From 8deb57d9dbbdb968b6cdfd2b45395ab71b8bbba5 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 15 Jan 2021 06:11:43 +0900 Subject: [PATCH] Auto Update 2021/01/15 06:11:43 --- 2007/CVE-2007-2447.json | 4 ++-- 2019/CVE-2019-0708.json | 20 ++++++++++---------- 2019/CVE-2019-15126.json | 8 ++++---- 2019/CVE-2019-3980.json | 8 ++++---- 2020/CVE-2020-0001.json | 8 ++++---- 2020/CVE-2020-0796.json | 12 ++++++------ 2020/CVE-2020-1350.json | 8 ++++---- 2020/CVE-2020-14882.json | 8 ++++---- 2020/CVE-2020-6207.json | 8 ++++---- 2020/CVE-2020-6308.json | 8 ++++---- 2020/CVE-2020-7200.json | 25 +++++++++++++++++++++++++ 2020/CVE-2020-7961.json | 23 +++++++++++++++++++++++ 2020/CVE-2020-9484.json | 8 ++++---- README.md | 30 +++++++++++++++++++++++++++--- 14 files changed, 125 insertions(+), 53 deletions(-) create mode 100644 2020/CVE-2020-7200.json diff --git a/2007/CVE-2007-2447.json b/2007/CVE-2007-2447.json index b2d7ef6e05..901af93ae0 100644 --- a/2007/CVE-2007-2447.json +++ b/2007/CVE-2007-2447.json @@ -17,8 +17,8 @@ "pushed_at": "2020-08-16T18:54:38Z", "stargazers_count": 18, "watchers_count": 18, - "forks_count": 12, - "forks": 12, + "forks_count": 13, + "forks": 13, "watchers": 18, "score": 0 }, diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index 492c514eb8..bd081fb60c 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1328,8 +1328,8 @@ "pushed_at": "2019-05-28T02:46:19Z", "stargazers_count": 114, "watchers_count": 114, - "forks_count": 39, - "forks": 39, + "forks_count": 40, + "forks": 40, "watchers": 114, "score": 0 }, @@ -1439,13 +1439,13 @@ "description": "Proof of concept for CVE-2019-0708", "fork": false, "created_at": "2019-05-29T16:53:54Z", - "updated_at": "2021-01-09T12:21:20Z", + "updated_at": "2021-01-14T15:28:59Z", "pushed_at": "2019-09-03T20:50:28Z", - "stargazers_count": 1055, - "watchers_count": 1055, + "stargazers_count": 1056, + "watchers_count": 1056, "forks_count": 354, "forks": 354, - "watchers": 1055, + "watchers": 1056, "score": 0 }, { @@ -2267,13 +2267,13 @@ "description": "ispy V1.0 - Eternalblue(ms17-010)\/Bluekeep(CVE-2019-0708) Scanner and exploit ( Metasploit automation )", "fork": false, "created_at": "2019-09-30T19:46:21Z", - "updated_at": "2020-12-22T09:03:00Z", + "updated_at": "2021-01-14T16:46:27Z", "pushed_at": "2020-12-21T14:26:14Z", - "stargazers_count": 171, - "watchers_count": 171, + "stargazers_count": 172, + "watchers_count": 172, "forks_count": 65, "forks": 65, - "watchers": 171, + "watchers": 172, "score": 0 }, { diff --git a/2019/CVE-2019-15126.json b/2019/CVE-2019-15126.json index ee17a6f613..9fa9e5aec0 100644 --- a/2019/CVE-2019-15126.json +++ b/2019/CVE-2019-15126.json @@ -36,13 +36,13 @@ "description": "PoC exploit for the CVE-2019-15126 kr00k vulnerability", "fork": false, "created_at": "2020-03-13T14:53:54Z", - "updated_at": "2021-01-12T15:33:58Z", + "updated_at": "2021-01-14T15:22:06Z", "pushed_at": "2020-03-22T19:46:04Z", - "stargazers_count": 184, - "watchers_count": 184, + "stargazers_count": 185, + "watchers_count": 185, "forks_count": 59, "forks": 59, - "watchers": 184, + "watchers": 185, "score": 0 }, { diff --git a/2019/CVE-2019-3980.json b/2019/CVE-2019-3980.json index 5c80a27760..fa037b8354 100644 --- a/2019/CVE-2019-3980.json +++ b/2019/CVE-2019-3980.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-08-03T14:12:56Z", - "updated_at": "2021-01-14T13:35:47Z", + "updated_at": "2021-01-14T17:21:53Z", "pushed_at": "2020-12-12T03:41:43Z", - "stargazers_count": 8, - "watchers_count": 8, + "stargazers_count": 11, + "watchers_count": 11, "forks_count": 6, "forks": 6, - "watchers": 8, + "watchers": 11, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0001.json b/2020/CVE-2020-0001.json index 67e7ec5761..ab849f8e6d 100644 --- a/2020/CVE-2020-0001.json +++ b/2020/CVE-2020-0001.json @@ -13,13 +13,13 @@ "description": "POC to run system component