers_count": 346,
"watchers_count": 346,
"forks_count": 71,
"forks": 71,
"watchers": 338,
"watchers": 346,
"score": 0
},
{
@ -171,16 +171,16 @@
"html_url": "https:\/\/github.com\/zhzyker"
},
"html_url": "https:\/\/github.com\/zhzyker\/exphub",
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本均为亲测可用的脚本文件优先更新高危且易利用的漏洞利用脚本最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618",
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本均为亲测可用的脚本文件优先更新高危且易利用的漏洞利用脚本最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-04-08T01:21:09Z",
"pushed_at": "2020-04-08T01:01:10Z",
"stargazers_count": 43,
"watchers_count": 43,
"updated_at": "2020-04-08T08:48:44Z",
"pushed_at": "2020-04-08T08:19:12Z",
"stargazers_count": 47,
"watchers_count": 47,
"forks_count": 8,
"forks": 8,
"watchers": 43,
"watchers": 47,
"score": 0
}
]

4
2019/CVE-2019-3396.json
View file

@ -109,8 +109,8 @@
"pushed_at": "2019-11-01T14:33:21Z",
"stargazers_count": 98,
"watchers_count": 98,
"forks_count": 47,
"forks": 47,
"forks_count": 48,
"forks": 48,
"watchers": 98,
"score": 0
},

