From 903c7ecd8a634e51f2a0d623fb043488e50d94d7 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Tue, 1 Sep 2020 12:09:15 +0900 Subject: [PATCH] Auto Update 2020/09/01 12:09:15 --- 2015/CVE-2015-3306.json | 4 +- 2018/CVE-2018-10933.json | 2 +- 2018/CVE-2018-7600.json | 8 +- 2018/CVE-2018-9995.json | 8 +- 2019/CVE-2019-0708.json | 8 +- 2019/CVE-2019-15126.json | 8 +- 2019/CVE-2019-17026.json | 8 +- 2019/CVE-2019-17558.json | 12 +- 2019/CVE-2019-6340.json | 23 ++ 2020/CVE-2020-0601.json | 621 --------------------------------------- 2020/CVE-2020-0609.json | 92 ------ 2020/CVE-2020-0618.json | 23 -- 2020/CVE-2020-0668.json | 46 --- 2020/CVE-2020-0674.json | 23 -- 2020/CVE-2020-0683.json | 25 -- 2020/CVE-2020-0688.json | 23 -- 2020/CVE-2020-0728.json | 25 -- 2020/CVE-2020-0753.json | 23 -- 2020/CVE-2020-0787.json | 8 +- 2020/CVE-2020-13925.json | 8 +- 2020/CVE-2020-1611.json | 25 -- 2020/CVE-2020-1938.json | 276 ----------------- 2020/CVE-2020-2551.json | 23 -- 2020/CVE-2020-2555.json | 4 +- 2020/CVE-2020-2655.json | 25 -- 2020/CVE-2020-2883.json | 8 +- 2020/CVE-2020-3833.json | 25 -- 2020/CVE-2020-5236.json | 25 -- 2020/CVE-2020-5398.json | 25 -- 2020/CVE-2020-5509.json | 25 -- 2020/CVE-2020-5902.json | 12 +- 2020/CVE-2020-72381.json | 25 -- 2020/CVE-2020-7247.json | 71 ----- 2020/CVE-2020-7471.json | 46 --- 2020/CVE-2020-7799.json | 48 --- 2020/CVE-2020-7980.json | 25 -- 2020/CVE-2020-8218.json | 12 +- 2020/CVE-2020-8809.json | 25 -- 2020/CVE-2020-8813.json | 25 -- 2020/CVE-2020-8840.json | 46 --- README.md | 165 +---------- 41 files changed, 79 insertions(+), 1880 deletions(-) delete mode 100644 2020/CVE-2020-0683.json delete mode 100644 2020/CVE-2020-0728.json delete mode 100644 2020/CVE-2020-1611.json delete mode 100644 2020/CVE-2020-2655.json delete mode 100644 2020/CVE-2020-3833.json delete mode 100644 2020/CVE-2020-5236.json delete mode 100644 2020/CVE-2020-5398.json delete mode 100644 2020/CVE-2020-5509.json delete mode 100644 2020/CVE-2020-72381.json delete mode 100644 2020/CVE-2020-7247.json delete mode 100644 2020/CVE-2020-7799.json delete mode 100644 2020/CVE-2020-7980.json delete mode 100644 2020/CVE-2020-8809.json delete mode 100644 2020/CVE-2020-8813.json diff --git a/2015/CVE-2015-3306.json b/2015/CVE-2015-3306.json index b98a60f6dd..ce9d6f7402 100644 --- a/2015/CVE-2015-3306.json +++ b/2015/CVE-2015-3306.json @@ -63,8 +63,8 @@ "pushed_at": "2018-04-07T01:10:06Z", "stargazers_count": 59, "watchers_count": 59, - "forks_count": 28, - "forks": 28, + "forks_count": 29, + "forks": 29, "watchers": 59, "score": 0 }, diff --git a/2018/CVE-2018-10933.json b/2018/CVE-2018-10933.json index 2b01228fba..fa6ff2f090 100644 --- a/2018/CVE-2018-10933.json +++ b/2018/CVE-2018-10933.json @@ -220,7 +220,7 @@ "description": "cve-2018-10933 libssh authentication bypass", "fork": false, "created_at": "2018-10-18T19:13:45Z", - "updated_at": "2020-08-08T06:05:56Z", + "updated_at": "2020-09-01T00:31:00Z", "pushed_at": "2018-10-21T21:24:29Z", "stargazers_count": 94, "watchers_count": 94, diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json index 6fb67b03bc..dfe8cb9668 100644 --- a/2018/CVE-2018-7600.json +++ b/2018/CVE-2018-7600.json @@ -36,13 +36,13 @@ "description": "Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 \/ CVE-2018-7600 \/ SA-CORE-2018-002)", "fork": false, "created_at": "2018-04-12T22:53:14Z", - "updated_at": "2020-08-28T05:21:51Z", + "updated_at": "2020-08-31T21:47:18Z", "pushed_at": "2019-03-13T07:11:23Z", - "stargazers_count": 433, - "watchers_count": 433, + "stargazers_count": 434, + "watchers_count": 434, "forks_count": 145, "forks": 145, - "watchers": 433, + "watchers": 434, "score": 0 }, { diff --git a/2018/CVE-2018-9995.json b/2018/CVE-2018-9995.json index a0b0a1f107..722419c8ae 100644 --- a/2018/CVE-2018-9995.json +++ b/2018/CVE-2018-9995.json @@ -128,13 +128,13 @@ "description": "DVR-Exploiter a Bash Script Program Exploit The DVR's Based on CVE-2018-9995", "fork": false, "created_at": "2018-09-23T20:58:40Z", - "updated_at": "2020-08-31T16:37:14Z", + "updated_at": "2020-09-01T00:42:53Z", "pushed_at": "2018-10-11T16:54:31Z", - "stargazers_count": 69, - "watchers_count": 69, + "stargazers_count": 70, + "watchers_count": 70, "forks_count": 37, "forks": 37, - "watchers": 69, + "watchers": 70, "score": 0 }, { diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index 45fca64a54..b9868b06cd 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1508,13 +1508,13 @@ "description": "Proof of concept for CVE-2019-0708", "fork": false, "created_at": "2019-05-29T16:53:54Z", - "updated_at": "2020-08-27T17:37:53Z", + "updated_at": "2020-08-31T21:22:32Z", "pushed_at": "2019-09-03T20:50:28Z", - "stargazers_count": 1039, - "watchers_count": 1039, + "stargazers_count": 1040, + "watchers_count": 1040, "forks_count": 349, "forks": 349, - "watchers": 1039, + "watchers": 1040, "score": 0 }, { diff --git a/2019/CVE-2019-15126.json b/2019/CVE-2019-15126.json index e2240f6691..ea5fec3977 100644 --- a/2019/CVE-2019-15126.json +++ b/2019/CVE-2019-15126.json @@ -36,13 +36,13 @@ "description": "PoC exploit for the CVE-2019-15126 kr00k vulnerability", "fork": false, "created_at": "2020-03-13T14:53:54Z", - "updated_at": "2020-08-28T23:48:57Z", + "updated_at": "2020-08-31T21:39:31Z", "pushed_at": "2020-03-22T19:46:04Z", - "stargazers_count": 170, - "watchers_count": 170, + "stargazers_count": 171, + "watchers_count": 171, "forks_count": 52, "forks": 52, - "watchers": 170, + "watchers": 171, "score": 0 }, { diff --git a/2019/CVE-2019-17026.json b/2019/CVE-2019-17026.json index 1dcb726fb7..be1910740a 100644 --- a/2019/CVE-2019-17026.json +++ b/2019/CVE-2019-17026.json @@ -13,13 +13,13 @@ "description": "An exploit for CVE-2019-17026. It pops xcalc and was tested on Ubuntu (x64).", "fork": false, "created_at": "2020-08-27T19:32:07Z", - "updated_at": "2020-08-31T17:37:33Z", + "updated_at": "2020-09-01T03:04:57Z", "pushed_at": "2020-08-27T19:33:42Z", - "stargazers_count": 31, - "watchers_count": 31, + "stargazers_count": 34, + "watchers_count": 34, "forks_count": 14, "forks": 14, - "watchers": 31, + "watchers": 34, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index cc6656f843..6d563bbe98 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -36,13 +36,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-08-31T19:52:48Z", + "updated_at": "2020-09-01T02:44:55Z", "pushed_at": "2020-08-03T04:37:30Z", - "stargazers_count": 1551, - "watchers_count": 1551, - "forks_count": 406, - "forks": 406, - "watchers": 1551, + "stargazers_count": 1554, + "watchers_count": 1554, + "forks_count": 408, + "forks": 408, + "watchers": 1554, "score": 0 }, { diff --git a/2019/CVE-2019-6340.json b/2019/CVE-2019-6340.json index 02eed72883..91ff371bb8 100644 --- a/2019/CVE-2019-6340.json +++ b/2019/CVE-2019-6340.json @@ -159,5 +159,28 @@ "forks": 23, "watchers": 64, "score": 0 + }, + { + "id": 291841926, + "name": "drupal8-REST-RCE", + "full_name": "ludy-dev\/drupal8-REST-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/drupal8-REST-RCE", + "description": "CVE-2019-6340 drupal8-REST-RCE ", + "fork": false, + "created_at": "2020-08-31T22:55:18Z", + "updated_at": "2020-08-31T22:57:05Z", + "pushed_at": "2020-08-31T22:57:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0601.json b/2020/CVE-2020-0601.json index de01013748..b5510e84ab 100644 --- a/2020/CVE-2020-0601.json +++ b/2020/CVE-2020-0601.json @@ -1,142 +1,4 @@ [ - { - "id": 233959211, - "name": "CVE-2020-0601", - "full_name": "nissan-sudo\/CVE-2020-0601", - "owner": { - "login": "nissan-sudo", - "id": 58976920, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/58976920?v=4", - "html_url": "https:\/\/github.com\/nissan-sudo" - }, - "html_url": "https:\/\/github.com\/nissan-sudo\/CVE-2020-0601", - "description": "Remote Code Execution Exploit ", - "fork": false, - "created_at": "2020-01-14T23:53:18Z", - "updated_at": "2020-01-27T17:28:37Z", - "pushed_at": "2020-01-14T23:56:22Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 1, - "forks": 1, - "watchers": 2, - "score": 0 - }, - { - "id": 233960159, - "name": "cve-2020-0601", - "full_name": "0xxon\/cve-2020-0601", - "owner": { - "login": "0xxon", - "id": 1538460, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1538460?v=4", - "html_url": "https:\/\/github.com\/0xxon" - }, - "html_url": "https:\/\/github.com\/0xxon\/cve-2020-0601", - "description": "Zeek package to detect CVE-2020-0601", - "fork": false, - "created_at": "2020-01-15T00:01:29Z", - "updated_at": "2020-02-12T19:30:05Z", - "pushed_at": "2020-02-12T19:30:03Z", - "stargazers_count": 34, - "watchers_count": 34, - "forks_count": 10, - "forks": 10, - "watchers": 34, - "score": 0 - }, - { - "id": 234134766, - "name": "CVE-2020-0601", - "full_name": "SherlockSec\/CVE-2020-0601", - "owner": { - "login": "SherlockSec", - "id": 37545173, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37545173?v=4", - "html_url": "https:\/\/github.com\/SherlockSec" - }, - "html_url": "https:\/\/github.com\/SherlockSec\/CVE-2020-0601", - "description": "A Windows Crypto Exploit", - "fork": false, - "created_at": "2020-01-15T17:26:58Z", - "updated_at": "2020-01-16T20:56:07Z", - "pushed_at": "2020-01-15T17:28:20Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 234146234, - "name": "CVE-2020-0601", - "full_name": "JPurrier\/CVE-2020-0601", - "owner": { - "login": "JPurrier", - "id": 