From 9b9d71ab825271a11aff13ca73b8b9687244fc30 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Thu, 5 Dec 2024 21:32:55 +0900 Subject: [PATCH] Auto Update 2024/12/05 12:32:55 --- 2014/CVE-2014-4210.json | 8 ++++---- 2019/CVE-2019-16253.json | 8 ++++---- 2019/CVE-2019-17558.json | 2 +- 2020/CVE-2020-0688.json | 8 ++++---- 2020/CVE-2020-0796.json | 4 ++-- 2020/CVE-2020-14882.json | 2 +- 2021/CVE-2021-26855.json | 8 ++++---- 2021/CVE-2021-3156.json | 8 ++++---- 2021/CVE-2021-34473.json | 8 ++++---- 2021/CVE-2021-3493.json | 8 ++++---- 2021/CVE-2021-43798.json | 8 ++++---- 2021/CVE-2021-44228.json | 8 ++++---- 2022/CVE-2022-20421.json | 8 ++++---- 2022/CVE-2022-21999.json | 8 ++++---- 2022/CVE-2022-22965.json | 31 +++++++++++++++++++++++++++++++ 2022/CVE-2022-25845.json | 8 ++++---- 2022/CVE-2022-26318.json | 31 +++++++++++++++++++++++++++++++ 2022/CVE-2022-40494.json | 8 ++++---- 2022/CVE-2022-41082.json | 8 ++++---- 2022/CVE-2022-44268.json | 8 ++++---- 2023/CVE-2023-27524.json | 8 ++++---- 2023/CVE-2023-4220.json | 4 ++-- 2023/CVE-2023-50387.json | 4 ++-- 2024/CVE-2024-11320.json | 8 ++++---- 2024/CVE-2024-11680.json | 8 ++++---- 2024/CVE-2024-20404.json | 8 ++++---- 2024/CVE-2024-21413.json | 4 ++-- 2024/CVE-2024-23692.json | 8 ++++---- 2024/CVE-2024-31317.json | 8 ++++---- 2024/CVE-2024-36401.json | 8 ++++---- 2024/CVE-2024-37084.json | 4 ++-- 2024/CVE-2024-38077.json | 4 ++-- 2024/CVE-2024-39211.json | 8 ++++---- 2024/CVE-2024-41276.json | 8 ++++---- 2024/CVE-2024-41713.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-42327.json | 12 ++++++------ 2024/CVE-2024-4367.json | 12 ++++++------ 2024/CVE-2024-44083.json | 8 ++++---- 2024/CVE-2024-4577.json | 8 ++++---- 2024/CVE-2024-49039.json | 8 ++++---- 2024/CVE-2024-51378.json | 8 ++++---- 2024/CVE-2024-53375.json | 8 ++++---- 2024/CVE-2024-6387.json | 4 ++-- 2024/CVE-2024-8672.json | 8 ++++---- 2024/CVE-2024-9264.json | 8 ++++---- README.md | 9 +++++++++ 46 files changed, 256 insertions(+), 152 deletions(-) create mode 100644 2024/CVE-2024-41713.json diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index 9e1f959f43..2cf9257bb6 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -14,10 +14,10 @@ "description": "CVE-2014-4210+Redis未授权访问", "fork": false, "created_at": "2017-03-10T02:09:48Z", - "updated_at": "2023-08-03T04:42:54Z", + "updated_at": "2024-12-05T07:56:26Z", "pushed_at": "2017-03-10T08:35:42Z", - "stargazers_count": 97, - "watchers_count": 97, + "stargazers_count": 96, + "watchers_count": 96, "has_discussions": false, "forks_count": 37, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 37, - "watchers": 97, + "watchers": 96, "score": 0, "subscribers_count": 4 }, diff --git a/2019/CVE-2019-16253.json b/2019/CVE-2019-16253.json index 7d71d8393e..6e35f2a602 100644 --- a/2019/CVE-2019-16253.json +++ b/2019/CVE-2019-16253.json @@ -14,10 +14,10 @@ "description": "Exploit I discovered in October of 2022 with androids Package manager binary (pm) and the way it handled debugging flags, patched out by march 2023. Uses CVE-2019-16253 as a payload to obtain a system shell. ", "fork": false, "created_at": "2023-01-19T19:47:13Z", - "updated_at": "2024-11-26T18:44:49Z", + "updated_at": "2024-12-05T09:20:07Z", "pushed_at": "2024-03-20T19:12:39Z", - "stargazers_count": 78, - "watchers_count": 78, + "stargazers_count": 77, + "watchers_count": 77, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -33,7 +33,7 @@ ], "visibility": "public", "forks": 15, - "watchers": 78, + "watchers": 77, "score": 0, "subscribers_count": 11 } diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index 4622b82f19..805ecd0884 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -45,7 +45,7 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2024-12-04T10:18:27Z", + "updated_at": "2024-12-05T08:02:09Z", "pushed_at": "2021-04-04T09:13:57Z", "stargazers_count": 4135, "watchers_count": 4135, diff --git a/2020/CVE-2020-0688.json b/2020/CVE-2020-0688.json index ebe583ac39..5f4d5e22b2 