mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-28 18:44:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2021/06/14 18:13:18

Browse source
This commit is contained in:
motikan2010-bot 2021-06-14 18:13:18 +09:00
parent 6fd53271d1
commit 8ac97d55c2
63 changed files with 1751 additions and 100 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
2018/CVE-2018-0952.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 145615979,
"name": "CVE-2018-0952-SystemCollector",
"full_name": "atredispartners\/CVE-2018-0952-SystemCollector",
"owner": {
"login": "atredispartners",
"id": 7254370,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7254370?v=4",
"html_url": "https:\/\/github.com\/atredispartners"
},
"html_url": "https:\/\/github.com\/atredispartners\/CVE-2018-0952-SystemCollector",
"description": "PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service",
"fork": false,
"created_at": "2018-08-21T20:29:10Z",
"updated_at": "2021-03-25T23:02:29Z",
"pushed_at": "2018-08-21T20:30:24Z",
"stargazers_count": 108,
"watchers_count": 108,
"forks_count": 36,
"forks": 36,
"watchers": 108,
"score": 0
}
]

25
2018/CVE-2018-10949.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 147528239,
"name": "CVE-2018-10949",
"full_name": "0x00-0x00\/CVE-2018-10949",
"owner": {
"login": "0x00-0x00",
"id": 23364530,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4",
"html_url": "https:\/\/github.com\/0x00-0x00"
},
"html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-10949",
"description": "Zimbra Collaboration Suite Username Enumeration ",
"fork": false,
"created_at": "2018-09-05T14:09:13Z",
"updated_at": "2020-10-20T18:45:33Z",
"pushed_at": "2018-09-05T14:10:09Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 3,
"forks": 3,
"watchers": 2,
"score": 0
}
]

253
2018/CVE-2018-11776.json
View file

@ -1,4 +1,27 @@
[
{
"id": 145897861,
"name": "CVE-2018-11776",
"full_name": "trbpnd\/CVE-2018-11776",
"owner": {
"login": "trbpnd",
"id": 39193403,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39193403?v=4",
"html_url": "https:\/\/github.com\/trbpnd"
},
"html_url": "https:\/\/github.com\/trbpnd\/CVE-2018-11776",
"description": "Docker image for a vulnerable struts app",
"fork": false,
"created_at": "2018-08-23T19:25:26Z",
"updated_at": "2018-08-23T19:28:53Z",
"pushed_at": "2018-08-23T19:28:51Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 145901668,
"name": "CVE-2018-11776",
@ -22,6 +45,236 @@
"watchers": 14,
"score": 0
},
{
"id": 145935231,
"name": "CVE-2018-11776",
"full_name": "jiguangin\/CVE-2018-11776",
"owner": {
"login": "jiguangin",
"id": 22545712,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22545712?v=4",
"html_url": "https:\/\/github.com\/jiguangin"
},
"html_url": "https:\/\/github.com\/jiguangin\/CVE-2018-11776",
"description": "CVE-2018-11776(S2-057) EXPLOIT CODE",
"fork": false,
"created_at": "2018-08-24T03:01:29Z",
"updated_at": "2020-12-29T15:23:34Z",
"pushed_at": "2018-08-24T03:27:02Z",
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 5,
"forks": 5,
"watchers": 10,
"score": 0
},
{
"id": 145985371,
"name": "CVE-2018-11776-Python-PoC",
"full_name": "hook-s3c\/CVE-2018-11776-Python-PoC",
"owner": {
"login": "hook-s3c",
"id": 31825993,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31825993?v=4",
"html_url": "https:\/\/github.com\/hook-s3c"
},
"html_url": "https:\/\/github.com\/hook-s3c\/CVE-2018-11776-Python-PoC",
"description": "Working Python test and PoC for CVE-2018-11776, includes Docker lab",
"fork": false,
"created_at": "2018-08-24T11:53:02Z",
"updated_at": "2021-06-11T18:27:28Z",
"pushed_at": "2018-08-25T02:14:49Z",
"stargazers_count": 120,
"watchers_count": 120,
"forks_count": 50,
"forks": 50,
"watchers": 120,
"score": 0
},
{
"id": 146056002,
"name": "struts-pwn_CVE-2018-11776",
"full_name": "mazen160\/struts-pwn_CVE-2018-11776",
"owner": {
"login": "mazen160",
"id": 8996052,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8996052?v=4",
"html_url": "https:\/\/github.com\/mazen160"
},
"html_url": "https:\/\/github.com\/mazen160\/struts-pwn_CVE-2018-11776",
"description": " An exploit for Apache Struts CVE-2018-11776",
"fork": false,
"created_at": "2018-08-25T01:53:30Z",
"updated_at": "2021-06-11T18:27:30Z",
"pushed_at": "2018-08-26T02:31:39Z",
"stargazers_count": 302,
"watchers_count": 302,
"forks_count": 102,
"forks": 102,
"watchers": 302,
"score": 0
},
{
"id": 146060181,
"name": "CVE-2018-11776",
"full_name": "bhdresh\/CVE-2018-11776",
"owner": {
"login": "bhdresh",
"id": 8931885,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8931885?v=4",
"html_url": "https:\/\/github.com\/bhdresh"
},
"html_url": "https:\/\/github.com\/bhdresh\/CVE-2018-11776",
"description": "Vulnerable docker container for CVE-2018-11776",
"fork": false,
"created_at": "2018-08-25T03:06:30Z",
"updated_at": "2020-01-06T22:41:00Z",
"pushed_at": "2018-08-25T04:53:35Z",
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 6,
"forks": 6,
"watchers": 8,
"score": 0
},
{
"id": 146094544,
"name": "CVE-2018-11776",
"full_name": "knqyf263\/CVE-2018-11776",
"owner": {
"login": "knqyf263",
"id": 2253692,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4",
"html_url": "https:\/\/github.com\/knqyf263"
},
"html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-11776",
"description": "Environment for CVE-2018-11776 \/ S2-057 (Apache Struts 2)",
"fork": false,
"created_at": "2018-08-25T12:45:15Z",
"updated_at": "2021-01-19T03:50:38Z",
"pushed_at": "2018-08-25T14:20:46Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 2,
"forks": 2,
"watchers": 4,
"score": 0
},
{
"id": 146330536,
"name": "Strutter",
"full_name": "Ekultek\/Strutter",
"owner": {
"login": "Ekultek",
"id": 14183473,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14183473?v=4",
"html_url": "https:\/\/github.com\/Ekultek"
},
"html_url": "https:\/\/github.com\/Ekultek\/Strutter",
"description": "Proof of Concept for CVE-2018-11776",
"fork": false,
"created_at": "2018-08-27T17:22:16Z",
"updated_at": "2021-06-11T18:08:56Z",
"pushed_at": "2018-09-12T14:28:35Z",
"stargazers_count": 21,
"watchers_count": 21,
"forks_count": 4,
"forks": 4,
"watchers": 21,
"score": 0
},
{
"id": 146373342,
"name": "cve-2018-11776-docker",
"full_name": "tuxotron\/cve-2018-11776-docker",
"owner": {
"login": "tuxotron",
"id": 937637,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/937637?v=4",
"html_url": "https:\/\/github.com\/tuxotron"
},
"html_url": "https:\/\/github.com\/tuxotron\/cve-2018-11776-docker",
"description": null,
"fork": false,
"created_at": "2018-08-28T01:14:52Z",
"updated_at": "2019-09-24T14:38:18Z",
"pushed_at": "2018-08-29T17:58:27Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 0,
"forks": 0,
"watchers": 3,
"score": 0
},
{
"id": 146519519,
"name": "S2-057-CVE-2018-11776",
"full_name": "brianwrf\/S2-057-CVE-2018-11776",
"owner": {
"login": "brianwrf",
"id": 8141813,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4",
"html_url": "https:\/\/github.com\/brianwrf"
},
"html_url": "https:\/\/github.com\/brianwrf\/S2-057-CVE-2018-11776",
"description": "A simple exploit for Apache Struts RCE S2-057 (CVE-2018-11776)",
"fork": false,
"created_at": "2018-08-28T23:48:14Z",
"updated_at": "2018-12-23T03:47:07Z",
"pushed_at": "2018-08-29T00:03:56Z",
"stargazers_count": 15,
"watchers_count": 15,
"forks_count": 4,
"forks": 4,
"watchers": 15,
"score": 0
},
{
"id": 146650579,
"name": "Apache-Struts-Shodan-Exploit",
"full_name": "649\/Apache-Struts-Shodan-Exploit",
"owner": {
"login": "649",
"id": 23534047,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23534047?v=4",
"html_url": "https:\/\/github.com\/649"
},
"html_url": "https:\/\/github.com\/649\/Apache-Struts-Shodan-Exploit",
"description": "This tool takes advantage of CVE-2018-11776 and Shodan to perform mass exploitation of verified and vulnerable Apache Struts servers.",
"fork": false,
"created_at": "2018-08-29T19:50:26Z",
"updated_at": "2021-05-29T14:21:00Z",
"pushed_at": "2018-08-30T00:16:01Z",
"stargazers_count": 53,
"watchers_count": 53,
"forks_count": 17,
"forks": 17,
"watchers": 53,
"score": 0
},
{
"id": 147746262,
"name": "CVE-2018-11776-Python-PoC",
"full_name": "jezzus\/CVE-2018-11776-Python-PoC",
"owner": {
"login": "jezzus",
"id": 9899999,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9899999?v=4",
"html_url": "https:\/\/github.com\/jezzus"
},
"html_url": "https:\/\/github.com\/jezzus\/CVE-2018-11776-Python-PoC",
"description": null,
"fork": false,
"created_at": "2018-09-06T23:49:20Z",
"updated_at": "2018-09-06T23:49:20Z",
"pushed_at": "2018-09-06T23:49:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 164352202,
"name": "cve-2018-11776",

