mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2021/02/20 18:08:44

Browse source
This commit is contained in:
motikan2010-bot 2021-02-20 18:08:44 +09:00
parent 77c9222ba3
commit 8ec255b952
44 changed files with 901 additions and 115 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2017/CVE-2017-9248.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-12-22T03:10:47Z",
"stargazers_count": 97,
"watchers_count": 97,
"forks_count": 39,
"forks": 39,
"forks_count": 40,
"forks": 40,
"watchers": 97,
"score": 0
},

4
2018/CVE-2018-20250.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2019-08-05T10:45:34Z",
"stargazers_count": 428,
"watchers_count": 428,
"forks_count": 180,
"forks": 180,
"forks_count": 181,
"forks": 181,
"watchers": 428,
"score": 0
},

8
2018/CVE-2018-4407.json
View file

@ -128,13 +128,13 @@
"description": "POC: Heap buffer overflow in the networking code in the XNU operating system kernel",
"fork": false,
"created_at": "2018-11-02T15:26:47Z",
"updated_at": "2020-11-23T22:13:12Z",
"updated_at": "2021-02-20T08:54:05Z",
"pushed_at": "2018-12-01T23:17:56Z",
"stargazers_count": 13,
"watchers_count": 13,
"stargazers_count": 12,
"watchers_count": 12,
"forks_count": 1,
"forks": 1,
"watchers": 13,
"watchers": 12,
"score": 0
},
{

4
2018/CVE-2018-6389.json
View file

@ -473,8 +473,8 @@
"description": null,
"fork": false,
"created_at": "2020-10-18T14:01:59Z",
"updated_at": "2021-02-19T02:55:48Z",
"pushed_at": "2021-02-19T02:55:46Z",
"updated_at": "2021-02-20T03:21:03Z",
"pushed_at": "2021-02-20T03:21:02Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2018/CVE-2018-9206.json
View file

@ -13,13 +13,13 @@
"description": "A Python PoC for CVE-2018-9206",
"fork": false,
"created_at": "2018-10-22T16:33:22Z",
"updated_at": "2020-06-04T11:39:14Z",
"updated_at": "2021-02-20T07:43:16Z",
"pushed_at": "2018-10-22T16:49:08Z",
"stargazers_count": 13,
"watchers_count": 13,
"stargazers_count": 14,
"watchers_count": 14,
"forks_count": 12,
"forks": 12,
"watchers": 13,
"watchers": 14,
"score": 0
},
{

23
2019/CVE-2019-0192.json
View file

@ -1,4 +1,27 @@
[
{
"id": 174814901,
"name": "CVE-2019-0192",
"full_name": "mpgn\/CVE-2019-0192",
"owner": {
"login": "mpgn",
"id": 5891788,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4",
"html_url": "https:\/\/github.com\/mpgn"
},
"html_url": "https:\/\/github.com\/mpgn\/CVE-2019-0192",
"description": "RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl",
"fork": false,
"created_at": "2019-03-10T11:35:26Z",
"updated_at": "2021-01-19T21:06:07Z",
"pushed_at": "2019-03-10T18:33:43Z",
"stargazers_count": 209,
"watchers_count": 209,
"forks_count": 60,
"forks": 60,
"watchers": 209,
"score": 0
},
{
"id": 218993619,
"name": "Solr-RCE-CVE-2019-0192",

23
2019/CVE-2019-0193.json
View file

@ -1,4 +1,27 @@
[
{
"id": 176290079,
"name": "CVE-2019-0193",
"full_name": "xConsoIe\/CVE-2019-0193",
"owner": {
"login": "xConsoIe",
"id": 48456709,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48456709?v=4",
"html_url": "https:\/\/github.com\/xConsoIe"
},
"html_url": "https:\/\/github.com\/xConsoIe\/CVE-2019-0193",
"description": null,
"fork": false,
"created_at": "2019-03-18T13:18:01Z",
"updated_at": "2020-11-29T10:18:07Z",
"pushed_at": "2019-03-18T13:22:48Z",
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 7,
"forks": 7,
"watchers": 8,
"score": 0
},
{
"id": 201405406,
"name": "CVE-2019-0193",

23
2019/CVE-2019-0604.json
View file

@ -1,4 +1,27 @@
[
{
"id": 177246255,
"name": "CVE-2019-0604",
"full_name": "linhlhq\/CVE-2019-0604",
"owner": {
"login": "linhlhq",
"id": 28854132,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28854132?v=4",
"html_url": "https:\/\/github.com\/linhlhq"
},
"html_url": "https:\/\/github.com\/linhlhq\/CVE-2019-0604",
"description": "CVE-2019-0604",
"fork": false,
"created_at": "2019-03-23T05:01:54Z",
"updated_at": "2021-01-29T22:25:59Z",
"pushed_at": "2019-03-22T05:45:44Z",
"stargazers_count": 130,
"watchers_count": 130,
"forks_count": 78,
"forks": 78,
"watchers": 130,
"score": 0
},
{
"id": 179413290,
"name": "CVE-2019-0604_sharepoint_CVE",

20
2019/CVE-2019-0708.json
View file

@ -891,8 +891,8 @@
"pushed_at": "2019-05-30T02:43:06Z",
"stargazers_count": 78,
"watchers_count": 78,
"forks_count": 29,
"forks": 29,
"forks_count": 30,
"forks": 30,
"watchers": 78,
"score": 0
},
@ -1025,13 +1025,13 @@
"description": "Scanner PoC for CVE-2019-0708 RDP RCE vuln",
"fork": false,
"created_at": "2019-05-22T00:08:44Z",
"updated_at": "2021-02-19T10:37:00Z",
"updated_at": "2021-02-20T08:55:03Z",
"pushed_at": "2020-12-06T04:48:38Z",
"stargazers_count": 1137,
"watchers_count": 1137,
"forks_count": 384,
"forks": 384,
"watchers": 1137,
"stargazers_count": 1136,
"watchers_count": 1136,
"forks_count": 385,
"forks": 385,
"watchers": 1136,
"score": 0
},
{
@ -1305,8 +1305,8 @@
"pushed_at": "2019-05-28T02:46:19Z",
"stargazers_count": 115,
"watchers_count": 115,
"forks_count": 40,
"forks": 40,
"forks_count": 41,
"forks": 41,
"watchers": 115,
"score": 0
},

