From 8f214b5f703a7f659c915488ca6b52b04133a872 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 10 Jan 2025 09:32:26 +0900 Subject: [PATCH] Auto Update 2025/01/10 00:32:26 --- 2014/CVE-2014-4210.json | 8 ++++---- 2016/CVE-2016-0638.json | 8 ++++---- 2017/CVE-2017-3248.json | 8 ++++---- 2018/CVE-2018-2628.json | 8 ++++---- 2019/CVE-2019-0232.json | 8 ++++---- 2019/CVE-2019-11248.json | 36 ++++++++++++++++++++++++++++++++++++ 2019/CVE-2019-2618.json | 8 ++++---- 2020/CVE-2020-1938.json | 34 ++++++++++++++++++++++++++++++++++ 2020/CVE-2020-23127.json | 2 +- 2020/CVE-2020-2551.json | 8 ++++---- 2020/CVE-2020-8840.json | 2 +- 2021/CVE-2021-34527.json | 8 ++++---- 2021/CVE-2021-44228.json | 31 ------------------------------- 2021/CVE-2021-46071.json | 31 +++++++++++++++++++++++++++++++ 2022/CVE-2022-21999.json | 4 ++-- 2022/CVE-2022-28108.json | 33 +++++++++++++++++++++++++++++++++ 2023/CVE-2023-45866.json | 12 ++++++------ 2023/CVE-2023-4863.json | 8 ++++---- 2024/CVE-2024-23334.json | 8 ++++---- 2024/CVE-2024-30088.json | 4 ++-- 2024/CVE-2024-3393.json | 40 ++++++++++++++++++++++++++++++++++++++++ 2024/CVE-2024-48990.json | 8 ++++---- 2024/CVE-2024-49113.json | 8 ++++---- 2024/CVE-2024-54498.json | 8 ++++---- 2024/CVE-2024-6387.json | 8 ++++---- 2024/CVE-2024-6769.json | 8 ++++---- README.md | 30 +++++++++++++++++++++++++++--- 27 files changed, 273 insertions(+), 106 deletions(-) create mode 100644 2019/CVE-2019-11248.json create mode 100644 2022/CVE-2022-28108.json diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index e49fa713cc..2846939870 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -45,10 +45,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-07T22:35:05Z", + "updated_at": "2025-01-09T19:38:40Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2013, - "watchers_count": 2013, + "stargazers_count": 2014, + "watchers_count": 2014, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -78,7 +78,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2013, + "watchers": 2014, "score": 0, "subscribers_count": 38 }, diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index 2fc98d1720..e40b4e2b8a 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -14,10 +14,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-07T22:35:05Z", + "updated_at": "2025-01-09T19:38:40Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2013, - "watchers_count": 2013, + "stargazers_count": 2014, + "watchers_count": 2014, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -47,7 +47,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2013, + "watchers": 2014, "score": 0, "subscribers_count": 38 }, diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 6859338d05..503345f6f1 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -45,10 +45,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-07T22:35:05Z", + "updated_at": "2025-01-09T19:38:40Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2013, - "watchers_count": 2013, + "stargazers_count": 2014, + "watchers_count": 2014, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -78,7 +78,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2013, + "watchers": 2014, "score": 0, "subscribers_count": 38 }, diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index c9d536bc16..4b172e6160 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -576,10 +576,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-07T22:35:05Z", + "updated_at": "2025-01-09T19:38:40Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2013, - "watchers_count": 2013, + "stargazers_count": 2014, + "watchers_count": 2014, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -609,7 +609,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2013, + "watchers": 2014, "score": 0, "subscribers_count": 38 }, diff --git a/2019/CVE-2019-0232.json b/2019/CVE-2019-0232.json index 14e71ed046..72222ad2f2 100644 --- a/2019/CVE-2019-0232.json +++ b/2019/CVE-2019-0232.json @@ -266,10 +266,10 @@ "description": "Hi this is a revised and enhanced code for CVE-2019-0232 ", "fork": false, "created_at": "2024-12-29T04:01:23Z", - "updated_at": "2024-12-29T04:14:28Z", + "updated_at": "2025-01-09T21:44:45Z", "pushed_at": "2024-12-29T04:14:25Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -278,7 +278,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2019/CVE-2019-11248.json b/2019/CVE-2019-11248.json new file mode 100644 index 0000000000..1c232aee85 --- /dev/null +++ b/2019/CVE-2019-11248.json @@ -0,0 +1,36 @@ +[ + { + "id": 914571680, + "name": "poc-cve", + "full_name": "bash3rt3am\/poc-cve", + "owner": { + "login": "bash3rt3am", + "id": 194431326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/194431326?v=4", + "html_url": "https:\/\/github.com\/bash3rt3am", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bash3rt3am\/poc-cve", + "description": "cve-2019-11248 cve-2020-1938", + "fork": false, + "created_at": "2025-01-09T21:26:22Z", + "updated_at": "2025-01-09T21:57:18Z", + "pushed_at": "2025-01-09T21:46:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-11248", + "cve-2020-1938" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index e065387d3d..b9bb79e36f 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -200,10 +200,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-07T22:35:05Z", + "updated_at": "2025-01-09T19:38:40Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2013, - "watchers_count": 2013, + "stargazers_count": 2014, + "watchers_count": 2014, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -233,7 +233,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2013, + "watchers": 2014, "score": 0, "subscribers_count": 38 } diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 628468b2ac..6823a92511 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -1004,5 +1004,39 @@ "watchers": 171, "score": 0, "subscribers_count": 2 + }, + { + "id": 914571680, + "name": "poc-cve", + "full_name": "bash3rt3am\/poc-cve", + "owner": { + "login": "bash3rt3am", + "id": 194431326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/194431326?v=4", + "html_url": "https:\/\/github.com\/bash3rt3am", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bash3rt3am\/poc-cve", + "description": "cve-2019-11248 cve-2020-1938", + "fork": false, + "created_at": "2025-01-09T21:26:22Z", + "updated_at": "2025-01-09T21:57:18Z", + "pushed_at": "2025-01-09T21:46:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-11248", + "cve-2020-1938" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-23127.json b/2020/CVE-2020-23127.json index fee0d424d6..692804ab74 100644 --- a/2020/CVE-2020-23127.json +++ b/2020/CVE-2020-23127.json @@ -15,7 +15,7 @@ "fork": false, "created_at": "2025-01-08T14:53:35Z", "updated_at": "2025-01-09T02:34:22Z", - "pushed_at": "2025-01-09T03:33:57Z", + "pushed_at": "2025-01-09T22:27:20Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 13ab21d7ee..0ca4c99d0e 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -14,10 +14,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-07T22:35:05Z", + "updated_at": "2025-01-09T19:38:40Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2013, - "watchers_count": 2013, + "stargazers_count": 2014, + "watchers_count": 2014, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -47,7 +47,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2013, + "watchers": 2014, "score": 0, "subscribers_count": 38 }, diff --git a/2020/CVE-2020-8840.json b/2020/CVE-2020-8840.json index b7d3a66b46..5ffef1bb3a 100644 --- a/2020/CVE-2020-8840.json +++ b/2020/CVE-2020-8840.json @@ -152,7 +152,7 @@ "forks": 4, "watchers": 5, "score": 0, - "subscribers_count": 0 + "subscribers_count": 2 }, { "id": 333189009, diff --git a/2021/CVE-2021-34527.json b/2021/CVE-2021-34527.json index fb1f1945cc..d32ba42365 100644 --- a/2021/CVE-2021-34527.json +++ b/2021/CVE-2021-34527.json @@ -113,10 +113,10 @@ "description": "PrintNightmare - Windows Print Spooler RCE\/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits", "fork": false, "created_at": "2021-07-03T15:15:12Z", - "updated_at": "2025-01-03T19:15:45Z", + "updated_at": "2025-01-09T19:41:07Z", "pushed_at": "2021-09-13T12:12:17Z", - "stargazers_count": 130, - "watchers_count": 130, + "stargazers_count": 131, + "watchers_count": 131, "has_discussions": false, "forks_count": 