230
2019/CVE-2019-5736.json
View file

@ -1,4 +1,188 @@
[
{
"id": 170398859,
"name": "cve-2019-5736-poc",
"full_name": "q3k\/cve-2019-5736-poc",
"owner": {
"login": "q3k",
"id": 315234,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/315234?v=4",
"html_url": "https:\/\/github.com\/q3k"
},
"html_url": "https:\/\/github.com\/q3k\/cve-2019-5736-poc",
"description": "Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)",
"fork": false,
"created_at": "2019-02-12T22:07:47Z",
"updated_at": "2020-04-06T10:46:09Z",
"pushed_at": "2019-02-20T15:35:34Z",
"stargazers_count": 179,
"watchers_count": 179,
"forks_count": 61,
"forks": 61,
"watchers": 179,
"score": 0
},
{
"id": 170445833,
"name": "CVE-2019-5736-PoC",
"full_name": "Frichetten\/CVE-2019-5736-PoC",
"owner": {
"login": "Frichetten",
"id": 10386884,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10386884?v=4",
"html_url": "https:\/\/github.com\/Frichetten"
},
"html_url": "https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC",
"description": "PoC for CVE-2019-5736",
"fork": false,
"created_at": "2019-02-13T05:26:32Z",
"updated_at": "2020-04-06T10:44:28Z",
"pushed_at": "2019-02-19T11:45:13Z",
"stargazers_count": 382,
"watchers_count": 382,
"forks_count": 93,
"forks": 93,
"watchers": 382,
"score": 0
},
{
"id": 170613828,
"name": "CVE-2019-5736",
"full_name": "jas502n\/CVE-2019-5736",
"owner": {
"login": "jas502n",
"id": 16593068,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
"html_url": "https:\/\/github.com\/jas502n"
},
"html_url": "https:\/\/github.com\/jas502n\/CVE-2019-5736",
"description": "runc容器逃逸漏洞预警",
"fork": false,
"created_at": "2019-02-14T02:30:12Z",
"updated_at": "2020-02-03T01:45:33Z",
"pushed_at": "2019-02-14T02:40:55Z",
"stargazers_count": 14,
"watchers_count": 14,
"forks_count": 4,
"forks": 4,
"watchers": 14,
"score": 0
},
{
"id": 170656576,
"name": "CVE-2019-5736",
"full_name": "denmilu\/CVE-2019-5736",
"owner": {
"login": "denmilu",
"id": 2469038,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4",
"html_url": "https:\/\/github.com\/denmilu"
},
"html_url": "https:\/\/github.com\/denmilu\/CVE-2019-5736",
"description": null,
"fork": false,
"created_at": "2019-02-14T08:37:25Z",
"updated_at": "2019-02-14T08:37:36Z",
"pushed_at": "2019-02-14T08:37:34Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 170656601,
"name": "cve-2019-5736-poc",
"full_name": "denmilu\/cve-2019-5736-poc",
"owner": {
"login": "denmilu",
"id": 2469038,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4",
"html_url": "https:\/\/github.com\/denmilu"
},
"html_url": "https:\/\/github.com\/denmilu\/cve-2019-5736-poc",
"description": null,
"fork": false,
"created_at": "2019-02-14T08:37:39Z",
"updated_at": "2019-02-14T08:37:49Z",
"pushed_at": "2019-02-14T08:37:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 170836971,
"name": "cve-2019-5736-poc",
"full_name": "agppp\/cve-2019-5736-poc",
"owner": {
"login": "agppp",
"id": 10527860,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10527860?v=4",
"html_url": "https:\/\/github.com\/agppp"
},
"html_url": "https:\/\/github.com\/agppp\/cve-2019-5736-poc",
"description": "getshell test",
"fork": false,
"created_at": "2019-02-15T09:22:27Z",
"updated_at": "2019-02-15T09:49:47Z",
"pushed_at": "2019-02-15T09:49:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
},
{
"id": 171378829,
"name": "cve-2019-5736",
"full_name": "Matthew-Stacks\/cve-2019-5736",
"owner": {
"login": "Matthew-Stacks",
"id": 36444487,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/36444487?v=4",
"html_url": "https:\/\/github.com\/Matthew-Stacks"
},
"html_url": "https:\/\/github.com\/Matthew-Stacks\/cve-2019-5736",
"description": null,
"fork": false,
"created_at": "2019-02-19T00:48:35Z",
"updated_at": "2020-01-24T04:09:35Z",
"pushed_at": "2019-02-24T21:35:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
},
{
"id": 171499608,
"name": "poc-cve-2019-5736",
"full_name": "ebdecastro\/poc-cve-2019-5736",
"owner": {
"login": "ebdecastro",
"id": 46558799,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46558799?v=4",
"html_url": "https:\/\/github.com\/ebdecastro"
},
"html_url": "https:\/\/github.com\/ebdecastro\/poc-cve-2019-5736",
"description": null,
"fork": false,
"created_at": "2019-02-19T15:34:18Z",
"updated_at": "2019-06-04T10:53:26Z",
"pushed_at": "2019-02-19T15:37:34Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
},
{
"id": 171668415,
"name": "RunC-CVE-2019-5736",
@ -22,6 +206,52 @@
"watchers": 42,
"score": 0
},
{
"id": 172158413,
"name": "CVE-2019-5736-PoC",
"full_name": "k-onishi\/CVE-2019-5736-PoC",
"owner": {
"login": "k-onishi",
"id": 41312202,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41312202?v=4",
"html_url": "https:\/\/github.com\/k-onishi"
},
"html_url": "https:\/\/github.com\/k-onishi\/CVE-2019-5736-PoC",
"description": null,
"fork": false,
"created_at": "2019-02-23T01:45:26Z",
"updated_at": "2019-09-25T11:24:16Z",
"pushed_at": "2019-02-23T13:20:19Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"forks": 1,
"watchers": 2,
"score": 0
},
{
"id": 172198595,
"name": "CVE-2019-5736-PoC-0",
"full_name": "k-onishi\/CVE-2019-5736-PoC-0",
"owner": {
"login": "k-onishi",
"id": 41312202,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41312202?v=4",
"html_url": "https:\/\/github.com\/k-onishi"
},
"html_url": "https:\/\/github.com\/k-onishi\/CVE-2019-5736-PoC-0",
"description": null,
"fork": false,
"created_at": "2019-02-23T09:59:21Z",
"updated_at": "2019-02-23T09:59:53Z",
"pushed_at": "2019-02-23T09:59:51Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 174545720,
"name": "CVE-2019-5736-PoC",