23
2019/CVE-2019-0808.json
View file

@ -1,4 +1,27 @@
[
{
"id": 177576776,
"name": "cve-2019-0808-poc",
"full_name": "ze0r\/cve-2019-0808-poc",
"owner": {
"login": "ze0r",
"id": 43227253,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4",
"html_url": "https:\/\/github.com\/ze0r"
},
"html_url": "https:\/\/github.com\/ze0r\/cve-2019-0808-poc",
"description": "cve-2019-0808-poc",
"fork": false,
"created_at": "2019-03-25T11:53:35Z",
"updated_at": "2020-12-23T12:17:23Z",
"pushed_at": "2019-03-25T12:10:40Z",
"stargazers_count": 43,
"watchers_count": 43,
"forks_count": 19,
"forks": 19,
"watchers": 43,
"score": 0
},
{
"id": 182577297,
"name": "CVE-2019-0808",

23
2019/CVE-2019-1003000.json
View file

@ -22,6 +22,29 @@
"watchers": 51,
"score": 0
},
{
"id": 170809838,
"name": "cve-2019-1003000-jenkins-rce-poc",
"full_name": "adamyordan\/cve-2019-1003000-jenkins-rce-poc",
"owner": {
"login": "adamyordan",
"id": 9531164,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9531164?v=4",
"html_url": "https:\/\/github.com\/adamyordan"
},
"html_url": "https:\/\/github.com\/adamyordan\/cve-2019-1003000-jenkins-rce-poc",
"description": "Jenkins RCE Proof-of-Concept: SECURITY-1266 \/ CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)",
"fork": false,
"created_at": "2019-02-15T05:59:24Z",
"updated_at": "2021-01-19T03:15:21Z",
"pushed_at": "2019-04-01T13:19:49Z",
"stargazers_count": 269,
"watchers_count": 269,
"forks_count": 83,
"forks": 83,
"watchers": 269,
"score": 0
},
{
"id": 183322760,
"name": "CVE-2019-1003000_RCE-DETECTION",

8
2019/CVE-2019-11580.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE",
"fork": false,
"created_at": "2019-07-17T07:54:38Z",
"updated_at": "2020-12-11T10:06:47Z",
"updated_at": "2021-02-20T03:40:33Z",
"pushed_at": "2019-07-18T10:03:28Z",
"stargazers_count": 84,
"watchers_count": 84,
"stargazers_count": 85,
"watchers_count": 85,
"forks_count": 19,
"forks": 19,
"watchers": 84,
"watchers": 85,
"score": 0
},
{

4
2019/CVE-2019-13024.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2019-11-08T17:39:34Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"forks_count": 1,
"forks": 1,
"watchers": 1,
"score": 0
}

25
2019/CVE-2019-1653.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 178810790,
"name": "CiscoSpill",
"full_name": "shaheemirza\/CiscoSpill",
"owner": {
"login": "shaheemirza",
"id": 4853436,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4853436?v=4",
"html_url": "https:\/\/github.com\/shaheemirza"
},
"html_url": "https:\/\/github.com\/shaheemirza\/CiscoSpill",
"description": "Just a PoC tool to extract password using CVE-2019-1653.",
"fork": false,
"created_at": "2019-04-01T07:40:01Z",
"updated_at": "2020-11-25T23:13:59Z",
"pushed_at": "2019-04-01T07:50:48Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 4,
"forks": 4,
"watchers": 4,
"score": 0
}
]

8
2019/CVE-2019-17558.json
View file

@ -36,13 +36,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2021-02-20T02:36:15Z",
"updated_at": "2021-02-20T03:44:53Z",
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2338,
"watchers_count": 2338,
"stargazers_count": 2339,
"watchers_count": 2339,
"forks_count": 663,
"forks": 663,
"watchers": 2338,
"watchers": 2339,
"score": 0
},
{

25
2019/CVE-2019-1987.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 171108223,
"name": "android-7-9-png-bug",
"full_name": "marcinguy\/android-7-9-png-bug",
"owner": {
"login": "marcinguy",
"id": 20355405,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20355405?v=4",
"html_url": "https:\/\/github.com\/marcinguy"
},
"html_url": "https:\/\/github.com\/marcinguy\/android-7-9-png-bug",
"description": "CVE-2019-1987",
"fork": false,
"created_at": "2019-02-17T10:22:01Z",
"updated_at": "2020-05-18T10:42:55Z",
"pushed_at": "2019-03-02T19:54:06Z",
"stargazers_count": 12,
"watchers_count": 12,
"forks_count": 4,
"forks": 4,
"watchers": 12,
"score": 0
}
]