39, "allow_forking": true, @@ -132,7 +132,7 @@ ], "visibility": "public", "forks": 39, - "watchers": 130, + "watchers": 131, "score": 0, "subscribers_count": 7 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index b4464a63cc..fc1332e343 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -12751,36 +12751,5 @@ "watchers": 0, "score": 0, "subscribers_count": 1 - }, - { - "id": 914089590, - "name": "CVE-2021-44228", - "full_name": "Kz0x-337\/CVE-2021-44228", - "owner": { - "login": "Kz0x-337", - "id": 193463900, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/193463900?v=4", - "html_url": "https:\/\/github.com\/Kz0x-337", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/Kz0x-337\/CVE-2021-44228", - "description": null, - "fork": false, - "created_at": "2025-01-08T23:40:16Z", - "updated_at": "2025-01-09T00:19:44Z", - "pushed_at": "2025-01-09T00:19:41Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-46071.json b/2021/CVE-2021-46071.json index 2ea83757ce..52500ad8ad 100644 --- a/2021/CVE-2021-46071.json +++ b/2021/CVE-2021-46071.json @@ -29,5 +29,36 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 448079716, + "name": "CVE-2021-46071", + "full_name": "plsanu\/CVE-2021-46071", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46071", + "description": "CVE-2021-46071 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.", + "fork": false, + "created_at": "2022-01-14T19:09:36Z", + "updated_at": "2023-12-30T08:24:20Z", + "pushed_at": "2022-01-14T19:10:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-21999.json b/2022/CVE-2022-21999.json index a4ed0ecba1..f0d6ab2282 100644 --- a/2022/CVE-2022-21999.json +++ b/2022/CVE-2022-21999.json @@ -19,7 +19,7 @@ "stargazers_count": 778, "watchers_count": 778, "has_discussions": false, - "forks_count": 159, + "forks_count": 160, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -28,7 +28,7 @@ "cve-2022-22718" ], "visibility": "public", - "forks": 159, + "forks": 160, "watchers": 778, "score": 0, "subscribers_count": 15 diff --git a/2022/CVE-2022-28108.json b/2022/CVE-2022-28108.json new file mode 100644 index 0000000000..b46d58d7f6 --- /dev/null +++ b/2022/CVE-2022-28108.json @@ -0,0 +1,33 @@ +[ + { + "id": 914589028, + "name": "CVE-2022-28108", + "full_name": "ZeroEthical\/CVE-2022-28108", + "owner": { + "login": "ZeroEthical", + "id": 194415982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/194415982?v=4", + "html_url": "https:\/\/github.com\/ZeroEthical", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZeroEthical\/CVE-2022-28108", + "description": null, + "fork": false, + "created_at": "2025-01-09T22:28:11Z", + "updated_at": "2025-01-10T00:18:20Z", + "pushed_at": "2025-01-10T00:18:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json index 6699d72ea6..12970b2ff6 100644 --- a/2023/CVE-2023-45866.json +++ b/2023/CVE-2023-45866.json @@ -14,19 +14,19 @@ "description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)", "fork": false, "created_at": "2024-01-16T06:52:02Z", - "updated_at": "2025-01-09T18:25:52Z", + "updated_at": "2025-01-09T19:08:50Z", "pushed_at": "2024-08-18T08:26:46Z", - "stargazers_count": 1373, - "watchers_count": 1373, + "stargazers_count": 1374, + "watchers_count": 1374, "has_discussions": false, - "forks_count": 235, + "forks_count": 236, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 235, - "watchers": 1373, + "forks": 236, + "watchers": 1374, "score": 0, "subscribers_count": 21 }, diff --git a/2023/CVE-2023-4863.json b/2023/CVE-2023-4863.json index 620acc42d5..01aec3428a 100644 --- a/2023/CVE-2023-4863.json +++ b/2023/CVE-2023-4863.