in an untrusted-app process", "fork": false, "created_at": "2021-01-06T18:51:19Z", - "updated_at": "2021-01-08T10:26:51Z", + "updated_at": "2021-01-14T17:00:44Z", "pushed_at": "2021-01-08T10:26:49Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 6, + "watchers_count": 6, "forks_count": 0, "forks": 0, - "watchers": 5, + "watchers": 6, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index e4e5a53846..b6246fa696 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -1167,8 +1167,8 @@ "pushed_at": "2020-06-05T16:21:55Z", "stargazers_count": 10, "watchers_count": 10, - "forks_count": 12, - "forks": 12, + "forks_count": 13, + "forks": 13, "watchers": 10, "score": 0 }, @@ -1347,12 +1347,12 @@ "description": "SMBGhost (CVE-2020-0796) Automate Exploitation and Detection", "fork": false, "created_at": "2020-06-10T16:44:39Z", - "updated_at": "2020-12-10T07:57:49Z", - "pushed_at": "2020-11-17T20:39:52Z", + "updated_at": "2021-01-14T18:50:17Z", + "pushed_at": "2021-01-14T18:50:13Z", "stargazers_count": 72, "watchers_count": 72, - "forks_count": 29, - "forks": 29, + "forks_count": 30, + "forks": 30, "watchers": 72, "score": 0 }, diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json index 796cf37dd8..afd3c2ec80 100644 --- a/2020/CVE-2020-1350.json +++ b/2020/CVE-2020-1350.json @@ -105,13 +105,13 @@ "description": "Detection of attempts to exploit Microsoft Windows DNS server via CVE-2020-1350 (AKA SIGRed)", "fork": false, "created_at": "2020-07-15T05:55:20Z", - "updated_at": "2020-11-14T00:21:43Z", + "updated_at": "2021-01-14T18:47:12Z", "pushed_at": "2020-07-20T02:20:43Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "forks_count": 4, "forks": 4, - "watchers": 9, + "watchers": 10, "score": 0 }, { diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 0faa78d6f4..630e72ee71 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -36,13 +36,13 @@ "description": "Vulmap - Web vulnerability scanning and verification tools,支持扫描 activemq, flink, shiro, solr, struts2, tomcat, unomi, drupal, elasticsearch, nexus, weblogic, jboss, thinkphp,并且具备漏洞利用功能。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883, S2-061, CVE-2020-13942, CVE-2020-17530, CVE-2020-17518, CVE-2020-17519", "fork": false, "created_at": "2020-10-09T06:34:36Z", - "updated_at": "2021-01-14T08:02:25Z", + "updated_at": "2021-01-14T15:46:45Z", "pushed_at": "2021-01-13T10:38:48Z", - "stargazers_count": 748, - "watchers_count": 748, + "stargazers_count": 749, + "watchers_count": 749, "forks_count": 133, "forks": 133, - "watchers": 748, + "watchers": 749, "score": 0 }, { diff --git a/2020/CVE-2020-6207.json b/2020/CVE-2020-6207.json index bccfc5a54f..14459ed5ea 100644 --- a/2020/CVE-2020-6207.json +++ b/2020/CVE-2020-6207.json @@ -13,13 +13,13 @@ "description": "PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)", "fork": false, "created_at": "2021-01-14T10:49:40Z", - "updated_at": "2021-01-14T15:08:24Z", + "updated_at": "2021-01-14T15:43:05Z", "pushed_at": "2021-01-14T13:35:09Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "forks_count": 1, "forks": 1, - "watchers": 1, + "watchers": 2, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-6308.json b/2020/CVE-2020-6308.json index 329f4bd88f..b5281bc452 100644 --- a/2020/CVE-2020-6308.json +++ b/2020/CVE-2020-6308.json @@ -36,13 +36,13 @@ "description": "PoC CVE-2020-6308", "fork": false, "created_at": "2020-12-27T10:37:11Z", - "updated_at": "2021-01-14T05:07:58Z", + "updated_at": "2021-01-14T16:46:04Z", "pushed_at": "2020-12-29T10:49:49Z", - "stargazers_count": 27, - "watchers_count": 27, + "stargazers_count": 28, + "watchers_count": 28, "forks_count": 6, "forks": 6, - "watchers": 27, + "watchers": 28, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-7200.json b/2020/CVE-2020-7200.json new file mode 100644 index 0000000000..0f1b425eca --- /dev/null +++ b/2020/CVE-2020-7200.json @@ -0,0 +1,25 @@ +[ + { + "id": 329734215, + "name": "CVE-2020-7200", + "full_name": "alexfrancow\/CVE-2020-7200", + "owner": { + "login": "alexfrancow", + "id": 23419929, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/23419929?v=4", + "html_url": "https:\/\/github.com\/alexfrancow" + }, + "html_url": "https:\/\/github.com\/alexfrancow\/CVE-2020-7200", + "description": null, + "fork": false, + "created_at": "2021-01-14T21:05:29Z", + "updated_at": "2021-01-14T21:11:23Z", + "pushed_at": "2021-01-14T21:11:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-7961.json b/2020/CVE-2020-7961.json index 8980fb17a1..4b863304d4 100644 --- a/2020/CVE-2020-7961.json +++ b/2020/CVE-2020-7961.json @@ -136,5 +136,28 @@ "forks": 0, "watchers": 3, "score": 0 + }, + { + "id": 329711989, + "name": "CVE-2020-7961", + "full_name": "ShutdownRepo\/CVE-2020-7961", + "owner": { + "login": "ShutdownRepo", + "id": 40902872, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40902872?v=4", + "html_url": "https:\/\/github.com\/ShutdownRepo" + }, + "html_url": "https:\/\/github.com\/ShutdownRepo\/CVE-2020-7961", + "description": "Exploit script for CVE-2020-7961", + "fork": false, + "created_at": "2021-01-14T19:18:13Z", + "updated_at": "2021-01-14T20:38:23Z", + "pushed_at": "2021-01-14T19:26:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-9484.json b/2020/CVE-2020-9484.json index 802d6f970a..36ba890737 100644 --- a/2020/CVE-2020-9484.json +++ b/2020/CVE-2020-9484.json @@ -105,13 +105,13 @@ "description": "CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE ", "fork": false, "created_at": "2020-06-05T20:40:28Z", - "updated_at": "2021-01-14T08:28:27Z", + "updated_at": "2021-01-14T18:24:56Z", "pushed_at": "2020-06-05T21:04:43Z", - "stargazers_count": 22, - "watchers_count": 22, + "stargazers_count": 23, + "watchers_count": 23, "forks_count": 11, "forks": 11, - "watchers": 22, + "watchers": 23, "score": 0 }, { diff --git a/README.md b/README.md index 6c233cfe3a..af0981a3a7 100644 --- a/README.md +++ b/README.md @@ -1198,6 +1198,14 @@ The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowe - [ElmouradiAmine/CVE-2020-7048](https://github.com/ElmouradiAmine/CVE-2020-7048) +### CVE-2020-7200 (2020-12-18) + + +A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6. The vulnerability could be exploited to allow remote code execution. + + +- [alexfrancow/CVE-2020-7200](https://github.com/alexfrancow/CVE-2020-7200) + ### CVE-2020-7209 (2020-02-12) @@ -1307,6 +1315,7 @@ Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows - [shacojx/GLiferay](https://github.com/shacojx/GLiferay) - [shacojx/POC-CVE-2020-7961-Token-iterate](https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate) - [Udyz/CVE-2020-7961-Mass](https://github.com/Udyz/CVE-2020-7961-Mass) +- [ShutdownRepo/CVE-2020-7961](https://github.com/ShutdownRepo/CVE-2020-7961) ### CVE-2020-7980 (2020-01-25) @@ -3378,10 +3387,20 @@ An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross- - [lukaszstu/SmartAsset-CORS-CVE-2020-26527](https://github.com/lukaszstu/SmartAsset-CORS-CVE-2020-26527) -### CVE-2020-26732 +### CVE-2020-26732 (2021-01-14) + + +Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. + + - [swzhouu/CVE-2020-26732](https://github.com/swzhouu/CVE-2020-26732) -### CVE-2020-26733 +### CVE-2020-26733 (2021-01-14) + + +Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section. + + - [swzhouu/CVE-2020-26733](https://github.com/swzhouu/CVE-2020-26733) ### CVE-2020-27151 (2020-12-07) @@ -3420,7 +3439,12 @@ An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger's - [seb1055/cve-2020-27358-27359](https://github.com/seb1055/cve-2020-27358-27359) -### CVE-2020-27368 +### CVE-2020-27368 (2021-01-14) + + +Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter. + + - [swzhouu/CVE-2020-27368](https://github.com/swzhouu/CVE-2020-27368) ### CVE-2020-27603 (2020-10-21)