92
2019/CVE-2019-5418.json
View file

@ -1,4 +1,73 @@
[
{
"id": 175966226,
"name": "CVE-2019-5418",
"full_name": "mpgn\/CVE-2019-5418",
"owner": {
"login": "mpgn",
"id": 5891788,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4",
"html_url": "https:\/\/github.com\/mpgn"
},
"html_url": "https:\/\/github.com\/mpgn\/CVE-2019-5418",
"description": "CVE-2019-5418 - File Content Disclosure on Ruby on Rails",
"fork": false,
"created_at": "2019-03-16T11:58:18Z",
"updated_at": "2021-01-01T07:53:06Z",
"pushed_at": "2019-03-25T07:19:58Z",
"stargazers_count": 165,
"watchers_count": 165,
"forks_count": 21,
"forks": 21,
"watchers": 165,
"score": 0
},
{
"id": 176323109,
"name": "CVE-2019-5418",
"full_name": "omarkurt\/CVE-2019-5418",
"owner": {
"login": "omarkurt",
"id": 1712468,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1712468?v=4",
"html_url": "https:\/\/github.com\/omarkurt"
},
"html_url": "https:\/\/github.com\/omarkurt\/CVE-2019-5418",
"description": "File Content Disclosure on Rails Test Case - CVE-2019-5418",
"fork": false,
"created_at": "2019-03-18T16:09:13Z",
"updated_at": "2020-04-17T21:45:45Z",
"pushed_at": "2019-03-18T16:15:25Z",
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 1,
"forks": 1,
"watchers": 7,
"score": 0
},
{
"id": 176545257,
"name": "CVE-2019-5418-Scanner",
"full_name": "brompwnie\/CVE-2019-5418-Scanner",
"owner": {
"login": "brompwnie",
"id": 8638589,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8638589?v=4",
"html_url": "https:\/\/github.com\/brompwnie"
},
"html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-5418-Scanner",
"description": "A multi-threaded Golang scanner to identify Ruby endpoints vulnerable to CVE-2019-5418",
"fork": false,
"created_at": "2019-03-19T15:38:01Z",
"updated_at": "2021-01-30T06:37:41Z",
"pushed_at": "2019-03-21T17:26:06Z",
"stargazers_count": 33,
"watchers_count": 33,
"forks_count": 17,
"forks": 17,
"watchers": 33,
"score": 0
},
{
"id": 177236589,
"name": "Rails-doubletap-RCE",
@ -22,6 +91,29 @@
"watchers": 106,
"score": 0
},
{
"id": 178527770,
"name": "CVE-2019-5418",
"full_name": "takeokunn\/CVE-2019-5418",
"owner": {
"login": "takeokunn",
"id": 11222510,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11222510?v=4",
"html_url": "https:\/\/github.com\/takeokunn"
},
"html_url": "https:\/\/github.com\/takeokunn\/CVE-2019-5418",
"description": null,
"fork": false,
"created_at": "2019-03-30T07:40:11Z",
"updated_at": "2019-10-24T19:07:56Z",
"pushed_at": "2019-03-30T07:54:58Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 2,
"forks": 2,
"watchers": 2,
"score": 0
},
{
"id": 178909066,
"name": "RailroadBandit",

46
2019/CVE-2019-5420.json
View file

@ -1,4 +1,50 @@
[
{
"id": 176976251,
"name": "CVE-2019-5420",
"full_name": "knqyf263\/CVE-2019-5420",
"owner": {
"login": "knqyf263",
"id": 2253692,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4",
"html_url": "https:\/\/github.com\/knqyf263"
},
"html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-5420",
"description": "CVE-2019-5420 (Ruby on Rails)",
"fork": false,
"created_at": "2019-03-21T15:42:54Z",
"updated_at": "2020-07-31T01:42:44Z",
"pushed_at": "2019-03-21T23:52:48Z",
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 0,
"forks": 0,
"watchers": 7,
"score": 0
},
{
"id": 178050921,
"name": "cve-2019-5420",
"full_name": "cved-sources\/cve-2019-5420",
"owner": {
"login": "cved-sources",
"id": 46423677,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4",
"html_url": "https:\/\/github.com\/cved-sources"
},
"html_url": "https:\/\/github.com\/cved-sources\/cve-2019-5420",
"description": "cve-2019-5420",
"fork": false,
"created_at": "2019-03-27T18:16:46Z",
"updated_at": "2019-03-27T18:17:07Z",
"pushed_at": "2019-03-27T18:17:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 328768715,
"name": "CVE-2019-5420",

46
2019/CVE-2019-5736.json
View file

@ -22,6 +22,52 @@
"watchers": 54,
"score": 0
},
{
"id": 174545720,
"name": "CVE-2019-5736-PoC",
"full_name": "zyriuse75\/CVE-2019-5736-PoC",
"owner": {
"login": "zyriuse75",
"id": 225690,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/225690?v=4",
"html_url": "https:\/\/github.com\/zyriuse75"
},
"html_url": "https:\/\/github.com\/zyriuse75\/CVE-2019-5736-PoC",
"description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-5736 poc of CVE-2019-5736 ",
"fork": false,
"created_at": "2019-03-08T13:50:57Z",
"updated_at": "2019-03-08T13:50:59Z",
"pushed_at": "2019-03-08T13:50:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 177891884,
"name": "CVE-2019-5736",
"full_name": "stillan00b\/CVE-2019-5736",
"owner": {
"login": "stillan00b",
"id": 48630837,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48630837?v=4",
"html_url": "https:\/\/github.com\/stillan00b"
},
"html_url": "https:\/\/github.com\/stillan00b\/CVE-2019-5736",
"description": null,
"fork": false,
"created_at": "2019-03-27T00:52:49Z",
"updated_at": "2019-03-27T01:05:08Z",
"pushed_at": "2019-03-27T01:05:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 181238407,
"name": "cve-2019-5736-exp",

25
2019/CVE-2019-5786.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 176796740,
"name": "CVE-2019-5786",
"full_name": "exodusintel\/CVE-2019-5786",
"owner": {
"login": "exodusintel",
"id": 16653014,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16653014?v=4",
"html_url": "https:\/\/github.com\/exodusintel"
},
"html_url": "https:\/\/github.com\/exodusintel\/CVE-2019-5786",
"description": "FileReader Exploit",
"fork": false,
"created_at": "2019-03-20T18:43:49Z",
"updated_at": "2021-02-18T06:21:06Z",
"pushed_at": "2019-03-20T18:47:25Z",
"stargazers_count": 254,
"watchers_count": 254,
"forks_count": 86,
"forks": 86,
"watchers": 254,
"score": 0
}
]