100644 --- a/2020/CVE-2020-0688.json +++ b/2020/CVE-2020-0688.json @@ -460,10 +460,10 @@ "description": "cve-2020-0688 UNIVERSAL Python implementation utilizing ASPX webshell for command output", "fork": false, "created_at": "2020-06-12T08:28:35Z", - "updated_at": "2024-10-15T20:07:34Z", + "updated_at": "2024-12-05T08:12:16Z", "pushed_at": "2023-09-12T13:03:46Z", - "stargazers_count": 22, - "watchers_count": 22, + "stargazers_count": 23, + "watchers_count": 23, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -472,7 +472,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 22, + "watchers": 23, "score": 0, "subscribers_count": 2 }, diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 690005a238..4fc9af3b97 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -1044,7 +1044,7 @@ "stargazers_count": 1305, "watchers_count": 1305, "has_discussions": false, - "forks_count": 343, + "forks_count": 344, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -1056,7 +1056,7 @@ "smbghost" ], "visibility": "public", - "forks": 343, + "forks": 344, "watchers": 1305, "score": 0, "subscribers_count": 34 diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 3c62b62791..453a98d72c 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -14,7 +14,7 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2024-12-04T10:18:27Z", + "updated_at": "2024-12-05T08:02:09Z", "pushed_at": "2021-04-04T09:13:57Z", "stargazers_count": 4135, "watchers_count": 4135, diff --git a/2021/CVE-2021-26855.json b/2021/CVE-2021-26855.json index 8c249ad5be..7d1cc2385c 100644 --- a/2021/CVE-2021-26855.json +++ b/2021/CVE-2021-26855.json @@ -969,10 +969,10 @@ "description": "ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)", "fork": false, "created_at": "2021-03-17T03:56:54Z", - "updated_at": "2024-11-06T12:58:35Z", + "updated_at": "2024-12-05T09:32:02Z", "pushed_at": "2021-03-17T05:06:18Z", - "stargazers_count": 121, - "watchers_count": 121, + "stargazers_count": 122, + "watchers_count": 122, "has_discussions": false, "forks_count": 33, "allow_forking": true, @@ -992,7 +992,7 @@ ], "visibility": "public", "forks": 33, - "watchers": 121, + "watchers": 122, "score": 0, "subscribers_count": 2 }, diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index 9c64893ec5..4b5ba86f07 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -486,10 +486,10 @@ "description": null, "fork": false, "created_at": "2021-01-30T20:39:58Z", - "updated_at": "2024-12-02T21:25:45Z", + "updated_at": "2024-12-05T06:34:56Z", "pushed_at": "2021-02-02T17:07:09Z", - "stargazers_count": 962, - "watchers_count": 962, + "stargazers_count": 963, + "watchers_count": 963, "has_discussions": false, "forks_count": 237, "allow_forking": true, @@ -498,7 +498,7 @@ "topics": [], "visibility": "public", "forks": 237, - "watchers": 962, + "watchers": 963, "score": 0, "subscribers_count": 27 }, diff --git a/2021/CVE-2021-34473.json b/2021/CVE-2021-34473.json index 747efa86b6..15e8b2842b 100644 --- a/2021/CVE-2021-34473.json +++ b/2021/CVE-2021-34473.json @@ -107,10 +107,10 @@ "description": "Proof of Concept for CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207", "fork": false, "created_at": "2021-09-04T15:34:03Z", - "updated_at": "2024-11-05T06:34:19Z", + "updated_at": "2024-12-05T07:21:37Z", "pushed_at": "2023-08-25T22:42:24Z", - "stargazers_count": 109, - "watchers_count": 109, + "stargazers_count": 110, + "watchers_count": 110, "has_discussions": false, "forks_count": 36, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 36, - "watchers": 109, + "watchers": 110, "score": 0, "subscribers_count": 3 }, diff --git a/2021/CVE-2021-3493.json b/2021/CVE-2021-3493.json index 1c52aa5db0..e9587c0de2 100644 --- a/2021/CVE-2021-3493.json +++ b/2021/CVE-2021-3493.json @@ -14,10 +14,10 @@ "description": "Ubuntu OverlayFS Local Privesc", "fork": false, "created_at": "2021-04-19T20:07:01Z", - "updated_at": "2024-12-03T10:15:53Z", + "updated_at": "2024-12-05T07:36:15Z", "pushed_at": "2024-04-02T02:48:18Z", - "stargazers_count": 