25715340, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25715340?v=4", - "html_url": "https:\/\/github.com\/JPurrier" - }, - "html_url": "https:\/\/github.com\/JPurrier\/CVE-2020-0601", - "description": null, - "fork": false, - "created_at": "2020-01-15T18:31:30Z", - "updated_at": "2020-01-17T10:49:19Z", - "pushed_at": "2020-01-17T10:49:17Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 234190972, - "name": "cve-2020-0601-plugin", - "full_name": "0xxon\/cve-2020-0601-plugin", - "owner": { - "login": "0xxon", - "id": 1538460, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1538460?v=4", - "html_url": "https:\/\/github.com\/0xxon" - }, - "html_url": "https:\/\/github.com\/0xxon\/cve-2020-0601-plugin", - "description": "Zeek package that uses OpenSSL to detect CVE-2020-0601 exploit attempts", - "fork": false, - "created_at": "2020-01-15T23:07:02Z", - "updated_at": "2020-02-12T19:38:37Z", - "pushed_at": "2020-02-12T19:38:35Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 1, - "forks": 1, - "watchers": 5, - "score": 0 - }, - { - "id": 234191063, - "name": "CurveBall", - "full_name": "ollypwn\/CurveBall", - "owner": { - "login": "ollypwn", - "id": 53348818, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/53348818?v=4", - "html_url": "https:\/\/github.com\/ollypwn" - }, - "html_url": "https:\/\/github.com\/ollypwn\/CurveBall", - "description": "PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)", - "fork": false, - "created_at": "2020-01-15T23:07:41Z", - "updated_at": "2020-08-31T20:40:55Z", - "pushed_at": "2020-01-20T23:33:19Z", - "stargazers_count": 824, - "watchers_count": 824, - "forks_count": 213, - "forks": 213, - "watchers": 824, - "score": 0 - }, { "id": 234192123, "name": "chainoffools", @@ -160,466 +22,6 @@ "watchers": 326, "score": 0 }, - { - "id": 234220195, - "name": "Awesome-CVE-2020-0601", - "full_name": "RrUZi\/Awesome-CVE-2020-0601", - "owner": { - "login": "RrUZi", - "id": 43235635, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43235635?v=4", - "html_url": "https:\/\/github.com\/RrUZi" - }, - "html_url": "https:\/\/github.com\/RrUZi\/Awesome-CVE-2020-0601", - "description": "😂An awesome curated list of repos for CVE-2020-0601.", - "fork": false, - "created_at": "2020-01-16T02:46:21Z", - "updated_at": "2020-02-13T14:33:37Z", - "pushed_at": "2020-02-02T02:29:23Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 1, - "forks": 1, - "watchers": 3, - "score": 0 - }, - { - "id": 234317211, - "name": "CVE-2020-0601", - "full_name": "BleepSec\/CVE-2020-0601", - "owner": { - "login": "BleepSec", - "id": 550582, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/550582?v=4", - "html_url": "https:\/\/github.com\/BleepSec" - }, - "html_url": "https:\/\/github.com\/BleepSec\/CVE-2020-0601", - "description": "Curated list of CVE-2020-0601 resources", - "fork": false, - "created_at": "2020-01-16T12:40:48Z", - "updated_at": "2020-02-12T10:22:35Z", - "pushed_at": "2020-02-03T21:24:45Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 1, - "forks": 1, - "watchers": 1, - "score": 0 - }, - { - "id": 234378948, - "name": "CVE-2020-0601", - "full_name": "apmunch\/CVE-2020-0601", - "owner": { - "login": "apmunch", - "id": 7328483, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/7328483?v=4", - "html_url": "https:\/\/github.com\/apmunch" - }, - "html_url": "https:\/\/github.com\/apmunch\/CVE-2020-0601", - "description": null, - "fork": false, - "created_at": "2020-01-16T17:54:36Z", - "updated_at": "2020-01-16T18:04:01Z", - "pushed_at": "2020-01-16T18:03:59Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 234433419, - "name": "badecparams", - "full_name": "saleemrashid\/badecparams", - "owner": { - "login": "saleemrashid", - "id": 22301423, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22301423?v=4", - "html_url": "https:\/\/github.com\/saleemrashid" - }, - "html_url": "https:\/\/github.com\/saleemrashid\/badecparams", - "description": "Proof of Concept for CVE-2020-0601", - "fork": false, - "created_at": "2020-01-16T23:44:37Z", - "updated_at": "2020-07-18T17:49:10Z", - "pushed_at": "2020-02-24T18:41:10Z", - "stargazers_count": 60, - "watchers_count": 60, - "forks_count": 13, - "forks": 13, - "watchers": 60, - "score": 0 - }, - { - "id": 234442281, - "name": "cve-2020-0601-utils", - "full_name": "0xxon\/cve-2020-0601-utils", - "owner": { - "login": "0xxon", - "id": 1538460, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1538460?v=4", - "html_url": "https:\/\/github.com\/0xxon" - }, - "html_url": "https:\/\/github.com\/0xxon\/cve-2020-0601-utils", - "description": "C++ based utility to check if certificates are trying to exploit CVE-2020-0601", - "fork": false, - "created_at": "2020-01-17T01:02:52Z", - "updated_at": "2020-01-21T19:49:00Z", - "pushed_at": "2020-01-21T19:48:58Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, - "score": 0 - }, - { - "id": 234588471, - "name": "CVE-2020-0601", - "full_name": "MarkusZehnle\/CVE-2020-0601", - "owner": { - "login": "MarkusZehnle", - "id": 60010315, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/60010315?v=4", - "html_url": "https:\/\/github.com\/MarkusZehnle" - }, - "html_url": "https:\/\/github.com\/MarkusZehnle\/CVE-2020-0601", - "description": null, - "fork": false, - "created_at": "2020-01-17T16:24:31Z", - "updated_at": "2020-01-17T16:42:32Z", - "pushed_at": "2020-01-17T16:42:30Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 234598729, - "name": "CVE-2020-0601", - "full_name": "YoannDqr\/CVE-2020-0601", - "owner": { - "login": "YoannDqr", - "id": 26006989, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/26006989?v=4", - "html_url": "https:\/\/github.com\/YoannDqr" - }, - "html_url": "https:\/\/github.com\/YoannDqr\/CVE-2020-0601", - "description": "CurveBall CVE exploitation", - "fork": false, - "created_at": "2020-01-17T17:17:55Z", - "updated_at": "2020-02-09T12:37:38Z", - "pushed_at": "2020-01-20T10:52:57Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, - { - "id": 234714299, - "name": "cve-2020-0601-Perl", - "full_name": "thimelp\/cve-2020-0601-Perl", - "owner": { - "login": "thimelp", - "id": 60032194, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/60032194?v=4", - "html_url": "https:\/\/github.com\/thimelp" - }, - "html_url": "https:\/\/github.com\/thimelp\/cve-2020-0601-Perl", - "description": "Perl version of recently published scripts to build ECC certificates with specific parameters re CVE-2020-0601", - "fork": false, - "created_at": "2020-01-18T09:58:16Z", - "updated_at": "2020-02-07T23:24:44Z", - "pushed_at": "2020-01-18T12:07:06Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 234920281, - "name": "curveball_lua", - "full_name": "dlee35\/curveball_lua", - "owner": { - "login": "dlee35", - "id": 7849311, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7849311?v=4", - "html_url": "https:\/\/github.com\/dlee35" - }, - "html_url": "https:\/\/github.com\/dlee35\/curveball_lua", - "description": "Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic", - "fork": false, - "created_at": "2020-01-19T15:20:19Z", - "updated_at": "2020-01-19T21:25:55Z", - "pushed_at": "2020-01-19T21:25:53Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 234944443, - "name": "-CVE-2020-0601-ECC---EXPLOIT", - "full_name": "IIICTECH\/-CVE-2020-0601-ECC---EXPLOIT", - "owner": { - "login": "IIICTECH", - "id": 5104528, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5104528?v=4", - "html_url": "https:\/\/github.com\/IIICTECH" - }, - "html_url": "https:\/\/github.com\/IIICTECH\/-CVE-2020-0601-ECC---EXPLOIT", - "description": "CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers can supply hand-rolled generators, bypassing validation, antivirus & all non-protections. ", - "fork": false, - "created_at": "2020-01-19T18:20:26Z", - "updated_at": "2020-01-27T17:28:54Z", - "pushed_at": "2020-01-19T18:26:33Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 235000073, - "name": "CVE-2020-0601", - "full_name": "Ash112121\/CVE-2020-0601", - "owner": { - "login": "Ash112121", - "id": 50549802, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/50549802?v=4", - "html_url": "https:\/\/github.com\/Ash112121" - }, - "html_url": "https:\/\/github.com\/Ash112121\/CVE-2020-0601", - "description": null, - "fork": false, - "created_at": "2020-01-20T02:04:05Z", - "updated_at": "2020-01-20T02:05:22Z", - "pushed_at": "2020-01-20T02:05:20Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 235145190, - "name": "curveball", - "full_name": "gentilkiwi\/curveball", - "owner": { - "login": "gentilkiwi", - "id": 2307945, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2307945?v=4", - "html_url": "https:\/\/github.com\/gentilkiwi" - }, - "html_url": "https:\/\/github.com\/gentilkiwi\/curveball", - "description": "CVE-2020-0601 #curveball - Alternative Key Calculator", - "fork": false, - "created_at": "2020-01-20T16:24:20Z", - "updated_at": "2020-07-09T18:52:50Z", - "pushed_at": "2020-01-20T23:00:14Z", - "stargazers_count": 63, - "watchers_count": 63, - "forks_count": 10, - "forks": 10, - "watchers": 63, - "score": 0 - }, - { - "id": 235858699, - "name": "CurveBall", - "full_name": "Hans-MartinHannibalLauridsen\/CurveBall", - "owner": { - "login": "Hans-MartinHannibalLauridsen", - "id": 19854797, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19854797?v=4", - "html_url": "https:\/\/github.com\/Hans-MartinHannibalLauridsen" - }, - "html_url": "https:\/\/github.com\/Hans-MartinHannibalLauridsen\/CurveBall", - "description": "CVE-2020-0601: Windows CryptoAPI Vulnerability. (CurveBall\/ChainOfFools)", - "fork": false, - "created_at": "2020-01-23T18:26:48Z", - "updated_at": "2020-03-15T21:32:59Z", - "pushed_at": "2020-01-28T10:11:44Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, - { - "id": 236119532, - "name": "PoC_CurveBall", - "full_name": "apodlosky\/PoC_CurveBall", - "owner": { - "login": "apodlosky", - "id": 36350051, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/36350051?v=4", - "html_url": "https:\/\/github.com\/apodlosky" - }, - "html_url": "https:\/\/github.com\/apodlosky\/PoC_CurveBall", - "description": "PoC for \"CurveBall\" CVE-2020-0601", - "fork": false, - "created_at": "2020-01-25T03:11:36Z", - "updated_at": "2020-02-19T04:00:05Z", - "pushed_at": "2020-02-19T04:00:03Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 236845131, - "name": "Curveball", - "full_name": "ioncodes\/Curveball", - "owner": { - "login": "ioncodes", - "id": 18533297, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18533297?v=4", - "html_url": "https:\/\/github.com\/ioncodes" - }, - "html_url": "https:\/\/github.com\/ioncodes\/Curveball", - "description": "PoC for CVE-2020-0601 - CryptoAPI exploit", - "fork": false, - "created_at": "2020-01-28T21:24:54Z", - "updated_at": "2020-08-14T20:36:50Z", - "pushed_at": "2020-01-28T22:06:57Z", - "stargazers_count": 17, - "watchers_count": 17, - "forks_count": 3, - "forks": 3, - "watchers": 17, - "score": 0 - }, - { - "id": 236884560, - "name": "gringotts", - "full_name": "amlweems\/gringotts", - "owner": { - "login": "amlweems", - "id": 117625, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/117625?v=4", - "html_url": "https:\/\/github.com\/amlweems" - }, - "html_url": "https:\/\/github.com\/amlweems\/gringotts", - "description": "proof of concept for CVE-2020-0601", - "fork": false, - "created_at": "2020-01-29T01:59:43Z", - "updated_at": "2020-01-29T02:12:44Z", - "pushed_at": "2020-01-30T20:16:15Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 237977846, - "name": "CVE-2020-0601", - "full_name": "aloswoya\/CVE-2020-0601", - "owner": { - "login": "aloswoya", - "id": 21354684, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/21354684?v=4", - "html_url": "https:\/\/github.com\/aloswoya" - }, - "html_url": "https:\/\/github.com\/aloswoya\/CVE-2020-0601", - "description": "PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https:\/\/github.com\/ollypwn\/CurveBall", - "fork": false, - "created_at": "2020-02-03T13:58:07Z", - "updated_at": "2020-02-03T16:30:26Z", - "pushed_at": "2020-02-03T16:30:25Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, - { - "id": 237996900, - "name": "CurveBallDetection", - "full_name": "talbeerysec\/CurveBallDetection", - "owner": { - "login": "talbeerysec", - "id": 25826743, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25826743?v=4", - "html_url": "https:\/\/github.com\/talbeerysec" - }, - "html_url": "https:\/\/github.com\/talbeerysec\/CurveBallDetection", - "description": "Resources related to CurveBall (CVE-2020-0601) detection", - "fork": false, - "created_at": "2020-02-03T15:25:54Z", - "updated_at": "2020-02-03T21:05:53Z", - "pushed_at": "2020-02-03T21:05:50Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 238791221, - "name": "CurveballCertTool", - "full_name": "david4599\/CurveballCertTool", - "owner": { - "login": "david4599", - "id": 29437084, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29437084?v=4", - "html_url": "https:\/\/github.com\/david4599" - }, - "html_url": "https:\/\/github.com\/david4599\/CurveballCertTool", - "description": "PoC for CVE-2020-0601 vulnerability (Code Signing)", - "fork": false, - "created_at": "2020-02-06T21:46:31Z", - "updated_at": "2020-02-17T01:12:16Z", - "pushed_at": "2020-02-06T22:04:17Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 3, - "forks": 3, - "watchers": 4, - "score": 0 - }, - { - "id": 241135389, - "name": "CVE-2020-0601-EXP", - "full_name": "eastmountyxz\/CVE-2020-0601-EXP", - "owner": { - "login": "eastmountyxz", - "id": 53172375, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/53172375?v=4", - "html_url": "https:\/\/github.com\/eastmountyxz" - }, - "html_url": "https:\/\/github.com\/eastmountyxz\/CVE-2020-0601-EXP", - "description": "这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,理解ECC算法、Windows验证机制,并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者,自己确实很菜,但希望坚持下去,加油!", - "fork": false, - "created_at": "2020-02-17T15:01:54Z", - "updated_at": "2020-03-04T09:43:27Z", - "pushed_at": "2020-02-17T16:09:40Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, { "id": 241136874, "name": "CVE-2018-20250-WinRAR", @@ -643,29 +45,6 @@ "watchers": 0, "score": 0 }, - { - "id": 241412565, - "name": "cve-2020-0601_poc", - "full_name": "gremwell\/cve-2020-0601_poc", - "owner": { - "login": "gremwell", - "id": 633734, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/633734?v=4", - "html_url": "https:\/\/github.com\/gremwell" - }, - "html_url": "https:\/\/github.com\/gremwell\/cve-2020-0601_poc", - "description": "CVE-2020-0601 proof of concept", - "fork": false, - "created_at": "2020-02-18T16:36:49Z", - "updated_at": "2020-02-19T08:46:38Z", - "pushed_at": "2020-02-19T08:46:36Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 1, - "forks": 1, - "watchers": 1, - "score": 0 - }, { "id": 243353551, "name": "meetup-2-curveball", diff --git a/2020/CVE-2020-0609.json b/2020/CVE-2020-0609.json index 6f57f852fe..5e36f34f94 100644 --- a/2020/CVE-2020-0609.json +++ b/2020/CVE-2020-0609.json @@ -21,97 +21,5 @@ "forks": 3, "watchers": 32, "score": 0 - }, - { - "id": 235899471, - "name": "BlueGate", - "full_name": "ollypwn\/BlueGate", - "owner": { - "login": "ollypwn", - "id": 53348818, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/53348818?v=4", - "html_url": "https:\/\/github.com\/ollypwn" - }, - "html_url": "https:\/\/github.com\/ollypwn\/BlueGate", - "description": "PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE", - "fork": false, - "created_at": "2020-01-23T22:29:46Z", - "updated_at": "2020-08-28T06:11:04Z", - "pushed_at": "2020-01-24T15:21:06Z", - "stargazers_count": 219, - "watchers_count": 219, - "forks_count": 67, - "forks": 67, - "watchers": 219, - "score": 0 - }, - { - "id": 235935839, - "name": "RDGScanner", - "full_name": "MalwareTech\/RDGScanner", - "owner": { - "login": "MalwareTech", - "id": 7256561, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7256561?v=4", - "html_url": "https:\/\/github.com\/MalwareTech" - }, - "html_url": "https:\/\/github.com\/MalwareTech\/RDGScanner", - "description": "A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.", - "fork": false, - "created_at": "2020-01-24T03:52:49Z", - "updated_at": "2020-08-19T08:12:29Z", - "pushed_at": "2020-01-26T21:04:27Z", - "stargazers_count": 67, - "watchers_count": 67, - "forks_count": 30, - "forks": 30, - "watchers": 67, - "score": 0 - }, - { - "id": 236030102, - "name": "CVE-2020-0609", - "full_name": "Bechsen\/CVE-2020-0609", - "owner": { - "login": "Bechsen", - "id": 6298298, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6298298?v=4", - "html_url": "https:\/\/github.com\/Bechsen" - }, - "html_url": "https:\/\/github.com\/Bechsen\/CVE-2020-0609", - "description": null, - "fork": false, - "created_at": "2020-01-24T15:39:39Z", - "updated_at": "2020-01-28T12:36:06Z", - "pushed_at": "2020-01-28T12:36:04Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 2, - "forks": 2, - "watchers": 1, - "score": 0 - }, - { - "id": 236072228, - "name": "BlueGate", - "full_name": "ioncodes\/BlueGate", - "owner": { - "login": "ioncodes", - "id": 18533297, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18533297?v=4", - "html_url": "https:\/\/github.com\/ioncodes" - }, - "html_url": "https:\/\/github.com\/ioncodes\/BlueGate", - "description": "PoC for the Remote Desktop Gateway vulnerability - CVE-2020-0609 & CVE-2020-0610", - "fork": false, - "created_at": "2020-01-24T19:47:45Z", - "updated_at": "2020-08-19T08:12:25Z", - "pushed_at": "2020-01-31T13:49:06Z", - "stargazers_count": 71, - "watchers_count": 71, - "forks_count": 17, - "forks": 17, - "watchers": 71, - "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0618.json b/2020/CVE-2020-0618.json index 67a1da4e0e..8754ded6a6 100644 --- a/2020/CVE-2020-0618.json +++ b/2020/CVE-2020-0618.json @@ -1,27 +1,4 @@ [ - { - "id": 240657889, - "name": "CVE-2020-0618", - "full_name": "euphrat1ca\/CVE-2020-0618", - "owner": { - "login": "euphrat1ca", - "id": 23180818, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23180818?v=4", - "html_url": "https:\/\/github.com\/euphrat1ca" - }, - "html_url": "https:\/\/github.com\/euphrat1ca\/CVE-2020-0618", - "description": "SQL Server Reporting Services(CVE-2020-0618)中的RCE", - "fork": false, - "created_at": "2020-02-15T06:40:23Z", - "updated_at": "2020-08-31T19:55:13Z", - "pushed_at": "2020-02-15T06:41:54Z", - "stargazers_count": 181, - "watchers_count": 181, - "forks_count": 38, - "forks": 38, - "watchers": 181, - "score": 0 - }, { "id": 241408033, "name": "cve-2020-0618", diff --git a/2020/CVE-2020-0668.json b/2020/CVE-2020-0668.json index 339c7cf6f2..837a88d337 100644 --- a/2020/CVE-2020-0668.json +++ b/2020/CVE-2020-0668.json @@ -1,50 +1,4 @@ [ - { - "id": 