23
2019/CVE-2019-6225.json
View file

@ -21,5 +21,28 @@
"forks": 2,
"watchers": 2,
"score": 0
},
{
"id": 201224192,
"name": "jailbreak-iOS12",
"full_name": "raystyle\/jailbreak-iOS12",
"owner": {
"login": "raystyle",
"id": 3284570,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3284570?v=4",
"html_url": "https:\/\/github.com\/raystyle"
},
"html_url": "https:\/\/github.com\/raystyle\/jailbreak-iOS12",
"description": "OS 12.0 & 12.1.2 - Jailbreak with CVE-2019-6225",
"fork": false,
"created_at": "2019-08-08T09:22:57Z",
"updated_at": "2019-09-28T04:38:14Z",
"pushed_at": "2019-02-27T12:57:21Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

46
2019/CVE-2019-6340.json
View file

@ -1,4 +1,50 @@
[
{
"id": 172766416,
"name": "cve-2019-6340",
"full_name": "cved-sources\/cve-2019-6340",
"owner": {
"login": "cved-sources",
"id": 46423677,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4",
"html_url": "https:\/\/github.com\/cved-sources"
},
"html_url": "https:\/\/github.com\/cved-sources\/cve-2019-6340",
"description": "cve-2019-6340",
"fork": false,
"created_at": "2019-02-26T18:26:50Z",
"updated_at": "2020-04-02T13:08:58Z",
"pushed_at": "2019-02-26T18:38:59Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 1,
"forks": 1,
"watchers": 1,
"score": 0
},
{
"id": 175109773,
"name": "cve-2019-6340-bits",
"full_name": "d1vious\/cve-2019-6340-bits",
"owner": {
"login": "d1vious",
"id": 1476868,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476868?v=4",
"html_url": "https:\/\/github.com\/d1vious"
},
"html_url": "https:\/\/github.com\/d1vious\/cve-2019-6340-bits",
"description": "Bits generated while analyzing CVE-2019-6340 Drupal RESTful RCE",
"fork": false,
"created_at": "2019-03-12T01:13:56Z",
"updated_at": "2019-04-15T07:13:03Z",
"pushed_at": "2019-03-12T01:41:17Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 188896047,
"name": "CVE-2019-6340",

25
2019/CVE-2019-6440.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 170884262,
"name": "CVE-2019-6440",
"full_name": "hexnone\/CVE-2019-6440",
"owner": {
"login": "hexnone",
"id": 17256467,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17256467?v=4",
"html_url": "https:\/\/github.com\/hexnone"
},
"html_url": "https:\/\/github.com\/hexnone\/CVE-2019-6440",
"description": "CVE-2019-6440. Zemana RCE and privilege escalation.",
"fork": false,
"created_at": "2019-02-15T15:15:52Z",
"updated_at": "2019-03-22T18:53:26Z",
"pushed_at": "2019-03-22T18:53:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-7642.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 173723117,
"name": "CVE-2019-7642",
"full_name": "xw77cve\/CVE-2019-7642",
"owner": {
"login": "xw77cve",
"id": 48202281,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48202281?v=4",
"html_url": "https:\/\/github.com\/xw77cve"
},
"html_url": "https:\/\/github.com\/xw77cve\/CVE-2019-7642",
"description": null,
"fork": false,
"created_at": "2019-03-04T10:24:04Z",
"updated_at": "2019-10-04T12:40:46Z",
"pushed_at": "2019-03-04T11:04:30Z",
"stargazers_count": 15,
"watchers_count": 15,
"forks_count": 1,
"forks": 1,
"watchers": 15,
"score": 0
}
]

23
2019/CVE-2019-8942.json
View file

@ -1,4 +1,27 @@
[
{
"id": 172448763,
"name": "WordPress_4.9.8_RCE_POC",
"full_name": "brianwrf\/WordPress_4.9.8_RCE_POC",
"owner": {
"login": "brianwrf",
"id": 8141813,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4",
"html_url": "https:\/\/github.com\/brianwrf"
},
"html_url": "https:\/\/github.com\/brianwrf\/WordPress_4.9.8_RCE_POC",
"description": "A simple PoC for WordPress RCE (author priviledge), refer to CVE-2019-8942 and CVE-2019-8943.",
"fork": false,
"created_at": "2019-02-25T06:38:15Z",
"updated_at": "2020-12-30T03:48:48Z",
"pushed_at": "2019-03-18T01:20:52Z",
"stargazers_count": 57,
"watchers_count": 57,
"forks_count": 19,
"forks": 19,
"watchers": 57,
"score": 0
},
{
"id": 184548123,
"name": "CVE-2019-8942",

25
2019/CVE-2019-9184.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 175870177,
"name": "cve-2019-9184",
"full_name": "cved-sources\/cve-2019-9184",
"owner": {
"login": "cved-sources",
"id": 46423677,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4",
"html_url": "https:\/\/github.com\/cved-sources"
},
"html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9184",
"description": "cve-2019-9184",
"fork": false,
"created_at": "2019-03-15T18:12:49Z",
"updated_at": "2019-03-15T18:15:09Z",
"pushed_at": "2019-03-15T18:15:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-9194.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 175870594,
"name": "cve-2019-9194",
"full_name": "cved-sources\/cve-2019-9194",
"owner": {
"login": "cved-sources",
"id": 46423677,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4",
"html_url": "https:\/\/github.com\/cved-sources"
},
"html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9194",
"description": "cve-2019-9194",
"fork": false,
"created_at": "2019-03-15T18:16:27Z",
"updated_at": "2019-03-15T18:17:32Z",
"pushed_at": "2019-03-15T18:17:31Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-9580.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 175478558,
"name": "CVE-2019-9580",
"full_name": "mpgn\/CVE-2019-9580",
"owner": {
"login": "mpgn",
"id": 5891788,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4",
"html_url": "https:\/\/github.com\/mpgn"
},
"html_url": "https:\/\/github.com\/mpgn\/CVE-2019-9580",
"description": "CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE",
"fork": false,
"created_at": "2019-03-13T18:37:18Z",
"updated_at": "2020-04-05T17:19:04Z",
"pushed_at": "2019-03-13T19:26:27Z",
"stargazers_count": 28,
"watchers_count": 28,
"forks_count": 4,
"forks": 4,
"watchers": 28,
"score": 0
}
]