46
2019/CVE-2019-6225.json
View file

@ -1,4 +1,27 @@
[
{
"id": 168440280,
"name": "OsirisJailbreak12",
"full_name": "fatgrass\/OsirisJailbreak12",
"owner": {
"login": "fatgrass",
"id": 19977419,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19977419?v=4",
"html_url": "https:\/\/github.com\/fatgrass"
},
"html_url": "https:\/\/github.com\/fatgrass\/OsirisJailbreak12",
"description": "iOS 12.0 -> 12.1.2 Incomplete Osiris Jailbreak with CVE-2019-6225 by GeoSn0w (FCE365)",
"fork": false,
"created_at": "2019-01-31T01:03:43Z",
"updated_at": "2019-12-20T00:46:43Z",
"pushed_at": "2019-01-31T00:53:03Z",
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 74,
"forks": 74,
"watchers": 8,
"score": 0
},
{
"id": 194542840,
"name": "CVE-2019-6225-macOS",
@ -21,5 +44,28 @@
"forks": 2,
"watchers": 2,
"score": 0
},
{
"id": 201224192,
"name": "jailbreak-iOS12",
"full_name": "raystyle\/jailbreak-iOS12",
"owner": {
"login": "raystyle",
"id": 3284570,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3284570?v=4",
"html_url": "https:\/\/github.com\/raystyle"
},
"html_url": "https:\/\/github.com\/raystyle\/jailbreak-iOS12",
"description": "OS 12.0 & 12.1.2 - Jailbreak with CVE-2019-6225",
"fork": false,
"created_at": "2019-08-08T09:22:57Z",
"updated_at": "2019-09-28T04:38:14Z",
"pushed_at": "2019-02-27T12:57:21Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

115
2019/CVE-2019-6340.json
View file

@ -1,4 +1,119 @@
[
{
"id": 172094613,
"name": "Drupal-SA-CORE-2019-003",
"full_name": "g0rx\/Drupal-SA-CORE-2019-003",
"owner": {
"login": "g0rx",
"id": 10961397,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10961397?v=4",
"html_url": "https:\/\/github.com\/g0rx"
},
"html_url": "https:\/\/github.com\/g0rx\/Drupal-SA-CORE-2019-003",
"description": "CVE-2019-6340-Drupal SA-CORE-2019-003",
"fork": false,
"created_at": "2019-02-22T16:03:40Z",
"updated_at": "2020-04-02T13:09:17Z",
"pushed_at": "2019-02-24T18:43:05Z",
"stargazers_count": 29,
"watchers_count": 29,
"forks_count": 9,
"forks": 9,
"watchers": 29,
"score": 0
},
{
"id": 172217636,
"name": "CVE-2019-6340",
"full_name": "knqyf263\/CVE-2019-6340",
"owner": {
"login": "knqyf263",
"id": 2253692,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4",
"html_url": "https:\/\/github.com\/knqyf263"
},
"html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-6340",
"description": "Environment for CVE-2019-6340 (Drupal)",
"fork": false,
"created_at": "2019-02-23T13:28:58Z",
"updated_at": "2020-04-02T13:09:08Z",
"pushed_at": "2019-02-23T17:34:19Z",
"stargazers_count": 41,
"watchers_count": 41,
"forks_count": 10,
"forks": 10,
"watchers": 41,
"score": 0
},
{
"id": 172429144,
"name": "CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass",
"full_name": "DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass",
"owner": {
"login": "DevDungeon",
"id": 16630634,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16630634?v=4",
"html_url": "https:\/\/github.com\/DevDungeon"
},
"html_url": "https:\/\/github.com\/DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass",
"description": "CVE-2019-6340 Drupal 8.6.9 REST Auth Bypass examples",
"fork": false,
"created_at": "2019-02-25T03:38:47Z",
"updated_at": "2020-04-02T11:50:48Z",
"pushed_at": "2019-02-25T03:47:37Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 6,
"forks": 6,
"watchers": 3,
"score": 0
},
{
"id": 172458734,
"name": "CVE-2019-6340",
"full_name": "oways\/CVE-2019-6340",
"owner": {
"login": "oways",
"id": 11142952,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11142952?v=4",
"html_url": "https:\/\/github.com\/oways"
},
"html_url": "https:\/\/github.com\/oways\/CVE-2019-6340",
"description": "CVE-2019-6340 POC Drupal rce",
"fork": false,
"created_at": "2019-02-25T07:47:16Z",
"updated_at": "2020-04-02T11:50:43Z",
"pushed_at": "2019-02-25T08:57:14Z",
"stargazers_count": 12,
"watchers_count": 12,
"forks_count": 4,
"forks": 4,
"watchers": 12,
"score": 0
},
{
"id": 172766416,
"name": "cve-2019-6340",
"full_name": "cved-sources\/cve-2019-6340",
"owner": {
"login": "cved-sources",
"id": 46423677,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4",
"html_url": "https:\/\/github.com\/cved-sources"
},
"html_url": "https:\/\/github.com\/cved-sources\/cve-2019-6340",
"description": "cve-2019-6340",
"fork": false,
"created_at": "2019-02-26T18:26:50Z",
"updated_at": "2020-04-02T13:08:58Z",
"pushed_at": "2019-02-26T18:38:59Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 1,
"forks": 1,
"watchers": 1,
"score": 0
},
{
"id": 175109773,
"name": "cve-2019-6340-bits",