214392452, - "name": "SysTracingPoc", - "full_name": "itm4n\/SysTracingPoc", - "owner": { - "login": "itm4n", - "id": 30777390, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/30777390?v=4", - "html_url": "https:\/\/github.com\/itm4n" - }, - "html_url": "https:\/\/github.com\/itm4n\/SysTracingPoc", - "description": "CVE-2020-0668 - Microsoft Windows Service Tracing Arbitrary File Move Local Privilege Escalation Vulnerability", - "fork": false, - "created_at": "2019-10-11T09:08:02Z", - "updated_at": "2020-06-21T10:54:09Z", - "pushed_at": "2020-02-26T09:24:45Z", - "stargazers_count": 44, - "watchers_count": 44, - "forks_count": 17, - "forks": 17, - "watchers": 44, - "score": 0 - }, - { - "id": 241809572, - "name": "CVE-2020-0668", - "full_name": "RedCursorSecurityConsulting\/CVE-2020-0668", - "owner": { - "login": "RedCursorSecurityConsulting", - "id": 61265565, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/61265565?v=4", - "html_url": "https:\/\/github.com\/RedCursorSecurityConsulting" - }, - "html_url": "https:\/\/github.com\/RedCursorSecurityConsulting\/CVE-2020-0668", - "description": "Use CVE-2020-0668 to perform an arbitrary privileged file move operation.", - "fork": false, - "created_at": "2020-02-20T06:22:40Z", - "updated_at": "2020-08-27T17:38:18Z", - "pushed_at": "2020-02-20T11:03:18Z", - "stargazers_count": 170, - "watchers_count": 170, - "forks_count": 44, - "forks": 44, - "watchers": 170, - "score": 0 - }, { "id": 243248025, "name": "CVE-2020-0668", diff --git a/2020/CVE-2020-0674.json b/2020/CVE-2020-0674.json index 1f7b119048..3eb5d124da 100644 --- a/2020/CVE-2020-0674.json +++ b/2020/CVE-2020-0674.json @@ -1,27 +1,4 @@ [ - { - "id": 235790827, - "name": "CVE-2020-0674", - "full_name": "binaryfigments\/CVE-2020-0674", - "owner": { - "login": "binaryfigments", - "id": 2205121, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/2205121?v=4", - "html_url": "https:\/\/github.com\/binaryfigments" - }, - "html_url": "https:\/\/github.com\/binaryfigments\/CVE-2020-0674", - "description": "Info about CVE-2020-0674", - "fork": false, - "created_at": "2020-01-23T12:30:51Z", - "updated_at": "2020-03-30T17:27:13Z", - "pushed_at": "2020-01-23T12:54:24Z", - "stargazers_count": 14, - "watchers_count": 14, - "forks_count": 9, - "forks": 9, - "watchers": 14, - "score": 0 - }, { "id": 262167867, "name": "CVE-2020-0674-Exploit", diff --git a/2020/CVE-2020-0683.json b/2020/CVE-2020-0683.json deleted file mode 100644 index 20bfe70ffe..0000000000 --- a/2020/CVE-2020-0683.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 239812937, - "name": "CVE-2020-0683", - "full_name": "padovah4ck\/CVE-2020-0683", - "owner": { - "login": "padovah4ck", - "id": 13963076, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/13963076?v=4", - "html_url": "https:\/\/github.com\/padovah4ck" - }, - "html_url": "https:\/\/github.com\/padovah4ck\/CVE-2020-0683", - "description": "CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege", - "fork": false, - "created_at": "2020-02-11T16:42:34Z", - "updated_at": "2020-08-03T06:25:49Z", - "pushed_at": "2020-02-11T21:34:28Z", - "stargazers_count": 222, - "watchers_count": 222, - "forks_count": 46, - "forks": 46, - "watchers": 222, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-0688.json b/2020/CVE-2020-0688.json index d76481254c..f0ba1d7b79 100644 --- a/2020/CVE-2020-0688.json +++ b/2020/CVE-2020-0688.json @@ -1,27 +1,4 @@ [ - { - "id": 243126851, - "name": "cve-2020-0688", - "full_name": "random-robbie\/cve-2020-0688", - "owner": { - "login": "random-robbie", - "id": 4902869, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4902869?v=4", - "html_url": "https:\/\/github.com\/random-robbie" - }, - "html_url": "https:\/\/github.com\/random-robbie\/cve-2020-0688", - "description": "cve-2020-0688", - "fork": false, - "created_at": "2020-02-25T23:44:16Z", - "updated_at": "2020-08-27T17:38:18Z", - "pushed_at": "2020-02-26T00:58:39Z", - "stargazers_count": 145, - "watchers_count": 145, - "forks_count": 47, - "forks": 47, - "watchers": 145, - "score": 0 - }, { "id": 243257176, "name": "CVE-2020-0688", diff --git a/2020/CVE-2020-0728.json b/2020/CVE-2020-0728.json deleted file mode 100644 index 409616940f..0000000000 --- a/2020/CVE-2020-0728.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 240129027, - "name": "CVE-2020-0728", - "full_name": "irsl\/CVE-2020-0728", - "owner": { - "login": "irsl", - "id": 6357121, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6357121?v=4", - "html_url": "https:\/\/github.com\/irsl" - }, - "html_url": "https:\/\/github.com\/irsl\/CVE-2020-0728", - "description": "Proof of Concept code for CVE-2020-0728", - "fork": false, - "created_at": "2020-02-12T22:32:28Z", - "updated_at": "2020-07-31T16:16:51Z", - "pushed_at": "2020-02-12T22:50:22Z", - "stargazers_count": 37, - "watchers_count": 37, - "forks_count": 9, - "forks": 9, - "watchers": 37, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-0753.json b/2020/CVE-2020-0753.json index 405c8f654e..cf117f6b28 100644 --- a/2020/CVE-2020-0753.json +++ b/2020/CVE-2020-0753.json @@ -21,28 +21,5 @@ "forks": 11, "watchers": 13, "score": 0 - }, - { - "id": 242502226, - "name": "CVE-2020-0753-and-CVE-2020-0754", - "full_name": "VikasVarshney\/CVE-2020-0753-and-CVE-2020-0754", - "owner": { - "login": "VikasVarshney", - "id": 3353731, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3353731?v=4", - "html_url": "https:\/\/github.com\/VikasVarshney" - }, - "html_url": "https:\/\/github.com\/VikasVarshney\/CVE-2020-0753-and-CVE-2020-0754", - "description": "Writeup and POC for CVE-2020-0753, CVE-2020-0754 and six unfixed Window DOS Vulnerabilities.", - "fork": false, - "created_at": "2020-02-23T11:10:49Z", - "updated_at": "2020-03-11T13:36:15Z", - "pushed_at": "2020-02-22T13:57:48Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 13, - "forks": 13, - "watchers": 3, - "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0787.json b/2020/CVE-2020-0787.json index 46ef65d2b6..4f2c79f5ff 100644 --- a/2020/CVE-2020-0787.json +++ b/2020/CVE-2020-0787.json @@ -13,13 +13,13 @@ "description": "Support ALL Windows Version", "fork": false, "created_at": "2020-06-16T08:57:51Z", - "updated_at": "2020-08-31T14:37:46Z", + "updated_at": "2020-09-01T02:32:38Z", "pushed_at": "2020-06-18T00:42:57Z", - "stargazers_count": 404, - "watchers_count": 404, + "stargazers_count": 405, + "watchers_count": 405, "forks_count": 96, "forks": 96, - "watchers": 404, + "watchers": 405, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-13925.json b/2020/CVE-2020-13925.json index a7db31ac8e..6f0f36f4e8 100644 --- a/2020/CVE-2020-13925.json +++ b/2020/CVE-2020-13925.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-07-20T10:38:14Z", - "updated_at": "2020-07-26T15:17:53Z", + "updated_at": "2020-09-01T02:28:05Z", "pushed_at": "2020-07-20T10:56:28Z", - "stargazers_count": 14, - "watchers_count": 14, + "stargazers_count": 15, + "watchers_count": 15, "forks_count": 0, "forks": 0, - "watchers": 14, + "watchers": 15, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1611.json b/2020/CVE-2020-1611.json deleted file mode 100644 index 8b8b6d70a9..0000000000 --- a/2020/CVE-2020-1611.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 235582404, - "name": "CVE-2020-1611", - "full_name": "Ibonok\/CVE-2020-1611", - "owner": { - "login": "Ibonok", - "id": 37837775, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37837775?v=4", - "html_url": "https:\/\/github.com\/Ibonok" - }, - "html_url": "https:\/\/github.com\/Ibonok\/CVE-2020-1611", - "description": "Juniper Junos Space (CVE-2020-1611) (PoC)", - "fork": false, - "created_at": "2020-01-22T13:45:21Z", - "updated_at": "2020-08-06T05:28:03Z", - "pushed_at": "2020-01-22T14:01:32Z", - "stargazers_count": 19, - "watchers_count": 19, - "forks_count": 6, - "forks": 6, - "watchers": 19, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 9d77bbc669..513dddab14 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -1,27 +1,4 @@ [ - { - "id": 241934230, - "name": "CVE-2020-1938", - "full_name": "0nise\/CVE-2020-1938", - "owner": { - "login": "0nise", - "id": 18393907, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/18393907?v=4", - "html_url": "https:\/\/github.com\/0nise" - }, - "html_url": "https:\/\/github.com\/0nise\/CVE-2020-1938", - "description": "CVE-2020-1938", - "fork": false, - "created_at": "2020-02-20T16:32:52Z", - "updated_at": "2020-08-31T19:54:51Z", - "pushed_at": "2020-02-25T02:04:16Z", - "stargazers_count": 188, - "watchers_count": 188, - "forks_count": 91, - "forks": 91, - "watchers": 188, - "score": 0 - }, { "id": 241940286, "name": "CVE-2020-1938", @@ -45,144 +22,6 @@ "watchers": 32, "score": 0 }, - { - "id": 241953243, - "name": "CNVD-2020-10487-Tomcat-ajp-POC", - "full_name": "nibiwodong\/CNVD-2020-10487-Tomcat-ajp-POC", - "owner": { - "login": "nibiwodong", - "id": 17465789, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/17465789?v=4", - "html_url": "https:\/\/github.com\/nibiwodong" - }, - "html_url": "https:\/\/github.com\/nibiwodong\/CNVD-2020-10487-Tomcat-ajp-POC", - "description": "CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc", - "fork": false, - "created_at": "2020-02-20T17:57:54Z", - "updated_at": "2020-08-31T19:55:06Z", - "pushed_at": "2020-02-23T17:06:06Z", - "stargazers_count": 67, - "watchers_count": 67, - "forks_count": 51, - "forks": 51, - "watchers": 67, - "score": 