25
2019/CVE-2019-9653.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 175789235,
"name": "CVE-2019-9653",
"full_name": "grayoneday\/CVE-2019-9653",
"owner": {
"login": "grayoneday",
"id": 28929076,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28929076?v=4",
"html_url": "https:\/\/github.com\/grayoneday"
},
"html_url": "https:\/\/github.com\/grayoneday\/CVE-2019-9653",
"description": null,
"fork": false,
"created_at": "2019-03-15T09:27:15Z",
"updated_at": "2019-03-15T09:32:42Z",
"pushed_at": "2019-03-15T09:32:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2019/CVE-2019-9673.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 175058439,
"name": "CVE-2019-9673",
"full_name": "mgrube\/CVE-2019-9673",
"owner": {
"login": "mgrube",
"id": 90159,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90159?v=4",
"html_url": "https:\/\/github.com\/mgrube"
},
"html_url": "https:\/\/github.com\/mgrube\/CVE-2019-9673",
"description": "Writeup",
"fork": false,
"created_at": "2019-03-11T18:16:15Z",
"updated_at": "2019-08-08T16:04:30Z",
"pushed_at": "2019-03-24T08:21:37Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 1,
"forks": 1,
"watchers": 4,
"score": 0
}
]

25
2019/CVE-2019-9729.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 175226868,
"name": "SdoKeyCrypt-sys-local-privilege-elevation",
"full_name": "HyperSine\/SdoKeyCrypt-sys-local-privilege-elevation",
"owner": {
"login": "HyperSine",
"id": 58699351,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58699351?v=4",
"html_url": "https:\/\/github.com\/HyperSine"
},
"html_url": "https:\/\/github.com\/HyperSine\/SdoKeyCrypt-sys-local-privilege-elevation",
"description": "CVE-2019-9729. Transferred from https:\/\/github.com\/DoubleLabyrinth\/SdoKeyCrypt-sys-local-privilege-elevation",
"fork": false,
"created_at": "2019-03-12T14:18:20Z",
"updated_at": "2021-01-19T03:19:20Z",
"pushed_at": "2019-03-13T01:24:21Z",
"stargazers_count": 81,
"watchers_count": 81,
"forks_count": 26,
"forks": 26,
"watchers": 81,
"score": 0
}
]

23
2019/CVE-2019-9810.json
View file

@ -1,4 +1,27 @@
[
{
"id": 177500802,
"name": "CVE-2019-9810-PoC",
"full_name": "xuechiyaobai\/CVE-2019-9810-PoC",
"owner": {
"login": "xuechiyaobai",
"id": 8443947,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8443947?v=4",
"html_url": "https:\/\/github.com\/xuechiyaobai"
},
"html_url": "https:\/\/github.com\/xuechiyaobai\/CVE-2019-9810-PoC",
"description": "Array.prototype.slice wrong alias information.",
"fork": false,
"created_at": "2019-03-25T02:33:18Z",
"updated_at": "2020-12-11T07:20:38Z",
"pushed_at": "2019-03-25T02:41:43Z",
"stargazers_count": 67,
"watchers_count": 67,
"forks_count": 15,
"forks": 15,
"watchers": 67,
"score": 0
},
{
"id": 185060837,
"name": "CVE-2019-9810",

8
2020/CVE-2020-0668.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2020-0668 - Microsoft Windows Service Tracing Arbitrary File Move Local Privilege Escalation Vulnerability",
"fork": false,
"created_at": "2019-10-11T09:08:02Z",
"updated_at": "2021-02-16T02:04:04Z",
"updated_at": "2021-02-20T08:15:02Z",
"pushed_at": "2020-02-26T09:24:45Z",
"stargazers_count": 53,
"watchers_count": 53,
"stargazers_count": 54,
"watchers_count": 54,
"forks_count": 20,
"forks": 20,
"watchers": 53,
"watchers": 54,
"score": 0
},
{

8
2020/CVE-2020-0796.json
View file

@ -105,13 +105,13 @@
"description": "Scanner for CVE-2020-0796 - SMBv3 RCE",
"fork": false,
"created_at": "2020-03-11T15:21:27Z",
"updated_at": "2021-02-15T04:10:14Z",
"updated_at": "2021-02-20T07:38:12Z",
"pushed_at": "2020-10-01T08:36:29Z",
"stargazers_count": 580,
"watchers_count": 580,
"stargazers_count": 581,
"watchers_count": 581,
"forks_count": 194,
"forks": 194,
"watchers": 580,
"watchers": 581,
"score": 0
},
{

8
2020/CVE-2020-1034.json
View file

@ -13,13 +13,13 @@
"description": "PoC demonstrating the use of cve-2020-1034 for privilege escalation",
"fork": false,
"created_at": "2020-11-23T10:24:07Z",
"updated_at": "2021-02-19T09:53:22Z",
"updated_at": "2021-02-20T03:44:50Z",
"pushed_at": "2021-01-29T08:56:40Z",
"stargazers_count": 78,
"watchers_count": 78,
"stargazers_count": 79,
"watchers_count": 79,
"forks_count": 26,
"forks": 26,
"watchers": 78,
"watchers": 79,
"score": 0
}
]

8
2020/CVE-2020-14882.json
View file

@ -13,13 +13,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2021-02-20T02:36:15Z",
"updated_at": "2021-02-20T03:44:53Z",
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2338,
"watchers_count": 2338,
"stargazers_count": 2339,
"watchers_count": 2339,
"forks_count": 663,
"forks": 663,
"watchers": 2338,
"watchers": 2339,
"score": 0
},
{

23
2020/CVE-2020-5410.json
View file

@ -67,5 +67,28 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 340598389,
"name": "SpringCloud-Config-CVE-2020-5410",
"full_name": "thelostworldFree\/SpringCloud-Config-CVE-2020-5410",
"owner": {
"login": "thelostworldFree",
"id": 24971604,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24971604?v=4",
"html_url": "https:\/\/github.com\/thelostworldFree"
},
"html_url": "https:\/\/github.com\/thelostworldFree\/SpringCloud-Config-CVE-2020-5410",
"description": "Spring Cloud Config 目录穿越漏洞(CVE-2020-5410) 复现",
"fork": false,
"created_at": "2021-02-20T08:05:51Z",
"updated_at": "2021-02-20T08:11:26Z",
"pushed_at": "2021-02-20T08:11:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2020/CVE-2020-7799.json
View file