23
2019/CVE-2019-6453.json
View file

@ -1,4 +1,27 @@
[
{
"id": 171244957,
"name": "cve-2019-6453-poc",
"full_name": "proofofcalc\/cve-2019-6453-poc",
"owner": {
"login": "proofofcalc",
"id": 47607270,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/47607270?v=4",
"html_url": "https:\/\/github.com\/proofofcalc"
},
"html_url": "https:\/\/github.com\/proofofcalc\/cve-2019-6453-poc",
"description": "Proof of calc for CVE-2019-6453",
"fork": false,
"created_at": "2019-02-18T08:35:03Z",
"updated_at": "2020-03-30T04:21:08Z",
"pushed_at": "2019-02-18T13:10:38Z",
"stargazers_count": 50,
"watchers_count": 50,
"forks_count": 13,
"forks": 13,
"watchers": 50,
"score": 0
},
{
"id": 197653851,
"name": "mIRC-CVE-2019-6453",

23
2019/CVE-2019-7238.json
View file

@ -1,4 +1,27 @@
[
{
"id": 172401532,
"name": "CVE-2019-7238",
"full_name": "mpgn\/CVE-2019-7238",
"owner": {
"login": "mpgn",
"id": 5891788,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4",
"html_url": "https:\/\/github.com\/mpgn"
},
"html_url": "https:\/\/github.com\/mpgn\/CVE-2019-7238",
"description": "🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻",
"fork": false,
"created_at": "2019-02-24T23:09:43Z",
"updated_at": "2020-04-05T17:20:42Z",
"pushed_at": "2019-02-25T07:37:07Z",
"stargazers_count": 119,
"watchers_count": 119,
"forks_count": 36,
"forks": 36,
"watchers": 119,
"score": 0
},
{
"id": 187840869,
"name": "CVE-2019-7238",

23
2019/CVE-2019-7304.json
View file

@ -21,5 +21,28 @@
"forks": 104,
"watchers": 507,
"score": 0
},
{
"id": 170741210,
"name": "CVE-2019-7304_DirtySock",
"full_name": "SecuritySi\/CVE-2019-7304_DirtySock",
"owner": {
"login": "SecuritySi",
"id": 7517443,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7517443?v=4",
"html_url": "https:\/\/github.com\/SecuritySi"
},
"html_url": "https:\/\/github.com\/SecuritySi\/CVE-2019-7304_DirtySock",
"description": "Payload Generator",
"fork": false,
"created_at": "2019-02-14T18:48:56Z",
"updated_at": "2019-03-05T06:03:09Z",
"pushed_at": "2019-02-14T18:49:32Z",
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 2,
"forks": 2,
"watchers": 5,
"score": 0
}
]

4
2020/CVE-2020-0041.json
View file

@ -13,8 +13,8 @@
"description": "Exploits for Android Binder bug CVE-2020-0041",
"fork": false,
"created_at": "2020-03-31T17:53:57Z",
"updated_at": "2020-04-07T16:33:52Z",
"pushed_at": "2020-04-01T05:57:35Z",
"updated_at": "2020-04-08T08:55:32Z",
"pushed_at": "2020-04-08T08:55:30Z",
"stargazers_count": 62,
"watchers_count": 62,
"forks_count": 6,

8
2020/CVE-2020-0069.json
View file

@ -13,13 +13,13 @@
"description": "Automated Root Script for MTK ARM64 based chipsets based on diplomatic's CVE-2020-0069 (mtk-su) exploit.",
"fork": false,
"created_at": "2019-09-06T12:12:48Z",
"updated_at": "2020-04-05T11:28:28Z",
"updated_at": "2020-04-08T09:02:49Z",
"pushed_at": "2020-03-24T22:05:36Z",
"stargazers_count": 20,
"watchers_count": 20,
"stargazers_count": 21,
"watchers_count": 21,
"forks_count": 6,
"forks": 6,
"watchers": 20,
"watchers": 21,
"score": 0
},
{