409, - "watchers_count": 409, + "stargazers_count": 410, + "watchers_count": 410, "has_discussions": false, "forks_count": 137, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 137, - "watchers": 409, + "watchers": 410, "score": 0, "subscribers_count": 4 }, diff --git a/2021/CVE-2021-43798.json b/2021/CVE-2021-43798.json index f5f71dcf36..3293d260ec 100644 --- a/2021/CVE-2021-43798.json +++ b/2021/CVE-2021-43798.json @@ -208,10 +208,10 @@ "description": "A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins \/ extract secret_key \/ decrypt data_source info automatic.", "fork": false, "created_at": "2021-12-07T15:11:34Z", - "updated_at": "2024-12-02T04:14:35Z", + "updated_at": "2024-12-05T06:39:52Z", "pushed_at": "2024-07-12T14:17:27Z", - "stargazers_count": 245, - "watchers_count": 245, + "stargazers_count": 246, + "watchers_count": 246, "has_discussions": false, "forks_count": 36, "allow_forking": true, @@ -224,7 +224,7 @@ ], "visibility": "public", "forks": 36, - "watchers": 245, + "watchers": 246, "score": 0, "subscribers_count": 6 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 4cf5a80f0f..57b7e37d4b 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -1307,10 +1307,10 @@ "description": "CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks", "fork": false, "created_at": "2021-12-11T07:19:11Z", - "updated_at": "2024-12-03T03:14:04Z", + "updated_at": "2024-12-05T11:11:26Z", "pushed_at": "2023-06-13T09:17:54Z", - "stargazers_count": 799, - "watchers_count": 799, + "stargazers_count": 800, + "watchers_count": 800, "has_discussions": false, "forks_count": 111, "allow_forking": true, @@ -1324,7 +1324,7 @@ ], "visibility": "public", "forks": 111, - "watchers": 799, + "watchers": 800, "score": 0, "subscribers_count": 11 }, diff --git a/2022/CVE-2022-20421.json b/2022/CVE-2022-20421.json index ad75674bed..e990385c5d 100644 --- a/2022/CVE-2022-20421.json +++ b/2022/CVE-2022-20421.json @@ -14,10 +14,10 @@ "description": "Bad Spin: Android Binder Privilege Escalation Exploit (CVE-2022-20421)", "fork": false, "created_at": "2023-03-23T10:25:59Z", - "updated_at": "2024-11-30T08:05:58Z", + "updated_at": "2024-12-05T10:40:19Z", "pushed_at": "2023-05-27T15:39:41Z", - "stargazers_count": 234, - "watchers_count": 234, + "stargazers_count": 235, + "watchers_count": 235, "has_discussions": false, "forks_count": 32, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 32, - "watchers": 234, + "watchers": 235, "score": 0, "subscribers_count": 7 } diff --git a/2022/CVE-2022-21999.json b/2022/CVE-2022-21999.json index ea74d99ade..6066596748 100644 --- a/2022/CVE-2022-21999.json +++ b/2022/CVE-2022-21999.json @@ -14,10 +14,10 @@ "description": "Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)", "fork": false, "created_at": "2022-02-08T17:25:44Z", - "updated_at": "2024-12-02T21:23:48Z", + "updated_at": "2024-12-05T08:13:49Z", "pushed_at": "2022-02-09T16:54:09Z", - "stargazers_count": 774, - "watchers_count": 774, + "stargazers_count": 775, + "watchers_count": 775, "has_discussions": false, "forks_count": 160, "allow_forking": true, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 160, - "watchers": 774, + "watchers": 775, "score": 0, "subscribers_count": 15 } diff --git a/2022/CVE-2022-22965.json b/2022/CVE-2022-22965.json index 2901350d5e..9bd157a3e2 100644 --- a/2022/CVE-2022-22965.json +++ b/2022/CVE-2022-22965.json @@ -2450,6 +2450,37 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 882127199, + "name": "Block-Spring4Shell", + "full_name": "BlackBird63030\/Block-Spring4Shell", + "owner": { + "login": "BlackBird63030", + "id": 141164867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141164867?v=4", + "html_url": "https:\/\/github.com\/BlackBird63030", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BlackBird63030\/Block-Spring4Shell", + "description": "POC firewall with rules designed to detect and block Spring4Shell vulnerability (CVE-2022-22965) exploit", + "fork": false, + "created_at": "2024-11-02T00:26:02Z", + "updated_at": "2024-12-05T09:18:06Z", + "pushed_at": "2024-12-05T09:18:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, { "id": 883824974, "name": "Expoitation-de-la-vuln-rabilit-CVE-2022-22965", diff --git a/2022/CVE-2022-25845.json b/2022/CVE-2022-25845.json index 87046dad12..4c44b6e268 100644 --- a/2022/CVE-2022-25845.json +++ b/2022/CVE-2022-25845.json @@ -107,10 +107,10 @@ "description": "CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!", "fork": false, "created_at": "2024-11-07T13:06:44Z", - "updated_at": "2024-12-03T02:38:25Z", + "updated_at": "2024-12-05T09:34:08Z", "pushed_at": "2024-11-07T13:38:18Z", - "stargazers_count": 72, - "watchers_count": 72, + "stargazers_count": 73, + "watchers_count": 73, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 72, + "watchers": 73, "score": 0, "subscribers_count": 3 }, diff --git a/2022/CVE-2022-26318.json b/2022/CVE-2022-26318.json index ac9b17cfa6..fdef20f500 100644 --- a/2022/CVE-2022-26318.json +++ b/2022/CVE-2022-26318.json @@ -91,5 +91,36 @@ "watchers": 2, "score": 0, "subscribers_count": 1 + }, + { + "id": 898928788, + "name": "Watchguard-RCE-POC-CVE-2022-26318", + "full_name": "egilas\/Watchguard-RCE-POC-CVE-2022-26318", + "owner": { + "login": "egilas", + "id": 14824771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14824771?v=4", + "html_url": "https:\/\/github.com\/egilas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/egilas\/Watchguard-RCE-POC-CVE-2022-26318", + "description": "PoC for Watchguard CVE-2022-26318 updated to Python3.12", + "fork": false, + "created_at": "2024-12-05T09:56:57Z", + "updated_at": "2024-12-05T10:00:34Z", + "pushed_at": "2024-12-05T10:00:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-40494.json b/2022/CVE-2022-40494.json index 1d3a9a7cbc..efb079e754 100644 --- a/2022/CVE-2022-40494.json +++ b/2022/CVE-2022-40494.json @@ -14,10 +14,10 @@ "description": "nps认证绕过利用工具,CVE-2022-40494,使用此工具可在浏览器访问web控制端后台页面,或者批量获取socks5和http代理", "fork": false, "created_at": "2022-08-04T08:22:41Z", - "updated_at": "2024-11-02T09:54:15Z", + "updated_at": "2024-12-05T07:52:45Z", "pushed_at": "2022-08-19T09:04:09Z", - "stargazers_count": 300, - "watchers_count": 300, + "stargazers_count": 301, + "watchers_count": 301, "has_discussions": false, "forks_count": 39, "allow_forking": true, @@ -34,7 +34,7 @@ ], "visibility": "public", "forks": 39, - "watchers": 300, + "watchers": 301, "score": 0, "subscribers_count": 6 } diff --git a/2022/CVE-2022-41082.json b/2022/CVE-2022-41082.json index e65ddf3c92..5d6b16bb6f 100644 --- a/2022/CVE-2022-41082.json +++ b/2022/CVE-2022-41082.json @@ -107,10 +107,10 @@ "description": "PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers", "fork": false, "created_at": "2022-12-22T09:35:26Z", - "updated_at": "2024-10-02T04:18:20Z", + "updated_at": "2024-12-05T06:38:48Z", "pushed_at": "2023-01-10T08:09:36Z", - "stargazers_count": 91, - "watchers_count": 91, + "stargazers_count": 92, + "watchers_count": 92, "has_discussions": false, "forks_count": 33, "allow_forking": true, @@ -127,7 +127,7 @@ ], "visibility": "public", "forks": 33, - "watchers": 91, + "watchers": 92, "score": 0, "subscribers_count": 1 }, diff --git a/2022/CVE-2022-44268.json b/2022/CVE-2022-44268.json index e3e076939e..66f05de009 100644 --- a/2022/CVE-2022-44268.json +++ b/2022/CVE-2022-44268.json @@ -203,10 +203,10 @@ "description": "A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read", "fork": false, "created_at": "2023-02-05T18:42:27Z", - "updated_at": "2024-11-08T18:57:59Z", + "updated_at": "2024-12-05T09:17:47Z", "pushed_at": "2023-02-05T19:35:03Z", - "stargazers_count": 215, - "watchers_count": 215, + "stargazers_count": 216, + "watchers_count": 216, "has_discussions": false, "forks_count": 25, "allow_forking": true, @@ -215,7 +215,7 @@ "topics": [], "visibility": "public", "forks": 25, - "watchers": 215, + "watchers": 216, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-27524.json