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2023-09-21T05:22:51Z", - "updated_at": "2024-12-18T10:57:15Z", + "updated_at": "2025-01-09T21:33:51Z", "pushed_at": "2023-12-18T04:25:00Z", - "stargazers_count": 315, - "watchers_count": 315, + "stargazers_count": 316, + "watchers_count": 316, "has_discussions": false, "forks_count": 48, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 48, - "watchers": 315, + "watchers": 316, "score": 0, "subscribers_count": 15 }, diff --git a/2024/CVE-2024-23334.json b/2024/CVE-2024-23334.json index 7802849087..c4ac1e3ba6 100644 --- a/2024/CVE-2024-23334.json +++ b/2024/CVE-2024-23334.json @@ -107,10 +107,10 @@ "description": "aiohttp LFI (CVE-2024-23334)", "fork": false, "created_at": "2024-03-19T16:28:56Z", - "updated_at": "2024-12-09T08:17:11Z", + "updated_at": "2025-01-09T21:04:09Z", "pushed_at": "2024-03-19T17:06:26Z", - "stargazers_count": 23, - "watchers_count": 23, + "stargazers_count": 24, + "watchers_count": 24, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 23, + "watchers": 24, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-30088.json b/2024/CVE-2024-30088.json index 83d904a02f..9a52fb86ca 100644 --- a/2024/CVE-2024-30088.json +++ b/2024/CVE-2024-30088.json @@ -112,13 +112,13 @@ "stargazers_count": 434, "watchers_count": 434, "has_discussions": false, - "forks_count": 32, + "forks_count": 31, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 32, + "forks": 31, "watchers": 434, "score": 0, "subscribers_count": 21 diff --git a/2024/CVE-2024-3393.json b/2024/CVE-2024-3393.json index a0b909e66b..c5e2495c28 100644 --- a/2024/CVE-2024-3393.json +++ b/2024/CVE-2024-3393.json @@ -29,5 +29,45 @@ "watchers": 3, "score": 0, "subscribers_count": 1 + }, + { + "id": 914582236, + "name": "CVE-2024-3393", + "full_name": "waived\/CVE-2024-3393", + "owner": { + "login": "waived", + "id": 165493645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165493645?v=4", + "html_url": "https:\/\/github.com\/waived", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waived\/CVE-2024-3393", + "description": "PAN-OS: Firewall Denial-of-Service exploit via malicious DNS query", + "fork": false, + "created_at": "2025-01-09T22:03:07Z", + "updated_at": "2025-01-09T23:12:43Z", + "pushed_at": "2025-01-09T22:05:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3393", + "denial-of-service", + "dns-attack", + "exploit", + "palo-alto-networks", + "pan-os", + "proof-of-concept", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2024/CVE-2024-48990.json b/2024/CVE-2024-48990.json index e31ff04fa8..1aa5a47957 100644 --- a/2024/CVE-2024-48990.json +++ b/2024/CVE-2024-48990.json @@ -14,10 +14,10 @@ "description": "PoC for CVE-2024-48990", "fork": false, "created_at": "2024-11-20T18:41:25Z", - "updated_at": "2025-01-07T22:14:12Z", + "updated_at": "2025-01-09T19:58:02Z", "pushed_at": "2024-11-20T18:49:33Z", - "stargazers_count": 93, - "watchers_count": 93, + "stargazers_count": 94, + "watchers_count": 94, "has_discussions": false, "forks_count": 18, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 18, - "watchers": 93, + "watchers": 94, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-49113.json b/2024/CVE-2024-49113.json index dc4b8b6500..c48ff7972d 100644 --- a/2024/CVE-2024-49113.json +++ b/2024/CVE-2024-49113.json @@ -14,10 +14,10 @@ "description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113", "fork": false, "created_at": "2025-01-01T15:48:38Z", - "updated_at": "2025-01-09T17:30:32Z", + "updated_at": "2025-01-09T22:16:09Z", "pushed_at": "2025-01-02T16:07:23Z", - "stargazers_count": 414, - "watchers_count": 414, + "stargazers_count": 416, + "watchers_count": 416, "has_discussions": false, "forks_count": 100, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 100, - "watchers": 414, + "watchers": 416, "score": 0, "subscribers_count": 3 }, diff --git a/2024/CVE-2024-54498.json b/2024/CVE-2024-54498.json index e4f88cba47..3aa7c3dbf9 100644 --- a/2024/CVE-2024-54498.json +++ b/2024/CVE-2024-54498.json @@ -14,10 +14,10 @@ "description": "Escape macOS Sandbox using sharedfilelistd exploit", "fork": false, "created_at": "2025-01-08T09:55:44Z", - "updated_at": "2025-01-09T18:25:03Z", + "updated_at": "2025-01-09T23:14:00Z", "pushed_at": "2025-01-09T06:34:50Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 21, + "watchers_count": 21, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 19, + "watchers": 21, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index 8ab827315a..7bb615b61e 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -45,10 +45,10 @@ "description": "32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo\/cve-2024-6387-poc", "fork": false, "created_at": "2024-07-01T12:16:21Z", - "updated_at": "2025-01-07T21:15:42Z", + "updated_at": "2025-01-09T19:13:36Z", "pushed_at": "2024-07-01T12:25:01Z", - "stargazers_count": 379, - "watchers_count": 379, + "stargazers_count": 378, + "watchers_count": 378, "has_discussions": false, "forks_count": 90, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 90, - "watchers": 379, + "watchers": 378, "score": 0, "subscribers_count": 8 }, diff --git a/2024/CVE-2024-6769.json b/2024/CVE-2024-6769.json index 09852dc447..c34063fc2c 100644 --- a/2024/CVE-2024-6769.json +++ b/2024/CVE-2024-6769.json @@ -14,10 +14,10 @@ "description": "Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)", "fork": false, "created_at": "2024-08-29T16:40:49Z", - "updated_at": "2025-01-06T10:05:17Z", + "updated_at": "2025-01-09T22:45:53Z", "pushed_at": "2024-09-29T21:58:19Z", - "stargazers_count": 59, - "watchers_count": 59, + "stargazers_count": 60, + "watchers_count": 60, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 59, + "watchers": 60, "score": 0, "subscribers_count": 3 } diff --git a/README.md b/README.md index 6e454a4558..11fee0fd1f 100644 --- a/README.md +++ b/README.md @@ -787,6 +787,7 @@ - [FelixFoxf/-CVE-2024-3393](https://github.com/FelixFoxf/-CVE-2024-3393) +- [waived/CVE-2024-3393](https://github.com/waived/CVE-2024-3393) ### CVE-2024-3400 (2024-04-12) @@ -7973,7 +7974,11 @@ - [hotplugin0x01/CVE-2024-54679](https://github.com/hotplugin0x01/CVE-2024-54679) -### CVE-2024-54761 +### CVE-2024-54761 (2025-01-09) + +BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'dev_code' parameter. + + - [nscan9/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection](https://github.com/nscan9/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection) ### CVE-2024-54819 (2025-01-07) @@ -11461,7 +11466,11 @@ - [superzerosec/CVE-2023-28343](https://github.com/superzerosec/CVE-2023-28343) - [hba343434/CVE-2023-28343](https://github.com/hba343434/CVE-2023-28343) -### CVE-2023-28354 +### CVE-2023-28354 (2025-01-09) + +An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call check_nrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NRPE plugin execution. This allows the attacker to escape NRPE plugin execution and execute commands remotely on the target as NT_AUTHORITY\SYSTEM. + + - [stormfleet/CVE-2023-28354](https://github.com/stormfleet/CVE-2023-28354) ### CVE-2023-28432 (2023-03-22) @@ -19969,6 +19978,13 @@ - [IbrahimEkimIsik/CVE-2022-28099](https://github.com/IbrahimEkimIsik/CVE-2022-28099) +### CVE-2022-28108 (2022-04-19) + +Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain. + + +- [ZeroEthical/CVE-2022-28108](https://github.com/ZeroEthical/CVE-2022-28108) + ### CVE-2022-28113 (2022-04-15) An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie. @@ -29672,7 +29688,6 @@ - [AhmedMansour93/-Unveiling-the-Lessons-from-Log4Shell-A-Wake-Up-Call-for-Cybersecurity-](https://github.com/AhmedMansour93/-Unveiling-the-Lessons-from-Log4Shell-A-Wake-Up-Call-for-Cybersecurity-) - [Super-Binary/cve-2021-44228](https://github.com/Super-Binary/cve-2021-44228) - [JanICT/poc-ldap-cve-2021-44228](https://github.com/JanICT/poc-ldap-cve-2021-44228) -- [Kz0x-337/CVE-2021-44228](https://github.com/Kz0x-337/CVE-2021-44228) ### CVE-2021-44255 (2022-01-31) @@ -30000,6 +30015,7 @@ - [plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-46071](https://github.com/plsanu/CVE-2021-46071) ### CVE-2021-46072 (2022-01-06) @@ -31171,6 +31187,7 @@ - [Warelock/cve-2020-1938](https://github.com/Warelock/cve-2020-1938) - [WHtig3r/CVE-2020-1938](https://github.com/WHtig3r/CVE-2020-1938) - [lizhianyuguangming/TomcatScanPro](https://github.com/lizhianyuguangming/TomcatScanPro) +- [bash3rt3am/poc-cve](https://github.com/bash3rt3am/poc-cve) ### CVE-2020-1947 (2020-03-11) @@ -37540,6 +37557,13 @@ - [Insecurities/CVE-2019-11224](https://github.com/Insecurities/CVE-2019-11224) +### CVE-2019-11248 (2019-08-29) + +The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration. + + +- [bash3rt3am/poc-cve](https://github.com/bash3rt3am/poc-cve) + ### CVE-2019-11358 (2019-04-19) jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.