8
2020/CVE-2020-0688.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2020-02-27T03:50:07Z",
"stargazers_count": 25,
"watchers_count": 25,
"forks_count": 13,
"forks": 13,
"forks_count": 14,
"forks": 14,
"watchers": 25,
"score": 0
},
@ -86,8 +86,8 @@
"pushed_at": "2020-02-27T15:57:53Z",
"stargazers_count": 103,
"watchers_count": 103,
"forks_count": 39,
"forks": 39,
"forks_count": 40,
"forks": 40,
"watchers": 103,
"score": 0
},

44
2020/CVE-2020-0796.json
View file

@ -979,13 +979,13 @@
"description": "CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost",
"fork": false,
"created_at": "2020-03-30T11:42:56Z",
"updated_at": "2020-04-08T02:37:50Z",
"updated_at": "2020-04-08T03:31:15Z",
"pushed_at": "2020-04-03T13:31:54Z",
"stargazers_count": 781,
"watchers_count": 781,
"stargazers_count": 782,
"watchers_count": 782,
"forks_count": 211,
"forks": 211,
"watchers": 781,
"watchers": 782,
"score": 0
},
{
@ -1002,13 +1002,13 @@
"description": "CVE-2020-0796 Local Privilege Escalation POC",
"fork": false,
"created_at": "2020-03-30T16:06:50Z",
"updated_at": "2020-04-07T00:54:34Z",
"updated_at": "2020-04-08T08:52:43Z",
"pushed_at": "2020-04-02T08:01:38Z",
"stargazers_count": 120,
"watchers_count": 120,
"stargazers_count": 123,
"watchers_count": 123,
"forks_count": 37,
"forks": 37,
"watchers": 120,
"watchers": 123,
"score": 0
},
{
@ -1048,13 +1048,13 @@
"description": "Windows SMBv3 LPE exploit 已编译版",
"fork": false,
"created_at": "2020-03-31T11:25:50Z",
"updated_at": "2020-03-31T11:34:04Z",
"updated_at": "2020-04-08T03:38:26Z",
"pushed_at": "2020-03-31T11:34:02Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0
},
{
@ -1163,13 +1163,13 @@
"description": "Cobalt Strike AggressorScripts CVE-2020-0796",
"fork": false,
"created_at": "2020-04-06T15:16:10Z",
"updated_at": "2020-04-08T02:51:43Z",
"updated_at": "2020-04-08T06:57:57Z",
"pushed_at": "2020-04-06T15:22:01Z",
"stargazers_count": 23,
"watchers_count": 23,
"forks_count": 2,
"forks": 2,
"watchers": 23,
"stargazers_count": 27,
"watchers_count": 27,
"forks_count": 3,
"forks": 3,
"watchers": 27,
"score": 0
},
{
@ -1209,13 +1209,13 @@
"description": "CVE-2020-0796 (SMBGhost) LPE",
"fork": false,
"created_at": "2020-04-07T22:35:57Z",
"updated_at": "2020-04-08T01:21:32Z",
"updated_at": "2020-04-08T07:48:47Z",
"pushed_at": "2020-04-08T01:21:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"watchers": 2,
"score": 0
},
{

31
2020/CVE-2020-10199.json
View file

@ -36,13 +36,36 @@
"description": null,
"fork": false,
"created_at": "2020-04-07T13:23:12Z",
"updated_at": "2020-04-08T02:12:19Z",
"updated_at": "2020-04-08T05:38:35Z",
"pushed_at": "2020-04-07T13:56:17Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 0,
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0
},
{
"id": 254017759,
"name": "CVE-2020-10199",
"full_name": "jas502n\/CVE-2020-10199",
"owner": {
"login": "jas502n",
"id": 16593068,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
"html_url": "https:\/\/github.com\/jas502n"
},
"html_url": "https:\/\/github.com\/jas502n\/CVE-2020-10199",
"description": "CVE-2020-10199、CVE-2020-10204、CVE-2020-11444",
"fork": false,
"created_at": "2020-04-08T07:36:30Z",
"updated_at": "2020-04-08T08:48:22Z",
"pushed_at": "2020-04-08T07:52:20Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"forks": 1,
"watchers": 2,
"score": 0
}
]