25
2018/CVE-2018-12463.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 140411928,
"name": "CVE-2018-12463",
"full_name": "alt3kx\/CVE-2018-12463",
"owner": {
"login": "alt3kx",
"id": 3140111,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4",
"html_url": "https:\/\/github.com\/alt3kx"
},
"html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12463",
"description": "XML external entity (XXE) vulnerability in \/ssc\/fm-ws\/services in Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (0day CVE-2018-12463)",
"fork": false,
"created_at": "2018-07-10T09:51:40Z",
"updated_at": "2021-01-12T12:20:23Z",
"pushed_at": "2018-07-17T08:13:34Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 1,
"forks": 1,
"watchers": 4,
"score": 0
}
]

25
2018/CVE-2018-12895.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 139890292,
"name": "cve-2018-12895-hotfix",
"full_name": "bloom-ux\/cve-2018-12895-hotfix",
"owner": {
"login": "bloom-ux",
"id": 22582007,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22582007?v=4",
"html_url": "https:\/\/github.com\/bloom-ux"
},
"html_url": "https:\/\/github.com\/bloom-ux\/cve-2018-12895-hotfix",
"description": "Hotfix for file deletion to to code execution vulnerability in WordPress",
"fork": false,
"created_at": "2018-07-05T19:09:17Z",
"updated_at": "2018-07-05T19:48:44Z",
"pushed_at": "2018-07-05T19:48:43Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2018/CVE-2018-13784.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 141165293,
"name": "prestashop-exploits",
"full_name": "ambionics\/prestashop-exploits",
"owner": {
"login": "ambionics",
"id": 29630660,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29630660?v=4",
"html_url": "https:\/\/github.com\/ambionics"
},
"html_url": "https:\/\/github.com\/ambionics\/prestashop-exploits",
"description": "Collection of exploits\/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)",
"fork": false,
"created_at": "2018-07-16T16:33:41Z",
"updated_at": "2021-06-03T05:23:59Z",
"pushed_at": "2018-07-17T09:02:34Z",
"stargazers_count": 47,
"watchers_count": 47,
"forks_count": 11,
"forks": 11,
"watchers": 47,
"score": 0
}
]

25
2018/CVE-2018-14.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 144012223,
"name": "legacySymfony",
"full_name": "lckJack\/legacySymfony",
"owner": {
"login": "lckJack",
"id": 38405856,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38405856?v=4",
"html_url": "https:\/\/github.com\/lckJack"
},
"html_url": "https:\/\/github.com\/lckJack\/legacySymfony",
"description": "Easy script to check if drupal 8.x-8.5.6 is vulnerable to CVE-2018-14.773",
"fork": false,
"created_at": "2018-08-08T12:42:56Z",
"updated_at": "2018-08-08T17:28:27Z",
"pushed_at": "2018-08-08T12:46:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
}
]

25
2018/CVE-2018-14083.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 142094467,
"name": "CVE-2018-14083",
"full_name": "pudding2\/CVE-2018-14083",
"owner": {
"login": "pudding2",
"id": 28480779,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28480779?v=4",
"html_url": "https:\/\/github.com\/pudding2"
},
"html_url": "https:\/\/github.com\/pudding2\/CVE-2018-14083",
"description": null,
"fork": false,
"created_at": "2018-07-24T02:36:08Z",
"updated_at": "2019-01-14T11:31:59Z",
"pushed_at": "2018-07-24T02:56:28Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
}
]

23
2018/CVE-2018-14847.json
View file

@ -22,6 +22,29 @@
"watchers": 427,
"score": 0
},
{
"id": 148370201,
"name": "WinboxExploit",
"full_name": "msterusky\/WinboxExploit",
"owner": {
"login": "msterusky",
"id": 29436829,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29436829?v=4",
"html_url": "https:\/\/github.com\/msterusky"
},
"html_url": "https:\/\/github.com\/msterusky\/WinboxExploit",
"description": "C# implementation of BasuCert\/WinboxPoC [Winbox Critical Vulnerability (CVE-2018-14847)]",
"fork": false,
"created_at": "2018-09-11T19:36:49Z",
"updated_at": "2021-03-13T16:56:42Z",
"pushed_at": "2018-09-11T20:12:25Z",
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 3,
"forks": 3,
"watchers": 5,
"score": 0
},
{
"id": 152906288,
"name": "MikroRoot",

25
2018/CVE-2018-15131.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 147528539,
"name": "CVE-2018-15131",
"full_name": "0x00-0x00\/CVE-2018-15131",
"owner": {
"login": "0x00-0x00",
"id": 23364530,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4",
"html_url": "https:\/\/github.com\/0x00-0x00"
},
"html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-15131",
"description": "Zimbra Collaboration Suite Username Enumeration ",
"fork": false,
"created_at": "2018-09-05T14:11:16Z",
"updated_at": "2018-10-28T04:05:13Z",
"pushed_at": "2018-09-05T14:11:43Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
}
]

25
2018/CVE-2018-15499.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 145583266,
"name": "CVE-2018-15499",
"full_name": "DownWithUp\/CVE-2018-15499",
"owner": {
"login": "DownWithUp",
"id": 16905064,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4",
"html_url": "https:\/\/github.com\/DownWithUp"
},
"html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-15499",
"description": "PoC code for CVE-2018-15499 (exploit race condition for BSoD)",
"fork": false,
"created_at": "2018-08-21T15:26:35Z",
"updated_at": "2021-05-03T17:46:26Z",
"pushed_at": "2018-08-23T12:55:23Z",
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 5,
"forks": 5,
"watchers": 10,
"score": 0
}
]

25
2018/CVE-2018-15727.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 146628899,
"name": "grafana-CVE-2018-15727",
"full_name": "u238\/grafana-CVE-2018-15727",
"owner": {
"login": "u238",
"id": 2368573,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2368573?v=4",
"html_url": "https:\/\/github.com\/u238"
},
"html_url": "https:\/\/github.com\/u238\/grafana-CVE-2018-15727",
"description": "a small utility to generate a cookie in order to exploit a grafana vulnerability (CVE-2018-15727)",
"fork": false,
"created_at": "2018-08-29T16:35:22Z",
"updated_at": "2020-07-29T06:48:10Z",
"pushed_at": "2018-08-31T20:31:12Z",
"stargazers_count": 21,
"watchers_count": 21,
"forks_count": 7,
"forks": 7,
"watchers": 21,
"score": 0
}
]

25
2018/CVE-2018-15832.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 148423840,
"name": "Ubisoft-Uplay-Desktop-Client-63.0.5699.0",
"full_name": "JacksonKuo\/Ubisoft-Uplay-Desktop-Client-63.0.5699.0",
"owner": {
"login": "JacksonKuo",
"id": 5520730,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5520730?v=4",
"html_url": "https:\/\/github.com\/JacksonKuo"
},
"html_url": "https:\/\/github.com\/JacksonKuo\/Ubisoft-Uplay-Desktop-Client-63.0.5699.0",
"description": "CVE-2018-15832",
"fork": false,
"created_at": "2018-09-12T04:59:11Z",
"updated_at": "2018-09-12T05:05:37Z",
"pushed_at": "2018-09-12T05:00:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
}
]

25
2018/CVE-2018-15912.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 146484081,
"name": "CVE-2018-15912-PoC",
"full_name": "coderobe\/CVE-2018-15912-PoC",
"owner": {
"login": "coderobe",
"id": 8442384,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8442384?v=4",
"html_url": "https:\/\/github.com\/coderobe"
},
"html_url": "https:\/\/github.com\/coderobe\/CVE-2018-15912-PoC",
"description": null,
"fork": false,
"created_at": "2018-08-28T17:40:52Z",
"updated_at": "2018-08-30T10:59:24Z",
"pushed_at": "2018-08-28T17:54:24Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 2,
"score": 0
}
]

25
2018/CVE-2018-16370.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 147602690,
"name": "CVE-2018-16370",
"full_name": "snappyJack\/CVE-2018-16370",
"owner": {
"login": "snappyJack",
"id": 16055573,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4",
"html_url": "https:\/\/github.com\/snappyJack"
},
"html_url": "https:\/\/github.com\/snappyJack\/CVE-2018-16370",
"description": "In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through \/Public\/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.",
"fork": false,
"created_at": "2018-09-06T01:52:47Z",
"updated_at": "2018-09-06T02:02:55Z",
"pushed_at": "2018-09-06T02:02:54Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2018/CVE-2018-16373.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 147603389,
"name": "CVE-2018-16373",
"full_name": "snappyJack\/CVE-2018-16373",
"owner": {
"login": "snappyJack",
"id": 16055573,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4",
"html_url": "https:\/\/github.com\/snappyJack"
},
"html_url": "https:\/\/github.com\/snappyJack\/CVE-2018-16373",
"description": "Frog CMS 0.9.5 has an Upload > vulnerability that can create files via > \/admin\/?\/plugin\/file_manager\/save",
"fork": false,
"created_at": "2018-09-06T02:00:24Z",
"updated_at": "2018-09-06T02:01:33Z",
"pushed_at": "2018-09-06T02:01:32Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

46
2018/CVE-2018-2628.json
View file

@ -344,6 +344,52 @@
"watchers": 0,
"score": 0
},
{
"id": 139417715,
"name": "CVE-2018-2628",
"full_name": "likescam\/CVE-2018-2628",
"owner": {
"login": "likescam",
"id": 2469038,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4",
"html_url": "https:\/\/github.com\/likescam"
},
"html_url": "https:\/\/github.com\/likescam\/CVE-2018-2628",
"description": null,
"fork": false,
"created_at": "2018-07-02T09:00:34Z",
"updated_at": "2019-05-26T06:58:12Z",
"pushed_at": "2018-07-02T09:00:52Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 1,
"forks": 1,
"watchers": 3,
"score": 0
},
{
"id": 147341225,
"name": "WebLogic-RCE-exploit",
"full_name": "Nervous\/WebLogic-RCE-exploit",
"owner": {
"login": "Nervous",
"id": 172442,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172442?v=4",
"html_url": "https:\/\/github.com\/Nervous"
},
"html_url": "https:\/\/github.com\/Nervous\/WebLogic-RCE-exploit",
"description": "A remote code execution exploit for WebLogic based on CVE-2018-2628",
"fork": false,
"created_at": "2018-09-04T12:17:21Z",
"updated_at": "2019-10-11T08:19:19Z",
"pushed_at": "2018-09-04T12:21:21Z",
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 3,
"forks": 3,
"watchers": 5,
"score": 0
},
{
"id": 155318699,
"name": "CVE-2018-2628",