@ -1,25 +0,0 @@
[
{
"id": 241617298,
"name": "CVE-2020-7799",
"full_name": "ianxtianxt\/CVE-2020-7799",
"owner": {
"login": "ianxtianxt",
"id": 45796484,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4",
"html_url": "https:\/\/github.com\/ianxtianxt"
},
"html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2020-7799",
"description": null,
"fork": false,
"created_at": "2020-02-19T12:33:24Z",
"updated_at": "2020-07-03T03:51:28Z",
"pushed_at": "2020-02-19T12:33:57Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 2,
"forks": 2,
"watchers": 4,
"score": 0
}
]

4
2020/CVE-2020-8637.json
View file

@ -13,8 +13,8 @@
"description": null,
"fork": false,
"created_at": "2021-02-15T06:38:35Z",
"updated_at": "2021-02-18T16:45:00Z",
"pushed_at": "2021-02-18T16:44:58Z",
"updated_at": "2021-02-20T06:47:08Z",
"pushed_at": "2021-02-20T06:47:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2020/CVE-2020-9484.json
View file

@ -105,13 +105,13 @@
"description": "CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE ",
"fork": false,
"created_at": "2020-06-05T20:40:28Z",
"updated_at": "2021-02-20T00:52:44Z",
"updated_at": "2021-02-20T07:06:08Z",
"pushed_at": "2020-06-05T21:04:43Z",
"stargazers_count": 26,
"watchers_count": 26,
"stargazers_count": 27,
"watchers_count": 27,
"forks_count": 12,
"forks": 12,
"watchers": 26,
"watchers": 27,
"score": 0
},
{

8
2021/CVE-2021-1727.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2021-02-16T16:55:46Z",
"updated_at": "2021-02-19T11:41:15Z",
"updated_at": "2021-02-20T04:59:10Z",
"pushed_at": "2021-02-16T16:59:09Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 6,
"forks": 6,
"watchers": 9,
"watchers": 10,
"score": 0
}
]

12
2021/CVE-2021-3129.json
View file

@ -151,13 +151,13 @@
"description": "Laravel <= v8.4.2 debug mode: Remote code execution (CVE-2021-3129)",
"fork": false,
"created_at": "2021-02-18T05:42:13Z",
"updated_at": "2021-02-19T00:36:59Z",
"updated_at": "2021-02-20T07:40:30Z",
"pushed_at": "2021-02-18T08:30:23Z",
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 2,
"forks": 2,
"watchers": 6,
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 3,
"forks": 3,
"watchers": 7,
"score": 0
}
]

32
2021/CVE-2021-3156.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2021-01-26T20:09:53Z",
"stargazers_count": 32,
"watchers_count": 32,
"forks_count": 37,
"forks": 37,
"forks_count": 36,
"forks": 36,
"watchers": 32,
"score": 0
},
@ -59,13 +59,13 @@
"description": "CVE-2021-3156",
"fork": false,
"created_at": "2021-01-27T16:03:34Z",
"updated_at": "2021-02-14T07:43:03Z",
"updated_at": "2021-02-20T03:19:40Z",
"pushed_at": "2021-01-31T04:56:56Z",
"stargazers_count": 100,
"watchers_count": 100,
"stargazers_count": 101,
"watchers_count": 101,
"forks_count": 43,
"forks": 43,
"watchers": 100,
"watchers": 101,
"score": 0
},
{
@ -381,13 +381,13 @@
"description": null,
"fork": false,
"created_at": "2021-01-30T20:39:58Z",
"updated_at": "2021-02-20T02:12:59Z",
"updated_at": "2021-02-20T08:16:12Z",
"pushed_at": "2021-02-02T17:07:09Z",
"stargazers_count": 593,
"watchers_count": 593,
"forks_count": 166,
"forks": 166,
"watchers": 593,
"stargazers_count": 595,
"watchers_count": 595,
"forks_count": 167,
"forks": 167,
"watchers": 595,
"score": 0
},
{
@ -818,13 +818,13 @@
"description": "CVE-2021-3156非交互式执行命令",
"fork": false,
"created_at": "2021-02-09T19:25:18Z",
"updated_at": "2021-02-20T01:59:55Z",
"updated_at": "2021-02-20T07:50:35Z",
"pushed_at": "2021-02-09T19:31:33Z",
"stargazers_count": 111,
"watchers_count": 111,
"stargazers_count": 112,
"watchers_count": 112,
"forks_count": 13,
"forks": 13,
"watchers": 111,
"watchers": 112,
"score": 0
},
{