20
2020/CVE-2020-1938.json
View file

@ -312,13 +312,13 @@
"description": "Ghostcat read file\/code execute,CNVD-2020-10487(CVE-2020-1938) ",
"fork": false,
"created_at": "2020-02-22T16:16:20Z",
"updated_at": "2020-04-06T22:18:36Z",
"updated_at": "2020-04-08T04:04:43Z",
"pushed_at": "2020-03-09T14:51:43Z",
"stargazers_count": 78,
"watchers_count": 78,
"stargazers_count": 79,
"watchers_count": 79,
"forks_count": 29,
"forks": 29,
"watchers": 78,
"watchers": 79,
"score": 0
},
{
@ -447,16 +447,16 @@
"html_url": "https:\/\/github.com\/zhzyker"
},
"html_url": "https:\/\/github.com\/zhzyker\/exphub",
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本均为亲测可用的脚本文件优先更新高危且易利用的漏洞利用脚本最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618",
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本均为亲测可用的脚本文件优先更新高危且易利用的漏洞利用脚本最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-04-08T01:21:09Z",
"pushed_at": "2020-04-08T01:01:10Z",
"stargazers_count": 43,
"watchers_count": 43,
"updated_at": "2020-04-08T08:48:44Z",
"pushed_at": "2020-04-08T08:19:12Z",
"stargazers_count": 47,
"watchers_count": 47,
"forks_count": 8,
"forks": 8,
"watchers": 43,
"watchers": 47,
"score": 0
}
]

16
2020/CVE-2020-2551.json
View file

@ -13,13 +13,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-04-08T01:06:22Z",
"updated_at": "2020-04-08T09:01:20Z",
"pushed_at": "2020-03-27T09:16:40Z",
"stargazers_count": 338,
"watchers_count": 338,
"stargazers_count": 346,
"watchers_count": 346,
"forks_count": 71,
"forks": 71,
"watchers": 338,
"watchers": 346,
"score": 0
},
{
@ -59,13 +59,13 @@
"description": "CVE-2020-2551 poc exploit python Weblogic RCE with IIOP, power by 【劦久信安】 online check:",
"fork": false,
"created_at": "2020-01-19T13:01:32Z",
"updated_at": "2020-04-07T02:57:48Z",
"updated_at": "2020-04-08T05:37:28Z",
"pushed_at": "2020-04-07T02:57:46Z",
"stargazers_count": 90,
"watchers_count": 90,
"stargazers_count": 91,
"watchers_count": 91,
"forks_count": 26,
"forks": 26,
"watchers": 90,
"watchers": 91,
"score": 0
},
{

8
2020/CVE-2020-2555.json
View file

@ -82,13 +82,13 @@
"description": "Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE",
"fork": false,
"created_at": "2020-03-07T18:58:09Z",
"updated_at": "2020-04-08T01:56:07Z",
"updated_at": "2020-04-08T05:07:17Z",
"pushed_at": "2020-03-09T05:25:05Z",
"stargazers_count": 87,
"watchers_count": 87,
"stargazers_count": 88,
"watchers_count": 88,
"forks_count": 27,
"forks": 27,
"watchers": 87,
"watchers": 88,
"score": 0
},
{