0 - }, - { - "id": 241988804, - "name": "CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", - "full_name": "bkfish\/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", - "owner": { - "login": "bkfish", - "id": 38547290, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/38547290?v=4", - "html_url": "https:\/\/github.com\/bkfish" - }, - "html_url": "https:\/\/github.com\/bkfish\/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", - "description": "Cnvd-2020-10487 \/ cve-2020-1938, scanner tool", - "fork": false, - "created_at": "2020-02-20T21:00:15Z", - "updated_at": "2020-08-27T04:26:44Z", - "pushed_at": "2020-02-24T12:06:08Z", - "stargazers_count": 191, - "watchers_count": 191, - "forks_count": 88, - "forks": 88, - "watchers": 191, - "score": 0 - }, - { - "id": 242038197, - "name": "CVE-2020-1938", - "full_name": "laolisafe\/CVE-2020-1938", - "owner": { - "login": "laolisafe", - "id": 45027935, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/45027935?v=4", - "html_url": "https:\/\/github.com\/laolisafe" - }, - "html_url": "https:\/\/github.com\/laolisafe\/CVE-2020-1938", - "description": "CVE-2020-1938漏洞复现", - "fork": false, - "created_at": "2020-02-21T02:36:37Z", - "updated_at": "2020-08-31T19:54:48Z", - "pushed_at": "2020-02-21T02:49:57Z", - "stargazers_count": 33, - "watchers_count": 33, - "forks_count": 10, - "forks": 10, - "watchers": 33, - "score": 0 - }, - { - "id": 242054816, - "name": "CVE-2020-1938", - "full_name": "DaemonShao\/CVE-2020-1938", - "owner": { - "login": "DaemonShao", - "id": 24861334, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24861334?v=4", - "html_url": "https:\/\/github.com\/DaemonShao" - }, - "html_url": "https:\/\/github.com\/DaemonShao\/CVE-2020-1938", - "description": null, - "fork": false, - "created_at": "2020-02-21T04:34:40Z", - "updated_at": "2020-02-21T08:05:08Z", - "pushed_at": "2020-02-21T04:40:38Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, - { - "id": 242083141, - "name": "CVE-2020-1938-Tomact-file_include-file_read", - "full_name": "sv3nbeast\/CVE-2020-1938-Tomact-file_include-file_read", - "owner": { - "login": "sv3nbeast", - "id": 55974091, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/55974091?v=4", - "html_url": "https:\/\/github.com\/sv3nbeast" - }, - "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-1938-Tomact-file_include-file_read", - "description": "Tomcat的文件包含及文件读取漏洞利用POC", - "fork": false, - "created_at": "2020-02-21T07:48:50Z", - "updated_at": "2020-08-11T18:39:02Z", - "pushed_at": "2020-02-21T10:19:52Z", - "stargazers_count": 16, - "watchers_count": 16, - "forks_count": 11, - "forks": 11, - "watchers": 16, - "score": 0 - }, - { - "id": 242093081, - "name": "CVE-2020-1938", - "full_name": "fairyming\/CVE-2020-1938", - "owner": { - "login": "fairyming", - "id": 44915879, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/44915879?v=4", - "html_url": "https:\/\/github.com\/fairyming" - }, - "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-1938", - "description": "在一定条件下可执行命令", - "fork": false, - "created_at": "2020-02-21T08:42:50Z", - "updated_at": "2020-07-26T11:21:58Z", - "pushed_at": "2020-02-21T08:45:51Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 7, - "forks": 7, - "watchers": 5, - "score": 0 - }, { "id": 242107452, "name": "CVE-2020-1938", @@ -206,98 +45,6 @@ "watchers": 2, "score": 0 }, - { - "id": 242163769, - "name": "CVE-2020-1938TomcatAjpScanner", - "full_name": "woaiqiukui\/CVE-2020-1938TomcatAjpScanner", - "owner": { - "login": "woaiqiukui", - "id": 49117752, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/49117752?v=4", - "html_url": "https:\/\/github.com\/woaiqiukui" - }, - "html_url": "https:\/\/github.com\/woaiqiukui\/CVE-2020-1938TomcatAjpScanner", - "description": "批量扫描TomcatAJP漏洞", - "fork": false, - "created_at": "2020-02-21T14:55:40Z", - "updated_at": "2020-07-31T16:12:42Z", - "pushed_at": "2020-02-22T01:58:22Z", - "stargazers_count": 7, - "watchers_count": 7, - "forks_count": 2, - "forks": 2, - "watchers": 7, - "score": 0 - }, - { - "id": 242193832, - "name": "tomcat-cve-2020-1938-check", - "full_name": "fatal0\/tomcat-cve-2020-1938-check", - "owner": { - "login": "fatal0", - "id": 6017581, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6017581?v=4", - "html_url": "https:\/\/github.com\/fatal0" - }, - "html_url": "https:\/\/github.com\/fatal0\/tomcat-cve-2020-1938-check", - "description": null, - "fork": false, - "created_at": "2020-02-21T17:24:45Z", - "updated_at": "2020-03-16T07:38:08Z", - "pushed_at": "2020-02-25T08:55:09Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 2, - "forks": 2, - "watchers": 3, - "score": 0 - }, - { - "id": 242284250, - "name": "GhostCat-LFI-exp", - "full_name": "ze0r\/GhostCat-LFI-exp", - "owner": { - "login": "ze0r", - "id": 43227253, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43227253?v=4", - "html_url": "https:\/\/github.com\/ze0r" - }, - "html_url": "https:\/\/github.com\/ze0r\/GhostCat-LFI-exp", - "description": "CVE-2020-1938", - "fork": false, - "created_at": "2020-02-22T05:17:09Z", - "updated_at": "2020-07-29T16:57:10Z", - "pushed_at": "2020-02-22T05:23:53Z", - "stargazers_count": 9, - "watchers_count": 9, - "forks_count": 7, - "forks": 7, - "watchers": 9, - "score": 0 - }, - { - "id": 242345920, - "name": "CNVD-2020-10487-Bulk-verification", - "full_name": "delsadan\/CNVD-2020-10487-Bulk-verification", - "owner": { - "login": "delsadan", - "id": 22538623, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22538623?v=4", - "html_url": "https:\/\/github.com\/delsadan" - }, - "html_url": "https:\/\/github.com\/delsadan\/CNVD-2020-10487-Bulk-verification", - "description": "CNVD-2020-10487 OR CVE-2020-1938 批量验证脚本,批量验证,并自动截图,方便提交及复核", - "fork": false, - "created_at": "2020-02-22T13:25:57Z", - "updated_at": "2020-07-02T17:02:39Z", - "pushed_at": "2020-02-24T08:18:02Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 3, - "forks": 3, - "watchers": 2, - "score": 0 - }, { "id": 242371713, "name": "Ghostcat-CNVD-2020-10487", @@ -321,29 +68,6 @@ "watchers": 130, "score": 0 }, - { - "id": 243285368, - "name": "ghostcat-verification", - "full_name": "shaunmclernon\/ghostcat-verification", - "owner": { - "login": "shaunmclernon", - "id": 54109164, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/54109164?v=4", - "html_url": "https:\/\/github.com\/shaunmclernon" - }, - "html_url": "https:\/\/github.com\/shaunmclernon\/ghostcat-verification", - "description": "Learnings on how to verify if vulnerable to Ghostcat (aka CVE-2020-1938)", - "fork": false, - "created_at": "2020-02-26T14:40:12Z", - "updated_at": "2020-04-02T08:32:30Z", - "pushed_at": "2020-02-26T15:33:58Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, { "id": 243545601, "name": "Ghostcat-CVE-2020-1938", diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 4f196122b4..ea9fe54aa4 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -22,29 +22,6 @@ "watchers": 666, "score": 0 }, - { - "id": 234696172, - "name": "CVE-2020-2551", - "full_name": "jas502n\/CVE-2020-2551", - "owner": { - "login": "jas502n", - "id": 16593068, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", - "html_url": "https:\/\/github.com\/jas502n" - }, - "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-2551", - "description": "Weblogic RCE with IIOP", - "fork": false, - "created_at": "2020-01-18T07:08:06Z", - "updated_at": "2020-08-27T17:38:14Z", - "pushed_at": "2020-01-18T07:14:34Z", - "stargazers_count": 75, - "watchers_count": 75, - "forks_count": 14, - "forks": 14, - "watchers": 75, - "score": 0 - }, { "id": 234901198, "name": "CVE-2020-2551", diff --git a/2020/CVE-2020-2555.json b/2020/CVE-2020-2555.json index 0cfc3e204b..a0283eecdb 100644 --- a/2020/CVE-2020-2555.json +++ b/2020/CVE-2020-2555.json @@ -109,8 +109,8 @@ "pushed_at": "2020-03-10T08:15:45Z", "stargazers_count": 8, "watchers_count": 8, - "forks_count": 7, - "forks": 7, + "forks_count": 8, + "forks": 8, "watchers": 8, "score": 0 } diff --git a/2020/CVE-2020-2655.json b/2020/CVE-2020-2655.json deleted file mode 100644 index e15c1ddb3f..0000000000 --- a/2020/CVE-2020-2655.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 233879183, - "name": "CVE-2020-2655-DemoServer", - "full_name": "RUB-NDS\/CVE-2020-2655-DemoServer", - "owner": { - "login": "RUB-NDS", - "id": 11559003, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11559003?v=4", - "html_url": "https:\/\/github.com\/RUB-NDS" - }, - "html_url": "https:\/\/github.com\/RUB-NDS\/CVE-2020-2655-DemoServer", - "description": null, - "fork": false, - "created_at": "2020-01-14T15:59:48Z", - "updated_at": "2020-03-20T23:04:07Z", - "pushed_at": "2020-01-20T10:45:47Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 1, - "forks": 1, - "watchers": 5, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-2883.json b/2020/CVE-2020-2883.json index 0fdbc70317..2de2becd65 100644 --- a/2020/CVE-2020-2883.json +++ b/2020/CVE-2020-2883.json @@ -82,13 +82,13 @@ "description": "WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell", "fork": false, "created_at": "2020-08-19T03:34:06Z", - "updated_at": "2020-08-31T07:59:04Z", + "updated_at": "2020-09-01T02:52:51Z", "pushed_at": "2020-08-25T03:17:32Z", - "stargazers_count": 91, - "watchers_count": 91, + "stargazers_count": 92, + "watchers_count": 92, "forks_count": 12, "forks": 12, - "watchers": 91, + "watchers": 92, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-3833.json b/2020/CVE-2020-3833.json deleted file mode 100644 index 6269c34a79..0000000000 --- a/2020/CVE-2020-3833.