25
2018/CVE-2018-2844.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 146413224,
"name": "virtualbox-cve-2018-2844",
"full_name": "renorobert\/virtualbox-cve-2018-2844",
"owner": {
"login": "renorobert",
"id": 4233909,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4233909?v=4",
"html_url": "https:\/\/github.com\/renorobert"
},
"html_url": "https:\/\/github.com\/renorobert\/virtualbox-cve-2018-2844",
"description": null,
"fork": false,
"created_at": "2018-08-28T08:04:19Z",
"updated_at": "2021-05-05T00:52:25Z",
"pushed_at": "2018-08-28T08:06:21Z",
"stargazers_count": 97,
"watchers_count": 97,
"forks_count": 32,
"forks": 32,
"watchers": 97,
"score": 0
}
]

23
2018/CVE-2018-2879.json
View file

@ -1,4 +1,27 @@
[
{
"id": 142485401,
"name": "Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit",
"full_name": "MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit",
"owner": {
"login": "MostafaSoliman",
"id": 13528184,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13528184?v=4",
"html_url": "https:\/\/github.com\/MostafaSoliman"
},
"html_url": "https:\/\/github.com\/MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit",
"description": null,
"fork": false,
"created_at": "2018-07-26T19:31:45Z",
"updated_at": "2020-07-10T13:31:49Z",
"pushed_at": "2018-07-27T12:09:40Z",
"stargazers_count": 9,
"watchers_count": 9,
"forks_count": 7,
"forks": 7,
"watchers": 9,
"score": 0
},
{
"id": 142787515,
"name": "oracle-oam-authentication-bypas-exploit",

92
2018/CVE-2018-2893.json
View file

@ -1,4 +1,73 @@
[
{
"id": 141531715,
"name": "CVE-2018-2893",
"full_name": "sry309\/CVE-2018-2893",
"owner": {
"login": "sry309",
"id": 15671013,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15671013?v=4",
"html_url": "https:\/\/github.com\/sry309"
},
"html_url": "https:\/\/github.com\/sry309\/CVE-2018-2893",
"description": "CVE-2018-2893",
"fork": false,
"created_at": "2018-07-19T06:06:10Z",
"updated_at": "2020-12-10T06:55:01Z",
"pushed_at": "2018-07-19T05:59:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 141534186,
"name": "CVE-2018-2893",
"full_name": "ryanInf\/CVE-2018-2893",
"owner": {
"login": "ryanInf",
"id": 19621374,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19621374?v=4",
"html_url": "https:\/\/github.com\/ryanInf"
},
"html_url": "https:\/\/github.com\/ryanInf\/CVE-2018-2893",
"description": "CVE-2018-2893 PoC",
"fork": false,
"created_at": "2018-07-19T06:28:12Z",
"updated_at": "2020-12-16T09:58:12Z",
"pushed_at": "2018-07-19T06:12:51Z",
"stargazers_count": 28,
"watchers_count": 28,
"forks_count": 37,
"forks": 37,
"watchers": 28,
"score": 0
},
{
"id": 141678694,
"name": "CVE-2018-2893",
"full_name": "bigsizeme\/CVE-2018-2893",
"owner": {
"login": "bigsizeme",
"id": 17845094,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17845094?v=4",
"html_url": "https:\/\/github.com\/bigsizeme"
},
"html_url": "https:\/\/github.com\/bigsizeme\/CVE-2018-2893",
"description": "反弹shell生成器",
"fork": false,
"created_at": "2018-07-20T07:26:43Z",
"updated_at": "2019-04-22T04:46:36Z",
"pushed_at": "2018-07-23T04:31:27Z",
"stargazers_count": 17,
"watchers_count": 17,
"forks_count": 5,
"forks": 5,
"watchers": 17,
"score": 0
},
{
"id": 141856470,
"name": "CVE-2018-2893",
@ -22,6 +91,29 @@
"watchers": 92,
"score": 0
},
{
"id": 142403659,
"name": "CVE-2018-2893",
"full_name": "qianl0ng\/CVE-2018-2893",
"owner": {
"login": "qianl0ng",
"id": 26949233,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26949233?v=4",
"html_url": "https:\/\/github.com\/qianl0ng"
},
"html_url": "https:\/\/github.com\/qianl0ng\/CVE-2018-2893",
"description": "可以直接反弹shell",
"fork": false,
"created_at": "2018-07-26T07:16:38Z",
"updated_at": "2020-08-19T01:40:23Z",
"pushed_at": "2018-07-26T07:50:15Z",
"stargazers_count": 44,
"watchers_count": 44,
"forks_count": 14,
"forks": 14,
"watchers": 44,
"score": 0
},
{
"id": 151921677,
"name": "CVE-2018-2893",

46
2018/CVE-2018-2894.json
View file

@ -1,4 +1,50 @@
[
{
"id": 141601079,
"name": "cve-2018-2894",
"full_name": "111ddea\/cve-2018-2894",
"owner": {
"login": "111ddea",
"id": 41444127,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41444127?v=4",
"html_url": "https:\/\/github.com\/111ddea"
},
"html_url": "https:\/\/github.com\/111ddea\/cve-2018-2894",
"description": "cve-2018-2894 不同别人的利用方法。",
"fork": false,
"created_at": "2018-07-19T15:50:35Z",
"updated_at": "2020-11-26T11:40:23Z",
"pushed_at": "2018-07-22T08:34:27Z",
"stargazers_count": 13,
"watchers_count": 13,
"forks_count": 7,
"forks": 7,
"watchers": 13,
"score": 0
},
{
"id": 141661586,
"name": "CVE-2018-2894",
"full_name": "LandGrey\/CVE-2018-2894",
"owner": {
"login": "LandGrey",
"id": 16769779,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16769779?v=4",
"html_url": "https:\/\/github.com\/LandGrey"
},
"html_url": "https:\/\/github.com\/LandGrey\/CVE-2018-2894",
"description": "CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script",
"fork": false,
"created_at": "2018-07-20T03:59:18Z",
"updated_at": "2021-02-04T08:53:23Z",
"pushed_at": "2018-07-20T12:46:50Z",
"stargazers_count": 130,
"watchers_count": 130,
"forks_count": 51,
"forks": 51,
"watchers": 130,
"score": 0
},
{
"id": 151928392,
"name": "CVE-2018-2894",

46
2018/CVE-2018-4121.json
View file

@ -21,5 +21,51 @@
"forks": 35,
"watchers": 114,
"score": 0
},
{
"id": 141314432,
"name": "CVE-2018-4121",
"full_name": "likescam\/CVE-2018-4121",
"owner": {
"login": "likescam",
"id": 2469038,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4",
"html_url": "https:\/\/github.com\/likescam"
},
"html_url": "https:\/\/github.com\/likescam\/CVE-2018-4121",
"description": null,
"fork": false,
"created_at": "2018-07-17T16:15:29Z",
"updated_at": "2018-07-17T16:15:44Z",
"pushed_at": "2018-07-17T16:15:42Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 147746670,
"name": "CVE-2018-4121",
"full_name": "jezzus\/CVE-2018-4121",
"owner": {
"login": "jezzus",
"id": 9899999,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9899999?v=4",
"html_url": "https:\/\/github.com\/jezzus"
},
"html_url": "https:\/\/github.com\/jezzus\/CVE-2018-4121",
"description": null,
"fork": false,
"created_at": "2018-09-06T23:55:43Z",
"updated_at": "2018-09-06T23:55:53Z",
"pushed_at": "2018-09-06T23:55:52Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2018/CVE-2018-4233.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 144027153,
"name": "cve-2018-4233",
"full_name": "saelo\/cve-2018-4233",
"owner": {
"login": "saelo",
"id": 2453290,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2453290?v=4",
"html_url": "https:\/\/github.com\/saelo"
},
"html_url": "https:\/\/github.com\/saelo\/cve-2018-4233",
"description": "Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018",
"fork": false,
"created_at": "2018-08-08T14:41:20Z",
"updated_at": "2021-06-03T05:58:17Z",
"pushed_at": "2018-08-17T23:31:46Z",
"stargazers_count": 159,
"watchers_count": 159,
"forks_count": 33,
"forks": 33,
"watchers": 159,
"score": 0
}
]

25
2018/CVE-2018-5740.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 144792218,
"name": "cve-2018-5740",
"full_name": "sischkg\/cve-2018-5740",
"owner": {
"login": "sischkg",
"id": 3468384,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3468384?v=4",
"html_url": "https:\/\/github.com\/sischkg"
},
"html_url": "https:\/\/github.com\/sischkg\/cve-2018-5740",
"description": null,
"fork": false,
"created_at": "2018-08-15T01:50:41Z",
"updated_at": "2019-02-25T15:06:06Z",
"pushed_at": "2018-08-15T06:25:14Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 2,
"score": 0
}
]

23
2018/CVE-2018-5955.json
View file

@ -1,4 +1,27 @@
[
{
"id": 148261072,
"name": "GitStackRCE",
"full_name": "cisp\/GitStackRCE",
"owner": {
"login": "cisp",
"id": 11972644,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11972644?v=4",
"html_url": "https:\/\/github.com\/cisp"
},
"html_url": "https:\/\/github.com\/cisp\/GitStackRCE",
"description": "GitStackRCE漏洞(CVE-2018-5955)EXP",
"fork": false,
"created_at": "2018-09-11T04:39:43Z",
"updated_at": "2018-09-21T15:13:18Z",
"pushed_at": "2018-09-11T04:40:52Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
},
{
"id": 229491909,
"name": "Cerberus",