114
README.md
View file

@ -240,6 +240,7 @@ Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
- [fairyming/CVE-2020-10199](https://github.com/fairyming/CVE-2020-10199)
- [wsfengfan/CVE-2020-10199-10204](https://github.com/wsfengfan/CVE-2020-10199-10204)
- [jas502n/CVE-2020-10199](https://github.com/jas502n/CVE-2020-10199)
### CVE-2020-10238
@ -1015,6 +1016,7 @@ A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier
- [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development)
- [adamyordan/cve-2019-1003000-jenkins-rce-poc](https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc)
- [0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins](https://github.com/0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins)
- [1NTheKut/CVE-2019-1003000_RCE-DETECTION](https://github.com/1NTheKut/CVE-2019-1003000_RCE-DETECTION)
### CVE-2019-10086
@ -2154,7 +2156,7 @@ The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode.
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.
</code>
- [BennyTW/kr00k](https://github.com/BennyTW/kr00k)
- [0x13enny/kr00k](https://github.com/0x13enny/kr00k)
- [hexway/r00kie-kr00kie](https://github.com/hexway/r00kie-kr00kie)
- [akabe1/kr00ker](https://github.com/akabe1/kr00ker)
- [mustafasevim/kr00k-vulnerability](https://github.com/mustafasevim/kr00k-vulnerability)
@ -2293,12 +2295,21 @@ Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 1
- [TheCyberGeek/CVE-2019-16405.rb](https://github.com/TheCyberGeek/CVE-2019-16405.rb)
### CVE-2019-1652
<code>
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability.
</code>
- [0x27/CiscoRV320Dump](https://github.com/0x27/CiscoRV320Dump)
### CVE-2019-1653
<code>
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.
</code>
- [dubfr33/CVE-2019-1653](https://github.com/dubfr33/CVE-2019-1653)
- [shaheemirza/CiscoSpill](https://github.com/shaheemirza/CiscoSpill)
### CVE-2019-16662
@ -2811,6 +2822,14 @@ Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account tak
- [andripwn/django_cve201919844](https://github.com/andripwn/django_cve201919844)
- [0xsha/CVE_2019_19844](https://github.com/0xsha/CVE_2019_19844)
### CVE-2019-1987
<code>
In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-118143775.
</code>
- [marcinguy/android-7-9-png-bug](https://github.com/marcinguy/android-7-9-png-bug)
### CVE-2019-19871
- [VDISEC/CVE-2019-19871-AuditGuide](https://github.com/VDISEC/CVE-2019-19871-AuditGuide)
@ -3025,6 +3044,15 @@ Confluence Server and Data Center had a path traversal vulnerability in the down
- [superevr/cve-2019-3398](https://github.com/superevr/cve-2019-3398)
### CVE-2019-3462
<code>
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
</code>
- [tonejito/check_CVE-2019-3462](https://github.com/tonejito/check_CVE-2019-3462)
- [atilacastro/update-apt-package](https://github.com/atilacastro/update-apt-package)
### CVE-2019-3663
<code>
@ -3162,7 +3190,17 @@ NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vu
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
</code>
- [q3k/cve-2019-5736-poc](https://github.com/q3k/cve-2019-5736-poc)
- [Frichetten/CVE-2019-5736-PoC](https://github.com/Frichetten/CVE-2019-5736-PoC)
- [jas502n/CVE-2019-5736](https://github.com/jas502n/CVE-2019-5736)
- [denmilu/CVE-2019-5736](https://github.com/denmilu/CVE-2019-5736)
- [denmilu/cve-2019-5736-poc](https://github.com/denmilu/cve-2019-5736-poc)
- [agppp/cve-2019-5736-poc](https://github.com/agppp/cve-2019-5736-poc)
- [Matthew-Stacks/cve-2019-5736](https://github.com/Matthew-Stacks/cve-2019-5736)
- [ebdecastro/poc-cve-2019-5736](https://github.com/ebdecastro/poc-cve-2019-5736)
- [twistlock/RunC-CVE-2019-5736](https://github.com/twistlock/RunC-CVE-2019-5736)
- [k-onishi/CVE-2019-5736-PoC](https://github.com/k-onishi/CVE-2019-5736-PoC)
- [k-onishi/CVE-2019-5736-PoC-0](https://github.com/k-onishi/CVE-2019-5736-PoC-0)
- [zyriuse75/CVE-2019-5736-PoC](https://github.com/zyriuse75/CVE-2019-5736-PoC)
- [stillan00b/CVE-2019-5736](https://github.com/stillan00b/CVE-2019-5736)
- [milloni/cve-2019-5736-exp](https://github.com/milloni/cve-2019-5736-exp)
@ -3189,6 +3227,14 @@ Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed
- [timwr/CVE-2019-5825](https://github.com/timwr/CVE-2019-5825)
### CVE-2019-5893
<code>
Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter.
</code>
- [EmreOvunc/OpenSource-ERP-SQL-Injection](https://github.com/EmreOvunc/OpenSource-ERP-SQL-Injection)
### CVE-2019-6203
- [qingxp9/CVE-2019-6203-PoC](https://github.com/qingxp9/CVE-2019-6203-PoC)