b/2023/CVE-2023-27524.json index a59bb66356..1ede39ae61 100644 --- a/2023/CVE-2023-27524.json +++ b/2023/CVE-2023-27524.json @@ -14,10 +14,10 @@ "description": "Basic PoC for CVE-2023-27524: Insecure Default Configuration in Apache Superset", "fork": false, "created_at": "2023-04-25T04:59:05Z", - "updated_at": "2024-10-15T20:34:53Z", + "updated_at": "2024-12-05T12:03:27Z", "pushed_at": "2023-09-09T01:20:49Z", - "stargazers_count": 104, - "watchers_count": 104, + "stargazers_count": 105, + "watchers_count": 105, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 29, - "watchers": 104, + "watchers": 105, "score": 0, "subscribers_count": 6 }, diff --git a/2023/CVE-2023-4220.json b/2023/CVE-2023-4220.json index 601cb62530..96a0e0c0a6 100644 --- a/2023/CVE-2023-4220.json +++ b/2023/CVE-2023-4220.json @@ -671,8 +671,8 @@ "description": "Remote command execution exploit made for redteamers.", "fork": false, "created_at": "2024-12-04T22:16:12Z", - "updated_at": "2024-12-05T00:00:21Z", - "pushed_at": "2024-12-05T00:00:17Z", + "updated_at": "2024-12-05T08:48:28Z", + "pushed_at": "2024-12-05T08:48:24Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2023/CVE-2023-50387.json b/2023/CVE-2023-50387.json index 5841076c7e..71f4ec1e6f 100644 --- a/2023/CVE-2023-50387.json +++ b/2023/CVE-2023-50387.json @@ -76,8 +76,8 @@ "description": null, "fork": false, "created_at": "2024-12-04T11:27:11Z", - "updated_at": "2024-12-04T11:30:55Z", - "pushed_at": "2024-12-04T11:30:51Z", + "updated_at": "2024-12-05T10:54:33Z", + "pushed_at": "2024-12-05T10:54:29Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2024/CVE-2024-11320.json b/2024/CVE-2024-11320.json index 7146b46036..9dec21b98d 100644 --- a/2024/CVE-2024-11320.json +++ b/2024/CVE-2024-11320.json @@ -14,10 +14,10 @@ "description": "Exploit for Pandora FMS Remote Code Execution CVE-2024-11320", "fork": false, "created_at": "2024-12-01T12:39:49Z", - "updated_at": "2024-12-04T10:11:02Z", + "updated_at": "2024-12-05T12:14:00Z", "pushed_at": "2024-12-01T12:48:08Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 6, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-11680.json b/2024/CVE-2024-11680.json index 7ea2c68ffe..6a40e4471a 100644 --- a/2024/CVE-2024-11680.json +++ b/2024/CVE-2024-11680.json @@ -14,10 +14,10 @@ "description": "This repository contains a Proof of Concept (PoC) exploit for CVE-2024-11680, a critical vulnerability in ProjectSend r1605 and older versions. The exploit targets a Cross-Site Request Forgery (CSRF) flaw in combination with Privilege Misconfiguration issues.", "fork": false, "created_at": "2024-12-04T18:42:43Z", - "updated_at": "2024-12-05T02:18:59Z", + "updated_at": "2024-12-05T10:13:09Z", "pushed_at": "2024-12-04T19:25:34Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 3, + "watchers": 7, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-20404.json b/2024/CVE-2024-20404.json index cd5bfc17d4..10207436f7 100644 --- a/2024/CVE-2024-20404.json +++ b/2024/CVE-2024-20404.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-06-09T18:50:59Z", - "updated_at": "2024-10-07T10:30:00Z", + "updated_at": "2024-12-05T09:44:44Z", "pushed_at": "2024-06-09T18:51:57Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-21413.json b/2024/CVE-2024-21413.json index e85aa282bd..4f7a5dfeb7 100644 --- a/2024/CVE-2024-21413.json +++ b/2024/CVE-2024-21413.json @@ -479,8 +479,8 @@ "description": null, "fork": false, "created_at": "2024-12-04T10:26:37Z", - "updated_at": "2024-12-04T11:29:53Z", - "pushed_at": "2024-12-04T11:18:13Z", + "updated_at": "2024-12-05T09:51:00Z", + "pushed_at": "2024-12-05T09:50:57Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, diff --git a/2024/CVE-2024-23692.json b/2024/CVE-2024-23692.json index 6900f23bf7..891f5892ee 100644 --- a/2024/CVE-2024-23692.json +++ b/2024/CVE-2024-23692.json @@ -293,10 +293,10 @@ "description": "POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692 ", "fork": false, "created_at": "2024-09-15T12:15:35Z", - "updated_at": "2024-11-28T18:12:33Z", + "updated_at": "2024-12-05T09:44:16Z", "pushed_at": "2024-11-26T14:45:12Z", - "stargazers_count": 34, - "watchers_count": 34, + "stargazers_count": 35, + "watchers_count": 35, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -310,7 +310,7 @@ ], "visibility": "public", "forks": 15, - "watchers": 34, + "watchers": 35, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-31317.json b/2024/CVE-2024-31317.json index 2bd9bb918b..de7b36ad1c 100644 --- a/2024/CVE-2024-31317.json +++ b/2024/CVE-2024-31317.json @@ -14,10 +14,10 @@ "description": "CVE-2024-31317", "fork": false, "created_at": "2024-12-05T01:36:59Z", - "updated_at": "2024-12-05T04:36:46Z", + "updated_at": "2024-12-05T12:13:55Z", "pushed_at": "2024-12-05T01:52:45Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 5, + "watchers": 8, "score": 0, "subscribers_count": 0 } diff --git a/2024/CVE-2024-36401.json b/2024/CVE-2024-36401.json index eb4ea5ba7a..94cede0e2e 100644 --- a/2024/CVE-2024-36401.json +++ b/2024/CVE-2024-36401.json @@ -176,10 +176,10 @@ "description": "geoserver CVE-2024-36401漏洞利用工具", "fork": false, "created_at": "2024-07-17T02:25:21Z", - "updated_at": "2024-11-27T06:22:42Z", + "updated_at": "2024-12-05T10:34:21Z", "pushed_at": "2024-07-24T15:33:03Z", - "stargazers_count": 12, - "watchers_count": 12, + "stargazers_count": 13, + "watchers_count": 13, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -188,7 +188,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 12, + "watchers": 13, "score": 0, "subscribers_count": 0 }, diff --git a/2024/CVE-2024-37084.json b/2024/CVE-2024-37084.json index 44e7318023..d3fb1170d3 100644 --- a/2024/CVE-2024-37084.json +++ b/2024/CVE-2024-37084.json @@ -19,13 +19,13 @@ "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, + "forks": 2, "watchers": 2, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-38077.json b/2024/CVE-2024-38077.json index 36c402d936..47e4c281b0 100644 --- a/2024/CVE-2024-38077.json +++ b/2024/CVE-2024-38077.json @@ -19,13 +19,13 @@ "stargazers_count": 6, "watchers_count": 6, "has_discussions": false, - "forks_count": 224, + "forks_count": 223, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 224, + "forks": 223, "watchers": 6, "score": 0, "subscribers_count": 0 diff --git a/2024/CVE-2024-39211.json b/2024/CVE-2024-39211.json index 182ba20c84..efa31f1739 100644 --- a/2024/CVE-2024-39211.json +++ b/2024/CVE-2024-39211.json @@ -14,10 +14,10 @@ "description": "CVE-2024-39211", "fork": false, "created_at": "2024-07-04T09:24:34Z", - "updated_at": "2024-11-20T16:30:53Z", + "updated_at": "2024-12-05T10:52:00Z", "pushed_at": "2024-07-08T13:00:44Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 6, + "watchers_count": 6, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 5, + "watchers": 6, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-41276.json b/2024/CVE-2024-41276.json index be6b880a0d..7f762bf720 100644 --- a/2024/CVE-2024-41276.json +++ b/2024/CVE-2024-41276.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-07-08T10:21:34Z", - "updated_at": "2024-10-14T08:29:06Z", + "updated_at": "2024-12-05T10:52:07Z", "pushed_at": "2024-07-31T19:24:38Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-41713.json b/2024/CVE-2024-41713.json new file mode 100644 index 0000000000..bc70aa9efb --- /dev/null +++ b/2024/CVE-2024-41713.json @@ -0,0 +1,33 @@ +[ + { + "id": 898839903, + "name": "Mitel-MiCollab-Auth-Bypass_CVE-2024-41713", + "full_name": "watchtowrlabs\/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713", + "description": null, + "fork": false, + "created_at": "2024-12-05T06:13:57Z", + "updated_at": "2024-12-05T11:40:55Z", + "pushed_at": "2024-12-05T07:55:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42327.json b/2024/CVE-2024-42327.json index 914b15df07..6613855d20 100644 --- a/2024/CVE-2024-42327.json +++ b/2024/CVE-2024-42327.json @@ -45,19 +45,19 @@ "description": "PoC for CVE-2024-42327 \/ ZBX-25623", "fork": false, "created_at": "2024-12-03T12:44:07Z", - "updated_at": "2024-12-05T04:48:20Z", + "updated_at": "2024-12-05T12:13:17Z", "pushed_at": "2024-12-03T12:56:52Z", - "stargazers_count": 12, - "watchers_count": 12, + "stargazers_count": 14, + "watchers_count": 14, "has_discussions": false, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 2, - "watchers": 12, + "forks": 3, + "watchers": 14, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-4367.json b/2024/CVE-2024-4367.json index 0b39a003c0..41de9fefc7 100644 --- a/2024/CVE-2024-4367.json +++ b/2024/CVE-2024-4367.json @@ -14,19 +14,19 @@ "description": "CVE-2024-4367 & CVE-2024-34342 Proof of Concept", "fork": false, "created_at": "2024-05-20T10:02:23Z", - "updated_at": "2024-12-03T09:56:22Z", + "updated_at": "2024-12-05T08:06:40Z", "pushed_at": "2024-06-07T03:28:00Z", - "stargazers_count": 138, - "watchers_count": 138, + "stargazers_count": 139, + "watchers_count": 139, "has_discussions": false, - "forks_count": 19, + "forks_count": 20, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 19, - "watchers": 138, + "forks": 20, + "watchers": 139, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-44083.json b/2024/CVE-2024-44083.json index 581b5cb774..7c2ce7e044 100644 --- a/2024/CVE-2024-44083.json +++ b/2024/CVE-2024-44083.json @@ -14,10 +14,10 @@ "description": "Makes IDA (most versions) to crash upon opening it. ", "fork": false, "created_at": "2024-08-25T12:33:14Z", - "updated_at": "2024-12-01T16:41:12Z", + "updated_at": "2024-12-05T11:44:31Z", "pushed_at": "2024-08-30T09:58:12Z", - "stargazers_count": 69, - "watchers_count": 69, + "stargazers_count": 70, + "watchers_count": 70, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 69, + "watchers": 70, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-4577.json b/2024/CVE-2024-4577.json index b7ece98f73..64221df04b 100644 --- a/2024/CVE-2024-4577.json +++ b/2024/CVE-2024-4577.json @@ -548,10 +548,10 @@ "description": "[漏洞复现] 全球首款利用PHP默认环境(XAMPP)的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP。", "fork": false, "created_at": "2024-06-08T13:04:45Z", - "updated_at": "2024-12-02T03:14:20Z", + "updated_at": "2024-12-05T09:00:28Z", "pushed_at": "2024-07-21T20:27:03Z", - "stargazers_count": 121, - "watchers_count": 121, + "stargazers_count": 122, + "watchers_count": 122, "has_discussions": false, "forks_count": 31, "allow_forking": true, @@ -560,7 +560,7 @@ "topics": [], "visibility": "public", "forks": 31, - "watchers": 121, + "watchers": 122, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-49039.json b/2024/CVE-2024-49039.json index 87379fc23f..1c7ad5432d 100644 --- a/2024/CVE-2024-49039.json +++ b/2024/CVE-2024-49039.json @@ -14,10 +14,10 @@ "description": "WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler", "fork": false, "created_at": "2024-11-19T08:57:18Z", - "updated_at": "2024-12-05T06:03:56Z", + "updated_at": "2024-12-05T12:13:30Z", "pushed_at": "2024-11-19T09:15:26Z", - "stargazers_count": 60, - "watchers_count": 60, + "stargazers_count": 62, + "watchers_count": 62, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 15, - "watchers": 60, + "watchers": 62, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-51378.json b/2024/CVE-2024-51378.json index b9b23ffcd8..fa38634bc2 100644 --- a/2024/CVE-2024-51378.json +++ b/2024/CVE-2024-51378.json @@ -14,10 +14,10 @@ "description": "Exploit for CyberPanel Pre-Auth RCE via Command Injection", "fork": false, "created_at": "2024-10-29T23:34:27Z", - "updated_at": "2024-11-24T15:36:46Z", + "updated_at": "2024-12-05T10:12:09Z", "pushed_at": "2024-11-01T10:12:49Z", - "stargazers_count": 8, - "watchers_count": 8, + "stargazers_count": 11, + "watchers_count": 11, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 8, + "watchers": 11, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-53375.json b/2024/CVE-2024-53375.json index 6e7322b5bc..02ee5375cb 100644 --- a/2024/CVE-2024-53375.json +++ b/2024/CVE-2024-53375.json @@ -14,10 +14,10 @@ "description": "TP-Link Archer