23
2018/CVE-2018-6389.json
View file

@ -344,6 +344,29 @@
"watchers": 0,
"score": 0
},
{
"id": 146678844,
"name": "trellis-cve-2018-6389",
"full_name": "ItinerisLtd\/trellis-cve-2018-6389",
"owner": {
"login": "ItinerisLtd",
"id": 32365928,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32365928?v=4",
"html_url": "https:\/\/github.com\/ItinerisLtd"
},
"html_url": "https:\/\/github.com\/ItinerisLtd\/trellis-cve-2018-6389",
"description": "Mitigate CVE-2018-6389 WordPress load-scripts \/ load-styles attacks",
"fork": false,
"created_at": "2018-08-30T01:25:20Z",
"updated_at": "2020-08-11T04:43:27Z",
"pushed_at": "2018-08-30T01:47:48Z",
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 0,
"forks": 0,
"watchers": 7,
"score": 0
},
{
"id": 155115549,
"name": "Wordpress-DOS",

23
2018/CVE-2018-6546.json
View file

@ -21,5 +21,28 @@
"forks": 10,
"watchers": 42,
"score": 0
},
{
"id": 142284375,
"name": "CVE-2018-6546",
"full_name": "YanZiShuang\/CVE-2018-6546",
"owner": {
"login": "YanZiShuang",
"id": 41621080,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41621080?v=4",
"html_url": "https:\/\/github.com\/YanZiShuang"
},
"html_url": "https:\/\/github.com\/YanZiShuang\/CVE-2018-6546",
"description": null,
"fork": false,
"created_at": "2018-07-25T10:22:53Z",
"updated_at": "2019-09-02T13:24:16Z",
"pushed_at": "2018-07-25T11:59:09Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 0,
"forks": 0,
"watchers": 3,
"score": 0
}
]

25
2018/CVE-2018-6643.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 146195248,
"name": "CVE-2018-6643",
"full_name": "undefinedmode\/CVE-2018-6643",
"owner": {
"login": "undefinedmode",
"id": 4165481,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4165481?v=4",
"html_url": "https:\/\/github.com\/undefinedmode"
},
"html_url": "https:\/\/github.com\/undefinedmode\/CVE-2018-6643",
"description": "CVE-2018-6643",
"fork": false,
"created_at": "2018-08-26T16:03:08Z",
"updated_at": "2018-08-27T13:36:10Z",
"pushed_at": "2018-08-28T23:03:57Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

23
2018/CVE-2018-7600.json
View file

@ -390,6 +390,29 @@
"watchers": 0,
"score": 0
},
{
"id": 140643631,
"name": "CVE-2018-7600",
"full_name": "happynote3966\/CVE-2018-7600",
"owner": {
"login": "happynote3966",
"id": 19719330,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19719330?v=4",
"html_url": "https:\/\/github.com\/happynote3966"
},
"html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7600",
"description": null,
"fork": false,
"created_at": "2018-07-12T01:12:44Z",
"updated_at": "2018-07-17T03:24:11Z",
"pushed_at": "2018-07-17T03:24:09Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 151199861,
"name": "CVE-2018-7600-Drupal-RCE",

23
2018/CVE-2018-7602.json
View file

@ -22,6 +22,29 @@
"watchers": 5,
"score": 0
},
{
"id": 140663638,
"name": "CVE-2018-7602",
"full_name": "happynote3966\/CVE-2018-7602",
"owner": {
"login": "happynote3966",
"id": 19719330,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19719330?v=4",
"html_url": "https:\/\/github.com\/happynote3966"
},
"html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7602",
"description": null,
"fork": false,
"created_at": "2018-07-12T05:08:14Z",
"updated_at": "2018-07-17T02:57:18Z",
"pushed_at": "2018-07-17T02:57:17Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
},
{
"id": 155205612,
"name": "CVE-2018-7602",

25
2018/CVE-2018-8090.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 141976453,
"name": "CVE-2018-8090",
"full_name": "kernelm0de\/CVE-2018-8090",
"owner": {
"login": "kernelm0de",
"id": 30472260,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30472260?v=4",
"html_url": "https:\/\/github.com\/kernelm0de"
},
"html_url": "https:\/\/github.com\/kernelm0de\/CVE-2018-8090",
"description": "DLL Hijacking in Quickheal Total Security\/ Internet Security\/ Antivirus Pro (Installers)",
"fork": false,
"created_at": "2018-07-23T07:17:07Z",
"updated_at": "2019-01-22T12:46:02Z",
"pushed_at": "2018-07-26T13:39:28Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 2,
"forks": 2,
"watchers": 2,
"score": 0
}
]

46
2018/CVE-2018-8120.json
View file

@ -114,6 +114,52 @@
"watchers": 2,
"score": 0
},
{
"id": 140512208,
"name": "CVE-2018-8120",
"full_name": "EVOL4\/CVE-2018-8120",
"owner": {
"login": "EVOL4",
"id": 26862344,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26862344?v=4",
"html_url": "https:\/\/github.com\/EVOL4"
},
"html_url": "https:\/\/github.com\/EVOL4\/CVE-2018-8120",
"description": "dd",
"fork": false,
"created_at": "2018-07-11T02:41:16Z",
"updated_at": "2018-11-16T12:24:05Z",
"pushed_at": "2018-08-10T13:06:04Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"forks": 1,
"watchers": 2,
"score": 0
},
{
"id": 144975276,
"name": "CVE-2018-8120",
"full_name": "ozkanbilge\/CVE-2018-8120",
"owner": {
"login": "ozkanbilge",
"id": 39211596,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39211596?v=4",
"html_url": "https:\/\/github.com\/ozkanbilge"
},
"html_url": "https:\/\/github.com\/ozkanbilge\/CVE-2018-8120",
"description": "CVE-2018-8120 Windows LPE exploit",
"fork": false,
"created_at": "2018-08-16T10:51:00Z",
"updated_at": "2020-10-20T17:21:43Z",
"pushed_at": "2018-08-16T10:53:19Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"forks": 1,
"watchers": 2,
"score": 0
},
{
"id": 162424739,
"name": "CVE-2018-8120",

25
2018/CVE-2018-8172.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 145187210,
"name": "CVE-2018-8172",
"full_name": "SyFi\/CVE-2018-8172",
"owner": {
"login": "SyFi",
"id": 26314806,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4",
"html_url": "https:\/\/github.com\/SyFi"
},
"html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8172",
"description": "Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability",
"fork": false,
"created_at": "2018-08-18T03:37:15Z",
"updated_at": "2020-10-21T22:16:11Z",
"pushed_at": "2018-08-18T03:56:36Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 4,
"forks": 4,
"watchers": 3,
"score": 0
}
]

46
2018/CVE-2018-8174.json
View file

@ -91,6 +91,52 @@
"watchers": 1,
"score": 0
},
{
"id": 140478620,
"name": "cve-2018-8174_analysis",
"full_name": "piotrflorczyk\/cve-2018-8174_analysis",
"owner": {
"login": "piotrflorczyk",
"id": 7830144,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7830144?v=4",
"html_url": "https:\/\/github.com\/piotrflorczyk"
},
"html_url": "https:\/\/github.com\/piotrflorczyk\/cve-2018-8174_analysis",
"description": "Analysis of VBS exploit CVE-2018-8174",
"fork": false,
"created_at": "2018-07-10T19:31:25Z",
"updated_at": "2021-04-21T21:43:53Z",
"pushed_at": "2018-07-12T08:35:13Z",
"stargazers_count": 16,
"watchers_count": 16,
"forks_count": 16,
"forks": 16,
"watchers": 16,
"score": 0
},
{
"id": 147615569,
"name": "CVE-2018-8174-msf",
"full_name": "likescam\/CVE-2018-8174-msf",
"owner": {
"login": "likescam",
"id": 2469038,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4",
"html_url": "https:\/\/github.com\/likescam"
},
"html_url": "https:\/\/github.com\/likescam\/CVE-2018-8174-msf",
"description": null,
"fork": false,
"created_at": "2018-09-06T04:03:25Z",
"updated_at": "2018-09-06T04:03:37Z",
"pushed_at": "2018-09-06T04:03:36Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 188212551,
"name": "ie11_vbscript_exploit",

25
2018/CVE-2018-8208.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 144541015,
"name": "CVE-2018-8208",
"full_name": "kaisaryousuf\/CVE-2018-8208",
"owner": {
"login": "kaisaryousuf",
"id": 27071719,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27071719?v=4",
"html_url": "https:\/\/github.com\/kaisaryousuf"
},
"html_url": "https:\/\/github.com\/kaisaryousuf\/CVE-2018-8208",
"description": null,
"fork": false,
"created_at": "2018-08-13T06:56:11Z",
"updated_at": "2018-11-12T16:22:38Z",
"pushed_at": "2018-06-21T15:06:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 2,
"forks": 2,
"watchers": 0,
"score": 0
}
]

25
2018/CVE-2018-8353.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 148192905,
"name": "CVE-2018-8353-POC",
"full_name": "whereisr0da\/CVE-2018-8353-POC",
"owner": {
"login": "whereisr0da",
"id": 37551872,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37551872?v=4",
"html_url": "https:\/\/github.com\/whereisr0da"
},
"html_url": "https:\/\/github.com\/whereisr0da\/CVE-2018-8353-POC",
"description": "Simple poc of CVE-2018-8353 Microsoft Scripting Engine Use After Free",
"fork": false,
"created_at": "2018-09-10T17:28:05Z",
"updated_at": "2018-10-15T01:07:56Z",
"pushed_at": "2018-09-10T17:32:49Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 4,
"forks": 4,
"watchers": 2,
"score": 0
}
]

25
2018/CVE-2018-8420.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 148446677,
"name": "CVE-2018-8420",
"full_name": "idkwim\/CVE-2018-8420",
"owner": {
"login": "idkwim",
"id": 4337087,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4337087?v=4",
"html_url": "https:\/\/github.com\/idkwim"
},
"html_url": "https:\/\/github.com\/idkwim\/CVE-2018-8420",
"description": null,
"fork": false,
"created_at": "2018-09-12T08:22:54Z",
"updated_at": "2021-06-12T09:43:43Z",
"pushed_at": "2018-09-12T03:50:14Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 54,
"forks": 54,
"watchers": 4,
"score": 0
}
]