@ -3207,7 +3253,17 @@ An out-of-bounds read issue existed that led to the disclosure of kernel memory.
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges.
</code>
- [fatgrass/OsirisJailbreak12](https://github.com/fatgrass/OsirisJailbreak12)
- [TrungNguyen1909/CVE-2019-6225-macOS](https://github.com/TrungNguyen1909/CVE-2019-6225-macOS)
- [raystyle/jailbreak-iOS12](https://github.com/raystyle/jailbreak-iOS12)
### CVE-2019-6249
<code>
An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&amp;act=edit_info&amp;act_type=add.
</code>
- [NMTech0x90/CVE-2019-6249_Hucart-cms](https://github.com/NMTech0x90/CVE-2019-6249_Hucart-cms)
### CVE-2019-6260
@ -3217,6 +3273,14 @@ The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and
- [amboar/cve-2019-6260](https://github.com/amboar/cve-2019-6260)
### CVE-2019-6263
<code>
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS.
</code>
- [praveensutar/CVE-2019-6263-Joomla-POC](https://github.com/praveensutar/CVE-2019-6263-Joomla-POC)
### CVE-2019-6329
<code>
@ -3231,6 +3295,11 @@ HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege a
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
</code>
- [g0rx/Drupal-SA-CORE-2019-003](https://github.com/g0rx/Drupal-SA-CORE-2019-003)
- [knqyf263/CVE-2019-6340](https://github.com/knqyf263/CVE-2019-6340)
- [DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass](https://github.com/DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass)
- [oways/CVE-2019-6340](https://github.com/oways/CVE-2019-6340)
- [cved-sources/cve-2019-6340](https://github.com/cved-sources/cve-2019-6340)
- [d1vious/cve-2019-6340-bits](https://github.com/d1vious/cve-2019-6340-bits)
- [jas502n/CVE-2019-6340](https://github.com/jas502n/CVE-2019-6340)
@ -3250,12 +3319,21 @@ Zemana AntiMalware before 3.0.658 Beta mishandles update logic.
- [RayScri/CVE-2019-6446](https://github.com/RayScri/CVE-2019-6446)
### CVE-2019-6447
<code>
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
</code>
- [fs0c131y/ESFileExplorerOpenPortVuln](https://github.com/fs0c131y/ESFileExplorerOpenPortVuln)
### CVE-2019-6453
<code>
mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable).
</code>
- [proofofcalc/cve-2019-6453-poc](https://github.com/proofofcalc/cve-2019-6453-poc)
- [andripwn/mIRC-CVE-2019-6453](https://github.com/andripwn/mIRC-CVE-2019-6453)
### CVE-2019-6467
@ -3266,6 +3344,14 @@ A programming error in the nxdomain-redirect feature can cause an assertion fail
- [knqyf263/CVE-2019-6467](https://github.com/knqyf263/CVE-2019-6467)
### CVE-2019-6487
<code>
TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field.
</code>
- [afang5472/TP-Link-WDR-Router-Command-injection_POC](https://github.com/afang5472/TP-Link-WDR-Router-Command-injection_POC)
### CVE-2019-6690
<code>
@ -3283,6 +3369,14 @@ pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remot
- [random-robbie/cve-2019-6715](https://github.com/random-robbie/cve-2019-6715)
### CVE-2019-7216
<code>
An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php.
</code>
- [Ekultek/CVE-2019-7216](https://github.com/Ekultek/CVE-2019-7216)
### CVE-2019-7219
<code>
@ -3297,6 +3391,7 @@ Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0
Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.
</code>
- [mpgn/CVE-2019-7238](https://github.com/mpgn/CVE-2019-7238)
- [jas502n/CVE-2019-7238](https://github.com/jas502n/CVE-2019-7238)
- [verctor/nexus_rce_CVE-2019-7238](https://github.com/verctor/nexus_rce_CVE-2019-7238)
- [magicming200/CVE-2019-7238_Nexus_RCE_Tool](https://github.com/magicming200/CVE-2019-7238_Nexus_RCE_Tool)
@ -3308,6 +3403,7 @@ Canonical snapd before version 2.37.1 incorrectly performed socket owner validat
</code>
- [initstring/dirty_sock](https://github.com/initstring/dirty_sock)
- [SecuritySi/CVE-2019-7304_DirtySock](https://github.com/SecuritySi/CVE-2019-7304_DirtySock)
### CVE-2019-7482
@ -3338,6 +3434,14 @@ Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the sec
- [whoami0622/CVE-2019-7610](https://github.com/whoami0622/CVE-2019-7610)
### CVE-2019-7642
<code>
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10).
</code>
- [xw77cve/CVE-2019-7642](https://github.com/xw77cve/CVE-2019-7642)
### CVE-2019-7839
<code>
@ -3346,6 +3450,14 @@ ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 a
- [securifera/CVE-2019-7839](https://github.com/securifera/CVE-2019-7839)
### CVE-2019-8389
<code>
A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file).
</code>
- [shawarkhanethicalhacker/CVE-2019-8389](https://github.com/shawarkhanethicalhacker/CVE-2019-8389)
### CVE-2019-8446
<code>