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 235952111, - "name": "Safari-Address-Bar-Spoof-CVE-2020-3833-", - "full_name": "c0d3G33k\/Safari-Address-Bar-Spoof-CVE-2020-3833-", - "owner": { - "login": "c0d3G33k", - "id": 16446505, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16446505?v=4", - "html_url": "https:\/\/github.com\/c0d3G33k" - }, - "html_url": "https:\/\/github.com\/c0d3G33k\/Safari-Address-Bar-Spoof-CVE-2020-3833-", - "description": null, - "fork": false, - "created_at": "2020-01-24T06:35:07Z", - "updated_at": "2020-03-21T18:41:33Z", - "pushed_at": "2020-01-24T06:49:16Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 1, - "forks": 1, - "watchers": 3, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5236.json b/2020/CVE-2020-5236.json deleted file mode 100644 index 70b8e2840c..0000000000 --- a/2020/CVE-2020-5236.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 238621679, - "name": "CVE-2020-5236", - "full_name": "motikan2010\/CVE-2020-5236", - "owner": { - "login": "motikan2010", - "id": 3177297, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3177297?v=4", - "html_url": "https:\/\/github.com\/motikan2010" - }, - "html_url": "https:\/\/github.com\/motikan2010\/CVE-2020-5236", - "description": "Waitress 1.4.2 ReDoS - CVE-2020-5236 (Blog Sample Code)", - "fork": false, - "created_at": "2020-02-06T06:21:02Z", - "updated_at": "2020-08-27T17:38:17Z", - "pushed_at": "2020-02-06T09:45:23Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 1, - "forks": 1, - "watchers": 2, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5398.json b/2020/CVE-2020-5398.json deleted file mode 100644 index a4b16efaf1..0000000000 --- a/2020/CVE-2020-5398.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 234478120, - "name": "CVE-2020-5398", - "full_name": "motikan2010\/CVE-2020-5398", - "owner": { - "login": "motikan2010", - "id": 3177297, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3177297?v=4", - "html_url": "https:\/\/github.com\/motikan2010" - }, - "html_url": "https:\/\/github.com\/motikan2010\/CVE-2020-5398", - "description": "💣 CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC", - "fork": false, - "created_at": "2020-01-17T05:35:01Z", - "updated_at": "2020-08-31T19:55:52Z", - "pushed_at": "2020-01-22T04:58:59Z", - "stargazers_count": 62, - "watchers_count": 62, - "forks_count": 18, - "forks": 18, - "watchers": 62, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5509.json b/2020/CVE-2020-5509.json deleted file mode 100644 index 3320b5a864..0000000000 --- a/2020/CVE-2020-5509.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 231982886, - "name": "CVE-2020-5509", - "full_name": "FULLSHADE\/CVE-2020-5509", - "owner": { - "login": "FULLSHADE", - "id": 54753063, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/54753063?v=4", - "html_url": "https:\/\/github.com\/FULLSHADE" - }, - "html_url": "https:\/\/github.com\/FULLSHADE\/CVE-2020-5509", - "description": "Car Rental Project v.1.0 Remote Code Execution", - "fork": false, - "created_at": "2020-01-05T22:13:24Z", - "updated_at": "2020-06-26T14:46:10Z", - "pushed_at": "2020-01-05T22:23:20Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index 80acb6a2cf..bd7d57156d 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -13,13 +13,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-08-31T19:52:48Z", + "updated_at": "2020-09-01T02:44:55Z", "pushed_at": "2020-08-03T04:37:30Z", - "stargazers_count": 1551, - "watchers_count": 1551, - "forks_count": 406, - "forks": 406, - "watchers": 1551, + "stargazers_count": 1554, + "watchers_count": 1554, + "forks_count": 408, + "forks": 408, + "watchers": 1554, "score": 0 }, { diff --git a/2020/CVE-2020-72381.json b/2020/CVE-2020-72381.json deleted file mode 100644 index b034a96443..0000000000 --- a/2020/CVE-2020-72381.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 236367767, - "name": "CVE-2020-72381", - "full_name": "jdordonezn\/CVE-2020-72381", - "owner": { - "login": "jdordonezn", - "id": 20976774, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20976774?v=4", - "html_url": "https:\/\/github.com\/jdordonezn" - }, - "html_url": "https:\/\/github.com\/jdordonezn\/CVE-2020-72381", - "description": null, - "fork": false, - "created_at": "2020-01-26T19:56:34Z", - "updated_at": "2020-01-26T19:56:34Z", - "pushed_at": "2020-01-26T19:56:35Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-7247.json b/2020/CVE-2020-7247.json deleted file mode 100644 index 1ead256ba9..0000000000 --- a/2020/CVE-2020-7247.json +++ /dev/null @@ -1,71 +0,0 @@ -[ - { - "id": 237289178, - "name": "cve-2020-7247-exploit", - "full_name": "FiroSolutions\/cve-2020-7247-exploit", - "owner": { - "login": "FiroSolutions", - "id": 43434507, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43434507?v=4", - "html_url": "https:\/\/github.com\/FiroSolutions" - }, - "html_url": "https:\/\/github.com\/FiroSolutions\/cve-2020-7247-exploit", - "description": "Python exploit of cve-2020-7247", - "fork": false, - "created_at": "2020-01-30T19:29:27Z", - "updated_at": "2020-08-26T07:05:11Z", - "pushed_at": "2020-02-19T10:55:15Z", - "stargazers_count": 18, - "watchers_count": 18, - "forks_count": 9, - "forks": 9, - "watchers": 18, - "score": 0 - }, - { - "id": 241011451, - "name": "cve-2020-7247", - "full_name": "superzerosec\/cve-2020-7247", - "owner": { - "login": "superzerosec", - "id": 57648217, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/57648217?v=4", - "html_url": "https:\/\/github.com\/superzerosec" - }, - "html_url": "https:\/\/github.com\/superzerosec\/cve-2020-7247", - "description": "OpenSMTPD version 6.6.2 remote code execution exploit", - "fork": false, - "created_at": "2020-02-17T03:28:09Z", - "updated_at": "2020-05-17T23:55:06Z", - "pushed_at": "2020-02-18T06:57:20Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 241337606, - "name": "CVE-2020-7247", - "full_name": "r0lh\/CVE-2020-7247", - "owner": { - "login": "r0lh", - "id": 51697374, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51697374?v=4", - "html_url": "https:\/\/github.com\/r0lh" - }, - "html_url": "https:\/\/github.com\/r0lh\/CVE-2020-7247", - "description": "Proof Of Concept Exploit for CVE-2020-7247 (Remote Execution on OpenSMTPD < 6.6.2", - "fork": false, - "created_at": "2020-02-18T10:52:38Z", - "updated_at": "2020-03-28T19:05:22Z", - "pushed_at": "2020-02-18T11:08:38Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-7471.json b/2020/CVE-2020-7471.json index d2ed664ef6..d555804bb1 100644 --- a/2020/CVE-2020-7471.json +++ b/2020/CVE-2020-7471.json @@ -1,27 +1,4 @@ [ - { - "id": 239774776, - "name": "CVE-2020-7471", - "full_name": "Saferman\/CVE-2020-7471", - "owner": { - "login": "Saferman", - "id": 17509858, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/17509858?v=4", - "html_url": "https:\/\/github.com\/Saferman" - }, - "html_url": "https:\/\/github.com\/Saferman\/CVE-2020-7471", - "description": "django 漏洞:CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 的漏洞环境和 POC", - "fork": false, - "created_at": "2020-02-11T13:57:14Z", - "updated_at": "2020-08-31T19:55:13Z", - "pushed_at": "2020-02-13T12:56:31Z", - "stargazers_count": 88, - "watchers_count": 88, - "forks_count": 18, - "forks": 18, - "watchers": 88, - "score": 0 - }, { "id": 240205875, "name": "DjVul_StringAgg", @@ -45,29 +22,6 @@ "watchers": 0, "score": 0 }, - { - "id": 242260909, - "name": "CVE-2020-7471", - "full_name": "SNCKER\/CVE-2020-7471", - "owner": { - "login": "SNCKER", - "id": 49559334, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/49559334?v=4", - "html_url": "https:\/\/github.com\/SNCKER" - }, - "html_url": "https:\/\/github.com\/SNCKER\/CVE-2020-7471", - "description": "CVE-2020-7471 Potential SQL injection via StringAgg(delimiter)", - "fork": false, - "created_at": "2020-02-22T01:32:40Z", - "updated_at": "2020-02-22T01:42:24Z", - "pushed_at": "2020-02-22T01:42:22Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 289502738, "name": "cve-2020-7471-Time_Blind_SQLi-", diff --git a/2020/CVE-2020-7799.json b/2020/CVE-2020-7799.json deleted file mode 100644 index 7f93da016c..0000000000 --- a/2020/CVE-2020-7799.json +++ /dev/null @@ -1,48 +0,0 @@ -[ - { - "id": 239452179, - "name": "cve-2020-7799", - "full_name": "Pikaqi\/cve-2020-7799", - "owner": { - "login": "Pikaqi", - "id": 29857108, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29857108?v=4", - "html_url": "https:\/\/github.com\/Pikaqi" - }, - "html_url": "https:\/\/github.com\/Pikaqi\/cve-2020-7799", - "description": "批量检测cve-2020-7799", - "fork": false, - "created_at": "2020-02-10T07:27:21Z", - "updated_at": "2020-02-10T08:08:44Z", - "pushed_at": "2020-02-10T08:08:42Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, - "score": 0 - }, - { - "id": 241617298, - "name": "CVE-2020-7799", - "full_name": "ianxtianxt\/CVE-2020-7799", - "owner": { - "login": "ianxtianxt", - "id": 45796484, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", - "html_url": "https:\/\/github.com\/ianxtianxt" - }, - "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2020-7799", - "description": null, - "fork": false, - "created_at": "2020-02-19T12:33:24Z", - "updated_at": "2020-07-03T03:51:28Z", - "pushed_at": "2020-02-19T12:33:57Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 1, - "forks": 1, - "watchers": 4, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-7980.json b/2020/CVE-2020-7980.json deleted file mode 100644 index e4dc65de29..0000000000 --- a/2020/CVE-2020-7980.