23
2018/CVE-2018-8897.json
View file

@ -67,5 +67,28 @@
"forks": 110,
"watchers": 392,
"score": 0
},
{
"id": 144062105,
"name": "syscall_exploit_CVE-2018-8897",
"full_name": "nmulasmajic\/syscall_exploit_CVE-2018-8897",
"owner": {
"login": "nmulasmajic",
"id": 30013958,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30013958?v=4",
"html_url": "https:\/\/github.com\/nmulasmajic"
},
"html_url": "https:\/\/github.com\/nmulasmajic\/syscall_exploit_CVE-2018-8897",
"description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).",
"fork": false,
"created_at": "2018-08-08T20:04:56Z",
"updated_at": "2021-04-30T19:57:45Z",
"pushed_at": "2018-08-08T20:12:20Z",
"stargazers_count": 109,
"watchers_count": 109,
"forks_count": 25,
"forks": 25,
"watchers": 109,
"score": 0
}
]

48
2018/CVE-2018-9948.json Normal file
View file

@ -0,0 +1,48 @@
[
{
"id": 143491453,
"name": "Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958",
"full_name": "manojcode\/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958",
"owner": {
"login": "manojcode",
"id": 17510282,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4",
"html_url": "https:\/\/github.com\/manojcode"
},
"html_url": "https:\/\/github.com\/manojcode\/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958",
"description": "Foxit Reader version 9.0.1.1049 Use After Free with ASLR and DEP bypass on heap",
"fork": false,
"created_at": "2018-08-04T02:32:28Z",
"updated_at": "2021-03-26T07:34:59Z",
"pushed_at": "2018-09-11T14:19:07Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 2,
"forks": 2,
"watchers": 4,
"score": 0
},
{
"id": 145526091,
"name": "cve-2018-9948-9958-exp",
"full_name": "orangepirate\/cve-2018-9948-9958-exp",
"owner": {
"login": "orangepirate",
"id": 40813235,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40813235?v=4",
"html_url": "https:\/\/github.com\/orangepirate"
},
"html_url": "https:\/\/github.com\/orangepirate\/cve-2018-9948-9958-exp",
"description": "a exp for cve-2018-9948\/9958 , current shellcode called win-calc ",
"fork": false,
"created_at": "2018-08-21T07:43:38Z",
"updated_at": "2018-08-24T00:18:07Z",
"pushed_at": "2018-08-24T00:18:06Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

16
2019/CVE-2019-0708.json
View file

@ -1600,13 +1600,13 @@
"description": "Python script to detect bluekeep vulnerability (CVE-2019-0708) with TLS\/SSL and x509 support",
"fork": false,
"created_at": "2019-06-03T07:49:26Z",
"updated_at": "2021-04-24T11:56:36Z",
"updated_at": "2021-06-14T03:39:42Z",
"pushed_at": "2019-06-12T08:48:17Z",
"stargazers_count": 21,
"watchers_count": 21,
"stargazers_count": 22,
"watchers_count": 22,
"forks_count": 7,
"forks": 7,
"watchers": 21,
"watchers": 22,
"score": 0
},
{
@ -2244,13 +2244,13 @@
"description": "ispy V1.0 - Eternalblue(ms17-010)\/Bluekeep(CVE-2019-0708) Scanner and exploit ( Metasploit automation )",
"fork": false,
"created_at": "2019-09-30T19:46:21Z",
"updated_at": "2021-06-01T08:46:13Z",
"updated_at": "2021-06-14T05:35:46Z",
"pushed_at": "2021-02-06T00:24:21Z",
"stargazers_count": 189,
"watchers_count": 189,
"stargazers_count": 190,
"watchers_count": 190,
"forks_count": 72,
"forks": 72,
"watchers": 189,
"watchers": 190,
"score": 0
},
{

8
2019/CVE-2019-12255.json
View file

@ -13,13 +13,13 @@
"description": "Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260",
"fork": false,
"created_at": "2019-11-12T20:43:46Z",
"updated_at": "2020-12-02T04:33:45Z",
"updated_at": "2021-06-14T06:26:36Z",
"pushed_at": "2019-11-28T20:16:35Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 15,
"watchers_count": 15,
"forks_count": 4,
"forks": 4,
"watchers": 14,
"watchers": 15,
"score": 0
}
]

4
2019/CVE-2019-17625.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-03-12T18:22:19Z",
"stargazers_count": 16,
"watchers_count": 16,
"forks_count": 7,
"forks": 7,
"forks_count": 6,
"forks": 6,
"watchers": 16,
"score": 0
}

8
2019/CVE-2019-19781.json
View file

@ -59,13 +59,13 @@
"description": "This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.",
"fork": false,
"created_at": "2020-01-11T00:08:27Z",
"updated_at": "2021-05-30T19:35:53Z",
"updated_at": "2021-06-14T08:54:11Z",
"pushed_at": "2020-01-22T20:23:51Z",
"stargazers_count": 528,
"watchers_count": 528,
"stargazers_count": 527,
"watchers_count": 527,
"forks_count": 122,
"forks": 122,
"watchers": 528,
"watchers": 527,
"score": 0
},
{

8
2019/CVE-2019-2618.json
View file

@ -82,13 +82,13 @@
"description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618CVE-2019-2729检测Python3支持",
"fork": false,
"created_at": "2019-06-21T09:22:43Z",
"updated_at": "2021-06-07T13:27:35Z",
"updated_at": "2021-06-14T06:26:33Z",
"pushed_at": "2020-04-26T10:49:25Z",
"stargazers_count": 768,
"watchers_count": 768,
"stargazers_count": 769,
"watchers_count": 769,
"forks_count": 159,
"forks": 159,
"watchers": 768,
"watchers": 769,
"score": 0
},
{

28
2019/CVE-2019-8979.json
View file

@ -1,25 +1,25 @@
[
{
"id": 303056242,
"id": 309222076,
"name": "ko7demo",
"full_name": "seb-elttam\/ko7demo",
"full_name": "elttam\/ko7demo",
"owner": {
"login": "seb-elttam",
"id": 68209237,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68209237?v=4",
"html_url": "https:\/\/github.com\/seb-elttam"
"login": "elttam",
"id": 17078044,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17078044?v=4",
"html_url": "https:\/\/github.com\/elttam"
},
"html_url": "https:\/\/github.com\/seb-elttam\/ko7demo",
"html_url": "https:\/\/github.com\/elttam\/ko7demo",
"description": "A docker-contained koseven hello world to play with SQL injection CVE-2019-8979 affecting versions < 3.3.10",
"fork": false,
"created_at": "2020-10-11T06:23:24Z",
"updated_at": "2020-10-12T20:16:07Z",
"created_at": "2020-11-02T00:58:12Z",
"updated_at": "2021-06-14T07:56:04Z",
"pushed_at": "2020-10-12T20:16:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 2,
"score": 0
}
]

8
2020/CVE-2020-10135.json
View file

@ -13,13 +13,13 @@
"description": "CVE 2020-10135 a.k.a BIAS (Bluetooth Impersonation Attack)",
"fork": false,
"created_at": "2020-06-01T07:36:37Z",
"updated_at": "2021-06-09T01:56:16Z",
"updated_at": "2021-06-14T03:40:33Z",
"pushed_at": "2020-06-07T08:59:47Z",
"stargazers_count": 20,
"watchers_count": 20,
"stargazers_count": 19,
"watchers_count": 19,
"forks_count": 5,
"forks": 5,
"watchers": 20,
"watchers": 19,
"score": 0
}
]

8
2020/CVE-2020-1020.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2021-05-18T07:53:26Z",
"updated_at": "2021-06-10T12:42:19Z",
"updated_at": "2021-06-14T08:58:56Z",
"pushed_at": "2021-05-18T07:57:20Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 5,
"forks": 5,
"watchers": 5,
"watchers": 6,
"score": 0
}
]

8
2020/CVE-2020-1938.json
View file

@ -174,13 +174,13 @@
"description": "在一定条件下可执行命令",
"fork": false,
"created_at": "2020-02-21T08:42:50Z",
"updated_at": "2020-07-26T11:21:58Z",
"updated_at": "2021-06-14T07:38:36Z",
"pushed_at": "2020-02-21T08:45:51Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 8,
"forks": 8,
"watchers": 5,
"watchers": 6,
"score": 0
},
{

8
2020/CVE-2020-27358.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2020-27358 and CVE-2020-27359",
"fork": false,
"created_at": "2020-11-02T04:54:52Z",
"updated_at": "2020-11-07T20:38:49Z",
"updated_at": "2021-06-14T05:55:59Z",
"pushed_at": "2020-11-02T05:10:02Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0
}
]

23
2020/CVE-2020-3187.json
View file

@ -44,5 +44,28 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 376723994,
"name": "CVE-2020-3187",
"full_name": "sujaygr8\/CVE-2020-3187",
"owner": {
"login": "sujaygr8",
"id": 39243813,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39243813?v=4",
"html_url": "https:\/\/github.com\/sujaygr8"
},
"html_url": "https:\/\/github.com\/sujaygr8\/CVE-2020-3187",
"description": null,
"fork": false,
"created_at": "2021-06-14T06:27:11Z",
"updated_at": "2021-06-14T06:46:19Z",
"pushed_at": "2021-06-14T06:46:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

4
2020/CVE-2020-3452.json
View file

@ -381,8 +381,8 @@
"description": null,
"fork": false,
"created_at": "2021-06-10T05:09:52Z",
"updated_at": "2021-06-10T05:44:21Z",
"pushed_at": "2021-06-10T05:44:18Z",
"updated_at": "2021-06-14T07:36:50Z",
"pushed_at": "2021-06-14T07:36:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2020/CVE-2020-6516.json
View file

@ -13,13 +13,13 @@
"description": "PoC and tools for exploiting CVE-2020-6516 (Chrome) and CVE-2021-24027 (WhatsApp)",
"fork": false,
"created_at": "2021-03-11T15:27:25Z",
"updated_at": "2021-06-03T17:39:51Z",
"updated_at": "2021-06-14T03:54:24Z",
"pushed_at": "2021-05-25T11:14:56Z",
"stargazers_count": 105,
"watchers_count": 105,
"stargazers_count": 106,
"watchers_count": 106,
"forks_count": 23,
"forks": 23,
"watchers": 105,
"watchers": 106,
"score": 0
}
]