115
README.md
View file

@ -1144,6 +1144,7 @@ Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.
- [dead5nd/config-demo](https://github.com/dead5nd/config-demo)
- [osamahamad/CVE-2020-5410-POC](https://github.com/osamahamad/CVE-2020-5410-POC)
- [mugisyahid/ki-vuln-cve-2020-5410](https://github.com/mugisyahid/ki-vuln-cve-2020-5410)
- [thelostworldFree/SpringCloud-Config-CVE-2020-5410](https://github.com/thelostworldFree/SpringCloud-Config-CVE-2020-5410)
### CVE-2020-5421 (2020-09-18)
@ -1416,14 +1417,6 @@ Incorrect handling of Upgrade header with the value websocket leads in crashing
- [andsnw/sockjs-dos-py](https://github.com/andsnw/sockjs-dos-py)
### CVE-2020-7799 (2020-01-28)
<code>
An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -&gt; Settings -&gt; Email Templates) or themes (Home -&gt; Settings -&gt; Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates.
</code>
- [ianxtianxt/CVE-2020-7799](https://github.com/ianxtianxt/CVE-2020-7799)
### CVE-2020-7897
- [mooneee/cve-2020-7897](https://github.com/mooneee/cve-2020-7897)
@ -4074,6 +4067,7 @@ Memory access in virtual memory mapping for some microprocessors may allow an au
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.
</code>
- [mpgn/CVE-2019-0192](https://github.com/mpgn/CVE-2019-0192)
- [Rapidsafeguard/Solr-RCE-CVE-2019-0192](https://github.com/Rapidsafeguard/Solr-RCE-CVE-2019-0192)
### CVE-2019-0193 (2019-08-01)
@ -4082,6 +4076,7 @@ In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows
In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's &quot;dataConfig&quot; parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property &quot;enable.dih.dataConfigParam&quot; to true.
</code>
- [xConsoIe/CVE-2019-0193](https://github.com/xConsoIe/CVE-2019-0193)
- [jas502n/CVE-2019-0193](https://github.com/jas502n/CVE-2019-0193)
- [1135/solr_exploit](https://github.com/1135/solr_exploit)
- [jaychouzzk/CVE-2019-0193-exp](https://github.com/jaychouzzk/CVE-2019-0193-exp)
@ -4140,6 +4135,7 @@ A remote code execution vulnerability exists in the way that the Chakra scriptin
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.
</code>
- [linhlhq/CVE-2019-0604](https://github.com/linhlhq/CVE-2019-0604)
- [likescam/CVE-2019-0604_sharepoint_CVE](https://github.com/likescam/CVE-2019-0604_sharepoint_CVE)
- [k8gege/CVE-2019-0604](https://github.com/k8gege/CVE-2019-0604)
- [m5050/CVE-2019-0604](https://github.com/m5050/CVE-2019-0604)
@ -4329,6 +4325,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
</code>
- [ze0r/cve-2019-0808-poc](https://github.com/ze0r/cve-2019-0808-poc)
- [rakesh143/CVE-2019-0808](https://github.com/rakesh143/CVE-2019-0808)
- [exodusintel/CVE-2019-0808](https://github.com/exodusintel/CVE-2019-0808)
- [DreamoneOnly/CVE-2019-0808-32-64-exp](https://github.com/DreamoneOnly/CVE-2019-0808-32-64-exp)
@ -4602,6 +4599,14 @@ Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier
- [securifera/CVE-2019-1579](https://github.com/securifera/CVE-2019-1579)
- [Elsfa7-110/CVE-2019-1579](https://github.com/Elsfa7-110/CVE-2019-1579)
### CVE-2019-1653 (2019-01-24)
<code>
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.
</code>
- [shaheemirza/CiscoSpill](https://github.com/shaheemirza/CiscoSpill)
### CVE-2019-1759 (2019-03-27)
<code>
@ -4618,6 +4623,14 @@ A vulnerability in the web-based management interface of Cisco Prime Infrastruct
- [k8gege/CiscoExploit](https://github.com/k8gege/CiscoExploit)
### CVE-2019-1987 (2019-02-28)
<code>
In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-118143775.
</code>
- [marcinguy/android-7-9-png-bug](https://github.com/marcinguy/android-7-9-png-bug)
### CVE-2019-2107 (2019-07-08)
<code>
@ -4883,7 +4896,11 @@ An attacker can use the format parameter to inject arbitrary commands in the npm
There is a File Content Disclosure vulnerability in Action View &lt;5.2.2.1, &lt;5.1.6.2, &lt;5.0.7.2, &lt;4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
</code>
- [mpgn/CVE-2019-5418](https://github.com/mpgn/CVE-2019-5418)
- [omarkurt/CVE-2019-5418](https://github.com/omarkurt/CVE-2019-5418)
- [brompwnie/CVE-2019-5418-Scanner](https://github.com/brompwnie/CVE-2019-5418-Scanner)
- [mpgn/Rails-doubletap-RCE](https://github.com/mpgn/Rails-doubletap-RCE)
- [takeokunn/CVE-2019-5418](https://github.com/takeokunn/CVE-2019-5418)
- [Bad3r/RailroadBandit](https://github.com/Bad3r/RailroadBandit)
- [ztgrace/CVE-2019-5418-Rails3](https://github.com/ztgrace/CVE-2019-5418-Rails3)
- [random-robbie/CVE-2019-5418](https://github.com/random-robbie/CVE-2019-5418)
@ -4894,6 +4911,8 @@ There is a File Content Disclosure vulnerability in Action View &lt;5.2.2.1, &lt
A remote code execution vulnerability in development mode Rails &lt;5.2.2.1, &lt;6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.
</code>
- [knqyf263/CVE-2019-5420](https://github.com/knqyf263/CVE-2019-5420)
- [cved-sources/cve-2019-5420](https://github.com/cved-sources/cve-2019-5420)
- [AnasTaoutaou/CVE-2019-5420](https://github.com/AnasTaoutaou/CVE-2019-5420)
- [Eremiel/CVE-2019-5420](https://github.com/Eremiel/CVE-2019-5420)
@ -4971,6 +4990,8 @@ runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allow
</code>
- [twistlock/RunC-CVE-2019-5736](https://github.com/twistlock/RunC-CVE-2019-5736)
- [zyriuse75/CVE-2019-5736-PoC](https://github.com/zyriuse75/CVE-2019-5736-PoC)
- [stillan00b/CVE-2019-5736](https://github.com/stillan00b/CVE-2019-5736)
- [milloni/cve-2019-5736-exp](https://github.com/milloni/cve-2019-5736-exp)