AXE75 Authenticated Command Injection", "fork": false, "created_at": "2024-10-04T12:49:19Z", - "updated_at": "2024-12-04T16:57:38Z", + "updated_at": "2024-12-05T06:35:12Z", "pushed_at": "2024-11-23T00:33:39Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index c9d92fc331..fe5062579d 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -19,13 +19,13 @@ "stargazers_count": 465, "watchers_count": 465, "has_discussions": false, - "forks_count": 182, + "forks_count": 181, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 182, + "forks": 181, "watchers": 465, "score": 0, "subscribers_count": 5 diff --git a/2024/CVE-2024-8672.json b/2024/CVE-2024-8672.json index c3d3e4006f..3bc525137e 100644 --- a/2024/CVE-2024-8672.json +++ b/2024/CVE-2024-8672.json @@ -14,10 +14,10 @@ "description": "Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution", "fork": false, "created_at": "2024-12-02T19:59:31Z", - "updated_at": "2024-12-05T03:27:05Z", + "updated_at": "2024-12-05T10:09:53Z", "pushed_at": "2024-12-02T20:00:09Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 7, + "watchers": 8, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-9264.json b/2024/CVE-2024-9264.json index 09718aeccc..24bf83a186 100644 --- a/2024/CVE-2024-9264.json +++ b/2024/CVE-2024-9264.json @@ -14,10 +14,10 @@ "description": "Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)", "fork": false, "created_at": "2024-10-19T13:50:52Z", - "updated_at": "2024-12-04T22:45:28Z", + "updated_at": "2024-12-05T11:14:04Z", "pushed_at": "2024-11-21T17:43:56Z", - "stargazers_count": 84, - "watchers_count": 84, + "stargazers_count": 86, + "watchers_count": 86, "has_discussions": false, "forks_count": 17, "allow_forking": true, @@ -38,7 +38,7 @@ ], "visibility": "public", "forks": 17, - "watchers": 84, + "watchers": 86, "score": 0, "subscribers_count": 1 }, diff --git a/README.md b/README.md index 755fc43b83..d9c48219b6 100644 --- a/README.md +++ b/README.md @@ -6025,6 +6025,13 @@ - [sh3bu/CVE-2024-41662](https://github.com/sh3bu/CVE-2024-41662) +### CVE-2024-41713 (2024-10-21) + +A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations. + + +- [watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713](https://github.com/watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713) + ### CVE-2024-41958 (2024-08-05) mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated attacker to bypass the 2FA protection, enabling unauthorized access to other accounts that are otherwise secured with 2FA. To exploit this vulnerability, the attacker must first have access to an account within the system and possess the credentials of the target account that has 2FA enabled. By leveraging these credentials, the attacker can circumvent the 2FA process and gain access to the protected account. This issue has been addressed in the `2024-07` release. All users are advised to upgrade. There are no known workarounds for this vulnerability. @@ -17690,6 +17697,7 @@ - [sohamsharma966/Spring4Shell-CVE-2022-22965](https://github.com/sohamsharma966/Spring4Shell-CVE-2022-22965) - [LucasPDiniz/CVE-2022-22965](https://github.com/LucasPDiniz/CVE-2022-22965) - [xsxtw/SpringFramework_CVE-2022-22965_RCE](https://github.com/xsxtw/SpringFramework_CVE-2022-22965_RCE) +- [BlackBird63030/Block-Spring4Shell](https://github.com/BlackBird63030/Block-Spring4Shell) - [guigui237/Expoitation-de-la-vuln-rabilit-CVE-2022-22965](https://github.com/guigui237/Expoitation-de-la-vuln-rabilit-CVE-2022-22965) ### CVE-2022-22966 (2022-04-14) @@ -18706,6 +18714,7 @@ - [misterxid/watchguard_cve-2022-26318](https://github.com/misterxid/watchguard_cve-2022-26318) - [h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318](https://github.com/h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318) - [BabyTeam1024/CVE-2022-26318](https://github.com/BabyTeam1024/CVE-2022-26318) +- [egilas/Watchguard-RCE-POC-CVE-2022-26318](https://github.com/egilas/Watchguard-RCE-POC-CVE-2022-26318) ### CVE-2022-26377 (2022-06-08)