12
2021/CVE-2021-21389.json
View file

@ -13,13 +13,13 @@
"description": "BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.",
"fork": false,
"created_at": "2021-05-31T14:12:26Z",
"updated_at": "2021-06-14T01:00:21Z",
"updated_at": "2021-06-14T04:49:24Z",
"pushed_at": "2021-05-31T14:16:20Z",
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 5,
"forks": 5,
"watchers": 6,
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 6,
"forks": 6,
"watchers": 7,
"score": 0
}
]

8
2021/CVE-2021-21972.json
View file

@ -105,13 +105,13 @@
"description": "Proof of Concept Exploit for vCenter CVE-2021-21972",
"fork": false,
"created_at": "2021-02-24T16:31:34Z",
"updated_at": "2021-06-13T19:35:07Z",
"updated_at": "2021-06-14T09:13:16Z",
"pushed_at": "2021-02-25T16:05:02Z",
"stargazers_count": 124,
"watchers_count": 124,
"stargazers_count": 125,
"watchers_count": 125,
"forks_count": 48,
"forks": 48,
"watchers": 124,
"watchers": 125,
"score": 0
},
{

8
2021/CVE-2021-21985.json
View file

@ -36,13 +36,13 @@
"description": null,
"fork": false,
"created_at": "2021-05-29T13:07:14Z",
"updated_at": "2021-06-11T11:52:31Z",
"updated_at": "2021-06-14T03:42:26Z",
"pushed_at": "2021-06-03T21:29:39Z",
"stargazers_count": 137,
"watchers_count": 137,
"stargazers_count": 138,
"watchers_count": 138,
"forks_count": 35,
"forks": 35,
"watchers": 137,
"watchers": 138,
"score": 0
},
{

4
2021/CVE-2021-22911.json
View file

@ -13,8 +13,8 @@
"description": "Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1",
"fork": false,
"created_at": "2021-06-05T15:05:01Z",
"updated_at": "2021-06-14T01:09:45Z",
"pushed_at": "2021-06-06T00:30:43Z",
"updated_at": "2021-06-14T07:30:41Z",
"pushed_at": "2021-06-14T07:30:38Z",
"stargazers_count": 22,
"watchers_count": 22,
"forks_count": 3,

8
2021/CVE-2021-24027.json
View file

@ -13,13 +13,13 @@
"description": "PoC and tools for exploiting CVE-2020-6516 (Chrome) and CVE-2021-24027 (WhatsApp)",
"fork": false,
"created_at": "2021-03-11T15:27:25Z",
"updated_at": "2021-06-03T17:39:51Z",
"updated_at": "2021-06-14T03:54:24Z",
"pushed_at": "2021-05-25T11:14:56Z",
"stargazers_count": 105,
"watchers_count": 105,
"stargazers_count": 106,
"watchers_count": 106,
"forks_count": 23,
"forks": 23,
"watchers": 105,
"watchers": 106,
"score": 0
}
]

2
2021/CVE-2021-28476.json
View file

@ -13,7 +13,7 @@
"description": "PoC for CVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch.sys.",
"fork": false,
"created_at": "2021-05-31T18:02:39Z",
"updated_at": "2021-06-13T21:57:15Z",
"updated_at": "2021-06-14T07:27:37Z",
"pushed_at": "2021-06-01T15:08:23Z",
"stargazers_count": 161,
"watchers_count": 161,

8
2021/CVE-2021-31166.json
View file

@ -13,13 +13,13 @@
"description": "Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.",
"fork": false,
"created_at": "2021-05-16T16:15:56Z",
"updated_at": "2021-06-13T13:49:25Z",
"updated_at": "2021-06-14T06:56:19Z",
"pushed_at": "2021-06-12T08:27:09Z",
"stargazers_count": 734,
"watchers_count": 734,
"stargazers_count": 735,
"watchers_count": 735,
"forks_count": 119,
"forks": 119,
"watchers": 734,
"watchers": 735,
"score": 0
},
{

8
2021/CVE-2021-3156.json
View file

@ -1025,13 +1025,13 @@
"description": "CVE-2021-3156 - Sudo Baron Samedit",
"fork": false,
"created_at": "2021-04-29T06:29:26Z",
"updated_at": "2021-06-13T09:30:02Z",
"updated_at": "2021-06-14T08:13:49Z",
"pushed_at": "2021-06-12T10:24:05Z",
"stargazers_count": 81,
"watchers_count": 81,
"stargazers_count": 82,
"watchers_count": 82,
"forks_count": 1,
"forks": 1,
"watchers": 81,
"watchers": 82,
"score": 0
},
{

8
2021/CVE-2021-33739.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2021-06-09T06:55:52Z",
"updated_at": "2021-06-13T10:14:42Z",
"updated_at": "2021-06-14T08:58:55Z",
"pushed_at": "2021-06-10T10:31:30Z",
"stargazers_count": 66,
"watchers_count": 66,
"stargazers_count": 68,
"watchers_count": 68,
"forks_count": 25,
"forks": 25,
"watchers": 66,
"watchers": 68,
"score": 0
}
]

39
2021/CVE-2021-3560.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2021-3560 Local PrivEsc Exploit",
"fork": false,
"created_at": "2021-06-11T14:28:43Z",
"updated_at": "2021-06-14T02:45:07Z",
"updated_at": "2021-06-14T07:46:46Z",
"pushed_at": "2021-06-12T17:48:38Z",
"stargazers_count": 37,
"watchers_count": 37,
"stargazers_count": 40,
"watchers_count": 40,
"forks_count": 4,
"forks": 4,
"watchers": 37,
"watchers": 40,
"score": 0
},
{
@ -36,13 +36,13 @@
"description": null,
"fork": false,
"created_at": "2021-06-11T17:19:38Z",
"updated_at": "2021-06-11T17:44:35Z",
"updated_at": "2021-06-14T08:16:05Z",
"pushed_at": "2021-06-11T17:44:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0
},
{
@ -67,5 +67,28 @@
"forks": 0,
"watchers": 12,
"score": 0
},
{
"id": 376695409,
"name": "CVE-2021-3560_PoC",
"full_name": "tyleraharrison\/CVE-2021-3560_PoC",
"owner": {
"login": "tyleraharrison",
"id": 16725119,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16725119?v=4",
"html_url": "https:\/\/github.com\/tyleraharrison"
},
"html_url": "https:\/\/github.com\/tyleraharrison\/CVE-2021-3560_PoC",
"description": "polkit exploit script v1.0",
"fork": false,
"created_at": "2021-06-14T03:45:38Z",
"updated_at": "2021-06-14T04:03:20Z",
"pushed_at": "2021-06-14T04:03:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