- [13paulmurith/Docker-Runc-Exploit](https://github.com/13paulmurith/Docker-Runc-Exploit)
- [RyanNgWH/CVE-2019-5736-POC](https://github.com/RyanNgWH/CVE-2019-5736-POC)
@ -4990,6 +5011,14 @@ Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81
- [CreatePhotonW/CVE-2019-5782_CVE-2019-13768](https://github.com/CreatePhotonW/CVE-2019-5782_CVE-2019-13768)
### CVE-2019-5786 (2019-06-27)
<code>
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
</code>
- [exodusintel/CVE-2019-5786](https://github.com/exodusintel/CVE-2019-5786)
### CVE-2019-5822 (2019-06-27)
<code>
@ -5039,6 +5068,7 @@ A memory corruption issue was addressed with improved validation. This issue is
</code>
- [TrungNguyen1909/CVE-2019-6225-macOS](https://github.com/TrungNguyen1909/CVE-2019-6225-macOS)
- [raystyle/jailbreak-iOS12](https://github.com/raystyle/jailbreak-iOS12)
### CVE-2019-6260 (2019-01-22)
@ -5062,9 +5092,19 @@ HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege a
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
</code>
- [cved-sources/cve-2019-6340](https://github.com/cved-sources/cve-2019-6340)
- [d1vious/cve-2019-6340-bits](https://github.com/d1vious/cve-2019-6340-bits)
- [jas502n/CVE-2019-6340](https://github.com/jas502n/CVE-2019-6340)
- [ludy-dev/drupal8-REST-RCE](https://github.com/ludy-dev/drupal8-REST-RCE)
### CVE-2019-6440 (2019-01-15)
<code>
Zemana AntiMalware before 3.0.658 Beta mishandles update logic.
</code>
- [hexnone/CVE-2019-6440](https://github.com/hexnone/CVE-2019-6440)
### CVE-2019-6446 (2019-01-16)
<code>
@ -5211,6 +5251,14 @@ Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SS
- [random-robbie/CVE-2019-7616](https://github.com/random-robbie/CVE-2019-7616)
### CVE-2019-7642 (2019-03-25)
<code>
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10).
</code>
- [xw77cve/CVE-2019-7642](https://github.com/xw77cve/CVE-2019-7642)
### CVE-2019-7839 (2019-06-12)
<code>
@ -5345,6 +5393,7 @@ NTP through 4.2.8p12 has a NULL Pointer Dereference.
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.
</code>
- [brianwrf/WordPress_4.9.8_RCE_POC](https://github.com/brianwrf/WordPress_4.9.8_RCE_POC)
- [synacktiv/CVE-2019-8942](https://github.com/synacktiv/CVE-2019-8942)
### CVE-2019-8943 (2019-02-19)
@ -5395,6 +5444,14 @@ Improper Verification of a Cryptographic Signature in OpenPGP.js &lt;=4.1.2 allo
- [ZenyWay/opgp-service-cve-2019-9153](https://github.com/ZenyWay/opgp-service-cve-2019-9153)
### CVE-2019-9184 (2019-02-26)
<code>
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.
</code>
- [cved-sources/cve-2019-9184](https://github.com/cved-sources/cve-2019-9184)
### CVE-2019-9193 (2019-04-01)
<code>
@ -5404,6 +5461,14 @@ Improper Verification of a Cryptographic Signature in OpenPGP.js &lt;=4.1.2 allo
- [skyship36/CVE-2019-9193](https://github.com/skyship36/CVE-2019-9193)
- [X-x-X-0/CVE-2019-9193](https://github.com/X-x-X-0/CVE-2019-9193)
### CVE-2019-9194 (2019-02-26)
<code>
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
</code>
- [cved-sources/cve-2019-9194](https://github.com/cved-sources/cve-2019-9194)
### CVE-2019-9202 (2019-03-28)
<code>
@ -5436,6 +5501,14 @@ Some HTTP/2 implementations are vulnerable to window size manipulation and strea
- [flyniu666/ingress-nginx-0.21-1.19.5](https://github.com/flyniu666/ingress-nginx-0.21-1.19.5)
### CVE-2019-9580 (2019-03-08)
<code>
In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, it is possible to bypass the CORS protection mechanism via a &quot;null&quot; origin value, potentially leading to XSS.
</code>
- [mpgn/CVE-2019-9580](https://github.com/mpgn/CVE-2019-9580)
### CVE-2019-9596 (2019-10-23)
<code>
@ -5460,6 +5533,14 @@ Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, an
- [k8gege/ZimbraExploit](https://github.com/k8gege/ZimbraExploit)
### CVE-2019-9653 (2019-05-31)
<code>
NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php.
</code>
- [grayoneday/CVE-2019-9653](https://github.com/grayoneday/CVE-2019-9653)
### CVE-2019-9670 (2019-05-29)
<code>
@ -5469,6 +5550,22 @@ mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10
- [rek7/Zimbra-RCE](https://github.com/rek7/Zimbra-RCE)
- [attackgithub/Zimbra-RCE](https://github.com/attackgithub/Zimbra-RCE)
### CVE-2019-9673 (2019-06-05)
<code>
Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI.
</code>
- [mgrube/CVE-2019-9673](https://github.com/mgrube/CVE-2019-9673)
### CVE-2019-9729 (2019-03-12)
<code>
In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow.
</code>
- [HyperSine/SdoKeyCrypt-sys-local-privilege-elevation](https://github.com/HyperSine/SdoKeyCrypt-sys-local-privilege-elevation)
### CVE-2019-9730 (2019-06-05)
<code>
@ -5510,6 +5607,7 @@ WordPress before 5.1.1 does not properly filter comment content, leading to Remo
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox &lt; 66.0.1, Firefox ESR &lt; 60.6.1, and Thunderbird &lt; 60.6.1.
</code>
- [xuechiyaobai/CVE-2019-9810-PoC](https://github.com/xuechiyaobai/CVE-2019-9810-PoC)
- [0vercl0k/CVE-2019-9810](https://github.com/0vercl0k/CVE-2019-9810)
### CVE-2019-9896 (2019-03-20)
@ -7528,6 +7626,7 @@ A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier
</code>
- [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development)
- [adamyordan/cve-2019-1003000-jenkins-rce-poc](https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc)
- [1NTheKut/CVE-2019-1003000_RCE-DETECTION](https://github.com/1NTheKut/CVE-2019-1003000_RCE-DETECTION)
### CVE-2019-1010054 (2019-07-18)