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 236865005, - "name": "Satellian-CVE-2020-7980", - "full_name": "Xh4H\/Satellian-CVE-2020-7980", - "owner": { - "login": "Xh4H", - "id": 20613820, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20613820?v=4", - "html_url": "https:\/\/github.com\/Xh4H" - }, - "html_url": "https:\/\/github.com\/Xh4H\/Satellian-CVE-2020-7980", - "description": "PoC script that shows RCE vulnerability over Intellian Satellite controller", - "fork": false, - "created_at": "2020-01-28T23:27:20Z", - "updated_at": "2020-06-17T10:34:57Z", - "pushed_at": "2020-01-30T11:42:26Z", - "stargazers_count": 45, - "watchers_count": 45, - "forks_count": 8, - "forks": 8, - "watchers": 45, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8218.json b/2020/CVE-2020-8218.json index 01f7d2b931..ed6a779c91 100644 --- a/2020/CVE-2020-8218.json +++ b/2020/CVE-2020-8218.json @@ -13,13 +13,13 @@ "description": "Tool to test for existence of CVE-2020-8218", "fork": false, "created_at": "2020-08-29T16:40:35Z", - "updated_at": "2020-08-31T08:42:17Z", + "updated_at": "2020-09-01T02:31:05Z", "pushed_at": "2020-08-30T18:16:26Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 1, - "forks": 1, - "watchers": 5, + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 2, + "forks": 2, + "watchers": 6, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-8809.json b/2020/CVE-2020-8809.json deleted file mode 100644 index 884235b4ba..0000000000 --- a/2020/CVE-2020-8809.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 242745604, - "name": "gxdlmsdirector-cve", - "full_name": "seqred-s-a\/gxdlmsdirector-cve", - "owner": { - "login": "seqred-s-a", - "id": 49437606, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/49437606?v=4", - "html_url": "https:\/\/github.com\/seqred-s-a" - }, - "html_url": "https:\/\/github.com\/seqred-s-a\/gxdlmsdirector-cve", - "description": "CVE-2020-8809 and CVE-2020-8810", - "fork": false, - "created_at": "2020-02-24T13:38:35Z", - "updated_at": "2020-02-24T14:09:07Z", - "pushed_at": "2020-02-24T14:09:05Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8813.json b/2020/CVE-2020-8813.json deleted file mode 100644 index 55cff6f782..0000000000 --- a/2020/CVE-2020-8813.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 242373353, - "name": "CVE-2020-8813", - "full_name": "mhaskar\/CVE-2020-8813", - "owner": { - "login": "mhaskar", - "id": 6861215, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6861215?v=4", - "html_url": "https:\/\/github.com\/mhaskar" - }, - "html_url": "https:\/\/github.com\/mhaskar\/CVE-2020-8813", - "description": "The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813", - "fork": false, - "created_at": "2020-02-22T16:27:41Z", - "updated_at": "2020-08-29T14:05:25Z", - "pushed_at": "2020-02-22T16:33:31Z", - "stargazers_count": 64, - "watchers_count": 64, - "forks_count": 17, - "forks": 17, - "watchers": 64, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8840.json b/2020/CVE-2020-8840.json index 46cda32eb9..be21bba26e 100644 --- a/2020/CVE-2020-8840.json +++ b/2020/CVE-2020-8840.json @@ -1,27 +1,4 @@ [ - { - "id": 242176659, - "name": "CVE-2020-8840", - "full_name": "jas502n\/CVE-2020-8840", - "owner": { - "login": "jas502n", - "id": 16593068, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", - "html_url": "https:\/\/github.com\/jas502n" - }, - "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-8840", - "description": "FasterXML\/jackson-databind 远程代码执行漏洞", - "fork": false, - "created_at": "2020-02-21T15:58:25Z", - "updated_at": "2020-08-28T09:32:20Z", - "pushed_at": "2020-02-21T16:03:28Z", - "stargazers_count": 68, - "watchers_count": 68, - "forks_count": 16, - "forks": 16, - "watchers": 68, - "score": 0 - }, { "id": 242452403, "name": "FastJson1.2.62-RCE", @@ -45,29 +22,6 @@ "watchers": 12, "score": 0 }, - { - "id": 242675357, - "name": "CVE-2020-8840", - "full_name": "fairyming\/CVE-2020-8840", - "owner": { - "login": "fairyming", - "id": 44915879, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/44915879?v=4", - "html_url": "https:\/\/github.com\/fairyming" - }, - "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-8840", - "description": "CVE-2020-8840:FasterXML\/jackson-databind 远程代码执行漏洞", - "fork": false, - "created_at": "2020-02-24T07:43:12Z", - "updated_at": "2020-08-27T07:01:18Z", - "pushed_at": "2020-02-24T07:45:37Z", - "stargazers_count": 20, - "watchers_count": 20, - "forks_count": 5, - "forks": 5, - "watchers": 20, - "score": 0 - }, { "id": 242758333, "name": "CVE-2020-8840", diff --git a/README.md b/README.md index c65ab631d7..5245557505 100644 --- a/README.md +++ b/README.md @@ -88,35 +88,8 @@ Race condition in the Intel(R) Driver and Support Assistant before version 20.1. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. -- [nissan-sudo/CVE-2020-0601](https://github.com/nissan-sudo/CVE-2020-0601) -- [0xxon/cve-2020-0601](https://github.com/0xxon/cve-2020-0601) -- [SherlockSec/CVE-2020-0601](https://github.com/SherlockSec/CVE-2020-0601) -- [JPurrier/CVE-2020-0601](https://github.com/JPurrier/CVE-2020-0601) -- [0xxon/cve-2020-0601-plugin](https://github.com/0xxon/cve-2020-0601-plugin) -- [ollypwn/CurveBall](https://github.com/ollypwn/CurveBall) - [kudelskisecurity/chainoffools](https://github.com/kudelskisecurity/chainoffools) -- [RrUZi/Awesome-CVE-2020-0601](https://github.com/RrUZi/Awesome-CVE-2020-0601) -- [BleepSec/CVE-2020-0601](https://github.com/BleepSec/CVE-2020-0601) -- [apmunch/CVE-2020-0601](https://github.com/apmunch/CVE-2020-0601) -- [saleemrashid/badecparams](https://github.com/saleemrashid/badecparams) -- [0xxon/cve-2020-0601-utils](https://github.com/0xxon/cve-2020-0601-utils) -- [MarkusZehnle/CVE-2020-0601](https://github.com/MarkusZehnle/CVE-2020-0601) -- [YoannDqr/CVE-2020-0601](https://github.com/YoannDqr/CVE-2020-0601) -- [thimelp/cve-2020-0601-Perl](https://github.com/thimelp/cve-2020-0601-Perl) -- [dlee35/curveball_lua](https://github.com/dlee35/curveball_lua) -- [IIICTECH/-CVE-2020-0601-ECC---EXPLOIT](https://github.com/IIICTECH/-CVE-2020-0601-ECC---EXPLOIT) -- [Ash112121/CVE-2020-0601](https://github.com/Ash112121/CVE-2020-0601) -- [gentilkiwi/curveball](https://github.com/gentilkiwi/curveball) -- [Hans-MartinHannibalLauridsen/CurveBall](https://github.com/Hans-MartinHannibalLauridsen/CurveBall) -- [apodlosky/PoC_CurveBall](https://github.com/apodlosky/PoC_CurveBall) -- [ioncodes/Curveball](https://github.com/ioncodes/Curveball) -- [amlweems/gringotts](https://github.com/amlweems/gringotts) -- [aloswoya/CVE-2020-0601](https://github.com/aloswoya/CVE-2020-0601) -- [talbeerysec/CurveBallDetection](https://github.com/talbeerysec/CurveBallDetection) -- [david4599/CurveballCertTool](https://github.com/david4599/CurveballCertTool) -- [eastmountyxz/CVE-2020-0601-EXP](https://github.com/eastmountyxz/CVE-2020-0601-EXP) - [eastmountyxz/CVE-2018-20250-WinRAR](https://github.com/eastmountyxz/CVE-2018-20250-WinRAR) -- [gremwell/cve-2020-0601_poc](https://github.com/gremwell/cve-2020-0601_poc) - [bsides-rijeka/meetup-2-curveball](https://github.com/bsides-rijeka/meetup-2-curveball) - [NishantRanjantech/CVE-2020-0601-spoofkey](https://github.com/NishantRanjantech/CVE-2020-0601-spoofkey) - [ShayNehmad/twoplustwo](https://github.com/ShayNehmad/twoplustwo) @@ -128,10 +101,6 @@ A remote code execution vulnerability exists in Windows Remote Desktop Gateway ( - [2d4d/rdg_scanner_cve-2020-0609](https://github.com/2d4d/rdg_scanner_cve-2020-0609) -- [ollypwn/BlueGate](https://github.com/ollypwn/BlueGate) -- [MalwareTech/RDGScanner](https://github.com/MalwareTech/RDGScanner) -- [Bechsen/CVE-2020-0609](https://github.com/Bechsen/CVE-2020-0609) -- [ioncodes/BlueGate](https://github.com/ioncodes/BlueGate) ### CVE-2020-0618 @@ -139,7 +108,6 @@ A remote code execution vulnerability exists in Windows Remote Desktop Gateway ( A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. -- [euphrat1ca/CVE-2020-0618](https://github.com/euphrat1ca/CVE-2020-0618) - [wortell/cve-2020-0618](https://github.com/wortell/cve-2020-0618) ### CVE-2020-0624 @@ -156,8 +124,6 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672. -- [itm4n/SysTracingPoc](https://github.com/itm4n/SysTracingPoc) -- [RedCursorSecurityConsulting/CVE-2020-0668](https://github.com/RedCursorSecurityConsulting/CVE-2020-0668) - [Nan3r/CVE-2020-0668](https://github.com/Nan3r/CVE-2020-0668) ### CVE-2020-0674 @@ -166,24 +132,14 @@ An elevation of privilege vulnerability exists in the way that the Windows Kerne A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. -- [binaryfigments/CVE-2020-0674](https://github.com/binaryfigments/CVE-2020-0674) - [maxpl0it/CVE-2020-0674-Exploit](https://github.com/maxpl0it/CVE-2020-0674-Exploit) -### CVE-2020-0683 - - -An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686. - - -- [padovah4ck/CVE-2020-0683](https://github.com/padovah4ck/CVE-2020-0683) - ### CVE-2020-0688 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. -- [random-robbie/cve-2020-0688](https://github.com/random-robbie/cve-2020-0688) - [Jumbo-WJB/CVE-2020-0688](https://github.com/Jumbo-WJB/CVE-2020-0688) - [Ridter/cve-2020-0688](https://github.com/Ridter/cve-2020-0688) - [Yt1g3r/CVE-2020-0688_EXP](https://github.com/Yt1g3r/CVE-2020-0688_EXP) @@ -207,14 +163,6 @@ A remote code execution vulnerability exists when the Windows Imaging Library im - [asc0t6e/CVE-2020-0708](https://github.com/asc0t6e/CVE-2020-0708) -### CVE-2020-0728 - - -An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'. - - -- [irsl/CVE-2020-0728](https://github.com/irsl/CVE-2020-0728) - ### CVE-2020-0753 @@ -222,7 +170,6 @@ An elevation of privilege vulnerability exists in Windows Error Reporting (WER) - [afang5472/CVE-2020-0753-and-CVE-2020-0754](https://github.com/afang5472/CVE-2020-0753-and-CVE-2020-0754) -- [VikasVarshney/CVE-2020-0753-and-CVE-2020-0754](https://github.com/VikasVarshney/CVE-2020-0753-and-CVE-2020-0754) ### CVE-2020-0787 @@ -471,14 +418,6 @@ An information disclosure vulnerability exists when attaching files to Outlook m - [0neb1n/CVE-2020-1493](https://github.com/0neb1n/CVE-2020-1493) -### CVE-2020-1611 - - -A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1. - - -- [Ibonok/CVE-2020-1611](https://github.com/Ibonok/CVE-2020-1611) - ### CVE-2020-1764 @@ -493,21 +432,9 @@ A hard-coded cryptographic key vulnerability in the default configuration file w When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations. -- [0nise/CVE-2020-1938](https://github.com/0nise/CVE-2020-1938) - [xindongzhuaizhuai/CVE-2020-1938](https://github.com/xindongzhuaizhuai/CVE-2020-1938) -- [nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC](https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC) -- [bkfish/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner](https://github.com/bkfish/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner) -- [laolisafe/CVE-2020-1938](https://github.com/laolisafe/CVE-2020-1938) -- [DaemonShao/CVE-2020-1938](https://github.com/DaemonShao/CVE-2020-1938) -- [sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read](https://github.com/sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read) -- [fairyming/CVE-2020-1938](https://github.com/fairyming/CVE-2020-1938) - [dacade/CVE-2020-1938](https://github.com/dacade/CVE-2020-1938) -- [woaiqiukui/CVE-2020-1938TomcatAjpScanner](https://github.com/woaiqiukui/CVE-2020-1938TomcatAjpScanner) -- [fatal0/tomcat-cve-2020-1938-check](https://github.com/fatal0/tomcat-cve-2020-1938-check) -- [ze0r/GhostCat-LFI-exp](https://github.com/ze0r/GhostCat-LFI-exp) -- [delsadan/CNVD-2020-10487-Bulk-verification](https://github.com/delsadan/CNVD-2020-10487-Bulk-verification) - [00theway/Ghostcat-CNVD-2020-10487](https://github.com/00theway/Ghostcat-CNVD-2020-10487) -- [shaunmclernon/ghostcat-verification](https://github.com/shaunmclernon/ghostcat-verification) - [Zaziki1337/Ghostcat-CVE-2020-1938](https://github.com/Zaziki1337/Ghostcat-CVE-2020-1938) - [w4fz5uck5/CVE-2020-1938-Clean-Version](https://github.com/w4fz5uck5/CVE-2020-1938-Clean-Version) - [syncxx/CVE-2020-1938-Tool](https://github.com/syncxx/CVE-2020-1938-Tool) @@ -580,7 +507,6 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) -- [jas502n/CVE-2020-2551](https://github.com/jas502n/CVE-2020-2551) - [hktalent/CVE-2020-2551](https://github.com/hktalent/CVE-2020-2551) - [0nise/CVE-2020-2551](https://github.com/0nise/CVE-2020-2551) - [Y4er/CVE-2020-2551](https://github.com/Y4er/CVE-2020-2551) @@ -600,14 +526,6 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - [Y4er/CVE-2020-2555](https://github.com/Y4er/CVE-2020-2555) - [Maskhe/cve-2020-2555](https://github.com/Maskhe/cve-2020-2555) -### CVE-2020-2655 - - -Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). - - -- [RUB-NDS/CVE-2020-2655-DemoServer](https://github.com/RUB-NDS/CVE-2020-2655-DemoServer) - ### CVE-2020-2883 @@ -662,14 +580,6 @@ Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecur - [hessandrew/CVE-2020-3766_APSB20-12](https://github.com/hessandrew/CVE-2020-3766_APSB20-12) -### CVE-2020-3833 - - -An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing. - - -- [c0d3G33k/Safari-Address-Bar-Spoof-CVE-2020-3833-](https://github.com/c0d3G33k/Safari-Address-Bar-Spoof-CVE-2020-3833-) - ### CVE-2020-3952 @@ -706,14 +616,6 @@ IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External - [Ibonok/CVE-2020-4463](https://github.com/Ibonok/CVE-2020-4463) -### CVE-2020-5236 - - -Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like "Bad-header: xxxxxxxxxxxxxxx\x10" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible. - - -- [motikan2010/CVE-2020-5236](https://github.com/motikan2010/CVE-2020-5236) - ### CVE-2020-5250 @@ -748,14 +650,6 @@ In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulne - [GUI/legacy-rails-CVE-2020-5267-patch](https://github.com/GUI/legacy-rails-CVE-2020-5267-patch) -### CVE-2020-5398 - - -In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. - - -- [motikan2010/CVE-2020-5398](https://github.com/motikan2010/CVE-2020-5398) - ### CVE-2020-5410 @@ -765,14 +659,6 @@ Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1. - [dead5nd/config-demo](https://github.com/dead5nd/config-demo) - [osamahamad/CVE-2020-5410-POC](https://github.com/osamahamad/CVE-2020-5410-POC) -### CVE-2020-5509 - - -PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. - - -- [FULLSHADE/CVE-2020-5509](https://github.com/FULLSHADE/CVE-2020-5509) - ### CVE-2020-5837 @@ -928,16 +814,6 @@ A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An a - [lnxcrew/CVE-2020-7246](https://github.com/lnxcrew/CVE-2020-7246) -### CVE-2020-7247 - - -smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation. - - -- [FiroSolutions/cve-2020-7247-exploit](https://github.com/FiroSolutions/cve-2020-7247-exploit) -- [superzerosec/cve-2020-7247](https://github.com/superzerosec/cve-2020-7247) -- [r0lh/CVE-2020-7247](https://github.com/r0lh/CVE-2020-7247) - ### CVE-2020-7283 @@ -952,9 +828,7 @@ Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0. Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL. -- [Saferman/CVE-2020-7471](https://github.com/Saferman/CVE-2020-7471) - [secoba/DjVul_StringAgg](https://github.com/secoba/DjVul_StringAgg) -- [SNCKER/CVE-2020-7471](https://github.com/SNCKER/CVE-2020-7471) - [victomteng1997/cve-2020-7471-Time_Blind_SQLi-](https://github.com/victomteng1997/cve-2020-7471-Time_Blind_SQLi-) ### CVE-2020-7473 @@ -981,15 +855,6 @@ Incorrect handling of Upgrade header with the value websocket leads in crashing - [andsnw/sockjs-dos-py](https://github.com/andsnw/sockjs-dos-py) -### CVE-2020-7799 - - -An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -> Settings -> Email Templates) or themes (Home -> Settings -> Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates. - - -- [Pikaqi/cve-2020-7799](https://github.com/Pikaqi/cve-2020-7799) -- [ianxtianxt/CVE-2020-7799](https://github.com/ianxtianxt/CVE-2020-7799) - ### CVE-2020-7931 @@ -1008,14 +873,6 @@ Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows - [TheSysOwner/CVE-2020-7961-payloads](https://github.com/TheSysOwner/CVE-2020-7961-payloads) - [wcxxxxx/CVE-2020-7961](https://github.com/wcxxxxx/CVE-2020-7961) -### CVE-2020-7980 - - -Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed. - - -- [Xh4H/Satellian-CVE-2020-7980](https://github.com/Xh4H/Satellian-CVE-2020-7980) - ### CVE-2020-8004 @@ -1131,22 +988,6 @@ Using a specially-crafted message, an attacker may potentially cause a BIND serv - [knqyf263/CVE-2020-8617](https://github.com/knqyf263/CVE-2020-8617) - [rmkn/cve-2020-8617](https://github.com/rmkn/cve-2020-8617) -### CVE-2020-8809 - - -Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker can modify the contents of downloaded files. In the case of add-ins (if the user is using those), this will lead to code execution. In case of OBIS codes (which the user is always using as they are needed to communicate with the energy meters), this can lead to code execution when combined with CVE-2020-8810. - - -- [seqred-s-a/gxdlmsdirector-cve](https://github.com/seqred-s-a/gxdlmsdirector-cve) - -### CVE-2020-8813 - - -graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. - - -- [mhaskar/CVE-2020-8813](https://github.com/mhaskar/CVE-2020-8813) - ### CVE-2020-8816 @@ -1181,9 +1022,7 @@ In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) di FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. -- [jas502n/CVE-2020-8840](https://github.com/jas502n/CVE-2020-8840) - [Wfzsec/FastJson1.2.62-RCE](https://github.com/Wfzsec/FastJson1.2.62-RCE) -- [fairyming/CVE-2020-8840](https://github.com/fairyming/CVE-2020-8840) - [0nise/CVE-2020-8840](https://github.com/0nise/CVE-2020-8840) - [Blyth0He/CVE-2020-8840](https://github.com/Blyth0He/CVE-2020-8840) @@ -2010,9 +1849,6 @@ An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authentic ### CVE-2020-24765 - [trump88/CVE-2020-24765](https://github.com/trump88/CVE-2020-24765) -### CVE-2020-72381 -- [jdordonezn/CVE-2020-72381](https://github.com/jdordonezn/CVE-2020-72381) - ## 2019 ### CVE-2019-0053 @@ -3039,6 +2875,7 @@ Some field types do not properly sanitize data from non-form sources in Drupal 8 - [cved-sources/cve-2019-6340](https://github.com/cved-sources/cve-2019-6340) - [d1vious/cve-2019-6340-bits](https://github.com/d1vious/cve-2019-6340-bits) - [jas502n/CVE-2019-6340](https://github.com/jas502n/CVE-2019-6340) +- [ludy-dev/drupal8-REST-RCE](https://github.com/ludy-dev/drupal8-REST-RCE) ### CVE-2019-6440