225
README.md
View file

@ -317,6 +317,7 @@ The overlayfs implementation in the linux kernel did not properly validate with
- [swapravo/polkadots](https://github.com/swapravo/polkadots)
- [deathflash1411/CVE-2021-3560](https://github.com/deathflash1411/CVE-2021-3560)
- [hakivvi/CVE-2021-3560](https://github.com/hakivvi/CVE-2021-3560)
- [tyleraharrison/CVE-2021-3560_PoC](https://github.com/tyleraharrison/CVE-2021-3560_PoC)
### CVE-2021-3572
- [frenzymadness/CVE-2021-3572](https://github.com/frenzymadness/CVE-2021-3572)
@ -2190,6 +2191,7 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian
- [CrackerCat/CVE-2020-3187](https://github.com/CrackerCat/CVE-2020-3187)
- [x00x00/CVE-2020-3187](https://github.com/x00x00/CVE-2020-3187)
- [sujaygr8/CVE-2020-3187](https://github.com/sujaygr8/CVE-2020-3187)
### CVE-2020-3433 (2020-08-17)
@ -7126,7 +7128,7 @@ An improper authentication vulnerability can be exploited through a race conditi
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled.
</code>
- [seb-elttam/ko7demo](https://github.com/seb-elttam/ko7demo)
- [elttam/ko7demo](https://github.com/elttam/ko7demo)
### CVE-2019-8997 (2019-03-21)
@ -9516,6 +9518,17 @@ The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows
- [preempt/credssp](https://github.com/preempt/credssp)
### CVE-2018-0952 (2018-08-15)
<code>
An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka &quot;Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability.&quot; This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers.
</code>
- [atredispartners/CVE-2018-0952-SystemCollector](https://github.com/atredispartners/CVE-2018-0952-SystemCollector)
### CVE-2018-14
- [lckJack/legacySymfony](https://github.com/lckJack/legacySymfony)
### CVE-2018-1010 (2018-04-11)
<code>
@ -9721,6 +9734,8 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
- [wrysunny/cve-2018-2628](https://github.com/wrysunny/cve-2018-2628)
- [jas502n/CVE-2018-2628](https://github.com/jas502n/CVE-2018-2628)
- [stevenlinfeng/CVE-2018-2628](https://github.com/stevenlinfeng/CVE-2018-2628)
- [likescam/CVE-2018-2628](https://github.com/likescam/CVE-2018-2628)
- [Nervous/WebLogic-RCE-exploit](https://github.com/Nervous/WebLogic-RCE-exploit)
- [Lighird/CVE-2018-2628](https://github.com/Lighird/CVE-2018-2628)
- [0xMJ/CVE-2018-2628](https://github.com/0xMJ/CVE-2018-2628)
- [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner)
@ -9735,12 +9750,21 @@ Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality
- [erpscanteam/CVE-2018-2636](https://github.com/erpscanteam/CVE-2018-2636)
- [Cymmetria/micros_honeypot](https://github.com/Cymmetria/micros_honeypot)
### CVE-2018-2844 (2018-04-18)
<code>
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
</code>
- [renorobert/virtualbox-cve-2018-2844](https://github.com/renorobert/virtualbox-cve-2018-2844)
### CVE-2018-2879 (2018-04-18)
<code>
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. While the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. Note: Please refer to Doc ID &lt;a href=&quot;http://support.oracle.com/CSP/main/article?cmd=show&amp;type=NOT&amp;id=2386496.1&quot;&gt;My Oracle Support Note 2386496.1 for instructions on how to address this issue. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
</code>
- [MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit](https://github.com/MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit)
- [AymanElSherif/oracle-oam-authentication-bypas-exploit](https://github.com/AymanElSherif/oracle-oam-authentication-bypas-exploit)
- [redtimmy/OAMBuster](https://github.com/redtimmy/OAMBuster)
@ -9750,7 +9774,11 @@ Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
</code>
- [sry309/CVE-2018-2893](https://github.com/sry309/CVE-2018-2893)
- [ryanInf/CVE-2018-2893](https://github.com/ryanInf/CVE-2018-2893)
- [bigsizeme/CVE-2018-2893](https://github.com/bigsizeme/CVE-2018-2893)
- [pyn3rd/CVE-2018-2893](https://github.com/pyn3rd/CVE-2018-2893)
- [qianl0ng/CVE-2018-2893](https://github.com/qianl0ng/CVE-2018-2893)
- [jas502n/CVE-2018-2893](https://github.com/jas502n/CVE-2018-2893)
- [ianxtianxt/CVE-2018-2893](https://github.com/ianxtianxt/CVE-2018-2893)
@ -9760,6 +9788,8 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
</code>
- [111ddea/cve-2018-2894](https://github.com/111ddea/cve-2018-2894)
- [LandGrey/CVE-2018-2894](https://github.com/LandGrey/CVE-2018-2894)
- [jas502n/CVE-2018-2894](https://github.com/jas502n/CVE-2018-2894)
- [k8gege/PyLadon](https://github.com/k8gege/PyLadon)
- [changpin666com/CVE-2018-2894-Weblogic-](https://github.com/changpin666com/CVE-2018-2894-Weblogic-)
@ -9903,6 +9933,8 @@ An issue was discovered in certain Apple products. iOS before 11.3 is affected.
</code>
- [FSecureLABS/CVE-2018-4121](https://github.com/FSecureLABS/CVE-2018-4121)
- [likescam/CVE-2018-4121](https://github.com/likescam/CVE-2018-4121)
- [jezzus/CVE-2018-4121](https://github.com/jezzus/CVE-2018-4121)
### CVE-2018-4124 (2018-04-03)
@ -9938,6 +9970,14 @@ An issue was discovered in certain Apple products. macOS before 10.13.5 is affec
- [Synacktiv-contrib/CVE-2018-4193](https://github.com/Synacktiv-contrib/CVE-2018-4193)
### CVE-2018-4233 (2018-06-08)
<code>
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the &quot;WebKit&quot; component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
</code>
- [saelo/cve-2018-4233](https://github.com/saelo/cve-2018-4233)
### CVE-2018-4241 (2018-06-08)
<code>
@ -10149,6 +10189,14 @@ Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potenti
- [ezelf/seatel_terminals](https://github.com/ezelf/seatel_terminals)
### CVE-2018-5740 (2019-01-16)
<code>
&quot;deny-answer-aliases&quot; is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-&gt;9.8.8, 9.9.0-&gt;9.9.13, 9.10.0-&gt;9.10.8, 9.11.0-&gt;9.11.4, 9.12.0-&gt;9.12.2, 9.13.0-&gt;9.13.2.
</code>
- [sischkg/cve-2018-5740](https://github.com/sischkg/cve-2018-5740)
### CVE-2018-5951 (2020-03-02)
<code>
@ -10163,6 +10211,7 @@ An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size
An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI.
</code>
- [cisp/GitStackRCE](https://github.com/cisp/GitStackRCE)
- [YagamiiLight/Cerberus](https://github.com/YagamiiLight/Cerberus)
### CVE-2018-6065 (2018-11-14)
@ -10214,6 +10263,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv
- [s0md3v/Shiva](https://github.com/s0md3v/Shiva)
- [mudhappy/Wordpress-Hack-CVE-2018-6389](https://github.com/mudhappy/Wordpress-Hack-CVE-2018-6389)
- [armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389](https://github.com/armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389)
- [ItinerisLtd/trellis-cve-2018-6389](https://github.com/ItinerisLtd/trellis-cve-2018-6389)
- [Zazzzles/Wordpress-DOS](https://github.com/Zazzzles/Wordpress-DOS)
- [fakedob/tvsz](https://github.com/fakedob/tvsz)
- [vineetkia/Wordpress-DOS-Attack-CVE-2018-6389](https://github.com/vineetkia/Wordpress-DOS-Attack-CVE-2018-6389)
@ -10258,6 +10308,7 @@ plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD
</code>
- [securifera/CVE-2018-6546-Exploit](https://github.com/securifera/CVE-2018-6546-Exploit)
- [YanZiShuang/CVE-2018-6546](https://github.com/YanZiShuang/CVE-2018-6546)
### CVE-2018-6574 (2018-02-07)
@ -10327,6 +10378,14 @@ An issue was discovered that affects all producers of BIOS firmware who make a c
- [kkamagui/napper-for-tpm](https://github.com/kkamagui/napper-for-tpm)
### CVE-2018-6643 (2018-08-28)
<code>
Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter.
</code>
- [undefinedmode/CVE-2018-6643](https://github.com/undefinedmode/CVE-2018-6643)
### CVE-2018-6789 (2018-02-08)
<code>
@ -10477,6 +10536,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
- [fyraiga/CVE-2018-7600-drupalgeddon2-scanner](https://github.com/fyraiga/CVE-2018-7600-drupalgeddon2-scanner)
- [Damian972/drupalgeddon-2](https://github.com/Damian972/drupalgeddon-2)
- [Jyozi/CVE-2018-7600](https://github.com/Jyozi/CVE-2018-7600)
- [happynote3966/CVE-2018-7600](https://github.com/happynote3966/CVE-2018-7600)
- [shellord/CVE-2018-7600-Drupal-RCE](https://github.com/shellord/CVE-2018-7600-Drupal-RCE)
- [r3dxpl0it/CVE-2018-7600](https://github.com/r3dxpl0it/CVE-2018-7600)
- [cved-sources/cve-2018-7600](https://github.com/cved-sources/cve-2018-7600)
@ -10497,6 +10557,7 @@ A remote code execution vulnerability exists within multiple subsystems of Drupa
</code>
- [1337g/Drupalgedon3](https://github.com/1337g/Drupalgedon3)
- [happynote3966/CVE-2018-7602](https://github.com/happynote3966/CVE-2018-7602)
- [kastellanos/CVE-2018-7602](https://github.com/kastellanos/CVE-2018-7602)
- [cyberharsh/DrupalCVE-2018-7602](https://github.com/cyberharsh/DrupalCVE-2018-7602)
@ -10616,6 +10677,14 @@ YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.ht
- [AlwaysHereFight/YZMCMSxss](https://github.com/AlwaysHereFight/YZMCMSxss)
### CVE-2018-8090 (2018-07-25)
<code>
Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading.
</code>
- [kernelm0de/CVE-2018-8090](https://github.com/kernelm0de/CVE-2018-8090)
### CVE-2018-8108 (2018-03-14)
<code>
@ -10643,12 +10712,22 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon
- [ne1llee/cve-2018-8120](https://github.com/ne1llee/cve-2018-8120)
- [alpha1ab/CVE-2018-8120](https://github.com/alpha1ab/CVE-2018-8120)
- [areuu/CVE-2018-8120](https://github.com/areuu/CVE-2018-8120)
- [EVOL4/CVE-2018-8120](https://github.com/EVOL4/CVE-2018-8120)
- [ozkanbilge/CVE-2018-8120](https://github.com/ozkanbilge/CVE-2018-8120)
- [qiantu88/CVE-2018-8120](https://github.com/qiantu88/CVE-2018-8120)
- [Y0n0Y/cve-2018-8120-exp](https://github.com/Y0n0Y/cve-2018-8120-exp)
- [DreamoneOnly/CVE-2018-8120](https://github.com/DreamoneOnly/CVE-2018-8120)
- [StartZYP/CVE-2018-8120](https://github.com/StartZYP/CVE-2018-8120)
- [wikiZ/cve-2018-8120](https://github.com/wikiZ/cve-2018-8120)
### CVE-2018-8172 (2018-07-10)
<code>
A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka &quot;Visual Studio Remote Code Execution Vulnerability.&quot; This affects Microsoft Visual Studio, Expression Blend 4.
</code>
- [SyFi/CVE-2018-8172](https://github.com/SyFi/CVE-2018-8172)
### CVE-2018-8174 (2018-05-09)
<code>
@ -10659,6 +10738,8 @@ A remote code execution vulnerability exists in the way that the VBScript engine
- [Yt1g3r/CVE-2018-8174_EXP](https://github.com/Yt1g3r/CVE-2018-8174_EXP)
- [SyFi/CVE-2018-8174](https://github.com/SyFi/CVE-2018-8174)
- [orf53975/Rig-Exploit-for-CVE-2018-8174](https://github.com/orf53975/Rig-Exploit-for-CVE-2018-8174)
- [piotrflorczyk/cve-2018-8174_analysis](https://github.com/piotrflorczyk/cve-2018-8174_analysis)
- [likescam/CVE-2018-8174-msf](https://github.com/likescam/CVE-2018-8174-msf)
- [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit)
- [ericisnotrealname/CVE-2018-8174_EXP](https://github.com/ericisnotrealname/CVE-2018-8174_EXP)
- [www201001/https-github.com-iBearcat-CVE-2018-8174_EXP](https://github.com/www201001/https-github.com-iBearcat-CVE-2018-8174_EXP)
@ -10667,6 +10748,14 @@ A remote code execution vulnerability exists in the way that the VBScript engine
- [delina1/CVE-2018-8174_EXP](https://github.com/delina1/CVE-2018-8174_EXP)
- [DarkFlameMaster-bit/CVE-2018-8174_EXP](https://github.com/DarkFlameMaster-bit/CVE-2018-8174_EXP)
### CVE-2018-8208 (2018-06-14)
<code>
An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka &quot;Windows Desktop Bridge Elevation of Privilege Vulnerability.&quot; This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214.
</code>
- [kaisaryousuf/CVE-2018-8208](https://github.com/kaisaryousuf/CVE-2018-8208)
### CVE-2018-8214 (2018-06-14)
<code>
@ -10683,6 +10772,14 @@ A remote code execution vulnerability exists when the Microsoft .NET Framework f
- [quantiti/CVE-2018-8284-Sharepoint-RCE](https://github.com/quantiti/CVE-2018-8284-Sharepoint-RCE)
### CVE-2018-8353 (2018-08-15)
<code>
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka &quot;Scripting Engine Memory Corruption Vulnerability.&quot; This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
</code>
- [whereisr0da/CVE-2018-8353-POC](https://github.com/whereisr0da/CVE-2018-8353-POC)
### CVE-2018-8389 (2018-08-15)
<code>
@ -10699,6 +10796,14 @@ A remote code execution vulnerability exists when the Windows Shell does not pro
- [whereisr0da/CVE-2018-8414-POC](https://github.com/whereisr0da/CVE-2018-8414-POC)
### CVE-2018-8420 (2018-09-12)
<code>
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka &quot;MS XML Remote Code Execution Vulnerability.&quot; This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
</code>
- [idkwim/CVE-2018-8420](https://github.com/idkwim/CVE-2018-8420)
### CVE-2018-8440 (2018-09-12)
<code>
@ -10786,6 +10891,7 @@ A statement in the System Programming Guide of the Intel 64 and IA-32 Architectu
- [nmulasmajic/CVE-2018-8897](https://github.com/nmulasmajic/CVE-2018-8897)
- [jiazhang0/pop-mov-ss-exploit](https://github.com/jiazhang0/pop-mov-ss-exploit)
- [can1357/CVE-2018-8897](https://github.com/can1357/CVE-2018-8897)
- [nmulasmajic/syscall_exploit_CVE-2018-8897](https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897)
### CVE-2018-8941 (2018-04-03)
@ -10899,6 +11005,15 @@ In the ClearKey CAS descrambler, there is a possible use after free due to a rac
### CVE-2018-9546
- [IOActive/AOSP-DownloadProviderHeadersDumper](https://github.com/IOActive/AOSP-DownloadProviderHeadersDumper)
### CVE-2018-9948 (2018-05-17)
<code>
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5380.
</code>
- [manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958](https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958)
- [orangepirate/cve-2018-9948-9958-exp](https://github.com/orangepirate/cve-2018-9948-9958-exp)
### CVE-2018-9950 (2018-05-17)
<code>
@ -11092,6 +11207,14 @@ A weakness was found in postgresql-jdbc before version 42.2.5. It was possible t
- [tafamace/CVE-2018-10936](https://github.com/tafamace/CVE-2018-10936)
### CVE-2018-10949 (2018-05-09)
<code>
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the &quot;HTTP 404 - account is not active&quot; and &quot;HTTP 401 - must authenticate&quot; errors.
</code>
- [0x00-0x00/CVE-2018-10949](https://github.com/0x00-0x00/CVE-2018-10949)
### CVE-2018-11235 (2018-05-30)
<code>
@ -11213,7 +11336,18 @@ From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API f
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
</code>
- [trbpnd/CVE-2018-11776](https://github.com/trbpnd/CVE-2018-11776)
- [xfox64x/CVE-2018-11776](https://github.com/xfox64x/CVE-2018-11776)
- [jiguangin/CVE-2018-11776](https://github.com/jiguangin/CVE-2018-11776)
- [hook-s3c/CVE-2018-11776-Python-PoC](https://github.com/hook-s3c/CVE-2018-11776-Python-PoC)
- [mazen160/struts-pwn_CVE-2018-11776](https://github.com/mazen160/struts-pwn_CVE-2018-11776)
- [bhdresh/CVE-2018-11776](https://github.com/bhdresh/CVE-2018-11776)
- [knqyf263/CVE-2018-11776](https://github.com/knqyf263/CVE-2018-11776)
- [Ekultek/Strutter](https://github.com/Ekultek/Strutter)
- [tuxotron/cve-2018-11776-docker](https://github.com/tuxotron/cve-2018-11776-docker)
- [brianwrf/S2-057-CVE-2018-11776](https://github.com/brianwrf/S2-057-CVE-2018-11776)
- [649/Apache-Struts-Shodan-Exploit](https://github.com/649/Apache-Struts-Shodan-Exploit)
- [jezzus/CVE-2018-11776-Python-PoC](https://github.com/jezzus/CVE-2018-11776-Python-PoC)
- [cved-sources/cve-2018-11776](https://github.com/cved-sources/cve-2018-11776)
- [OzNetNerd/apche-struts-vuln-demo-cve-2018-11776](https://github.com/OzNetNerd/apche-struts-vuln-demo-cve-2018-11776)
- [cucadili/CVE-2018-11776](https://github.com/cucadili/CVE-2018-11776)
@ -11293,6 +11427,14 @@ LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a us
- [ReverseBrain/CVE-2018-12421](https://github.com/ReverseBrain/CVE-2018-12421)
### CVE-2018-12463 (2018-07-12)
<code>
An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
</code>
- [alt3kx/CVE-2018-12463](https://github.com/alt3kx/CVE-2018-12463)
### CVE-2018-12533 (2018-06-18)
<code>
@ -11349,6 +11491,14 @@ Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier,
- [sharmasandeepkr/cve-2018-12798](https://github.com/sharmasandeepkr/cve-2018-12798)
### CVE-2018-12895 (2018-06-26)
<code>
WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.
</code>
- [bloom-ux/cve-2018-12895-hotfix](https://github.com/bloom-ux/cve-2018-12895-hotfix)
### CVE-2018-13257 (2019-11-18)
<code>
@ -11399,6 +11549,14 @@ An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.
- [shinecome/zip](https://github.com/shinecome/zip)
### CVE-2018-13784 (2018-07-09)
<code>
PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.
</code>
- [ambionics/prestashop-exploits](https://github.com/ambionics/prestashop-exploits)
### CVE-2018-13797 (2018-07-10)
<code>
@ -11415,6 +11573,14 @@ A directory traversal vulnerability has been found in the Assets controller in P
- [tafamace/CVE-2018-13864](https://github.com/tafamace/CVE-2018-13864)
### CVE-2018-14083 (2018-07-25)
<code>
LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash.
</code>
- [pudding2/CVE-2018-14083](https://github.com/pudding2/CVE-2018-14083)
### CVE-2018-14442 (2018-07-20)
<code>
@ -11486,6 +11652,7 @@ MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read a
</code>
- [BasuCert/WinboxPoC](https://github.com/BasuCert/WinboxPoC)
- [msterusky/WinboxExploit](https://github.com/msterusky/WinboxExploit)
- [syrex1013/MikroRoot](https://github.com/syrex1013/MikroRoot)
- [jas502n/CVE-2018-14847](https://github.com/jas502n/CVE-2018-14847)
- [th3f3n1x87/winboxPOC](https://github.com/th3f3n1x87/winboxPOC)
@ -11494,6 +11661,14 @@ MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read a
- [yukar1z0e/CVE-2018-14847](https://github.com/yukar1z0e/CVE-2018-14847)
- [hacker30468/Mikrotik-router-hack](https://github.com/hacker30468/Mikrotik-router-hack)
### CVE-2018-15131 (2019-05-30)
<code>
An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests.
</code>
- [0x00-0x00/CVE-2018-15131](https://github.com/0x00-0x00/CVE-2018-15131)
### CVE-2018-15133 (2018-08-09)
<code>
@ -11544,6 +11719,14 @@ OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not dela
- [Sait-Nuri/CVE-2018-15473](https://github.com/Sait-Nuri/CVE-2018-15473)
- [WildfootW/CVE-2018-15473_OpenSSH_7.7](https://github.com/WildfootW/CVE-2018-15473_OpenSSH_7.7)
### CVE-2018-15499 (2018-08-24)
<code>
GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine.
</code>
- [DownWithUp/CVE-2018-15499](https://github.com/DownWithUp/CVE-2018-15499)
### CVE-2018-15686 (2018-10-26)
<code>
@ -11552,6 +11735,22 @@ A vulnerability in unit_deserialize of systemd allows an attacker to supply arbi
- [hpcprofessional/remediate_cesa_2019_2091](https://github.com/hpcprofessional/remediate_cesa_2019_2091)
### CVE-2018-15727 (2018-08-29)
<code>
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid &quot;remember me&quot; cookie knowing only a username of an LDAP or OAuth user.
</code>
- [u238/grafana-CVE-2018-15727](https://github.com/u238/grafana-CVE-2018-15727)
### CVE-2018-15832 (2018-09-20)
<code>
upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process.
</code>
- [JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0](https://github.com/JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0)
### CVE-2018-15835 (2018-11-30)
<code>
@ -11568,6 +11767,14 @@ The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerabl
- [cved-sources/cve-2018-15877](https://github.com/cved-sources/cve-2018-15877)
### CVE-2018-15912 (2018-08-29)
<code>
An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A local attacker can install or remove arbitrary packages and package repositories potentially containing hooks with arbitrary code, which will automatically be run as root, or remove packages vital to the system.
</code>
- [coderobe/CVE-2018-15912-PoC](https://github.com/coderobe/CVE-2018-15912-PoC)
### CVE-2018-15961 (2018-09-25)
<code>
@ -11647,6 +11854,22 @@ ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitial
### CVE-2018-16341
- [mpgn/CVE-2018-16341](https://github.com/mpgn/CVE-2018-16341)
### CVE-2018-16370 (2018-09-02)
<code>
In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&amp;m=Setting&amp;a=upgrade by placing a .php file in a ZIP archive.
</code>
- [snappyJack/CVE-2018-16370](https://github.com/snappyJack/CVE-2018-16370)
### CVE-2018-16373 (2018-09-02)
<code>
Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save.
</code>
- [snappyJack/CVE-2018-16373](https://github.com/snappyJack/CVE-2018-16373)
### CVE-2018-16492 (2019-02-01)
<code>