mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-28 18:44:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/07/03 12:29:27

Browse source
This commit is contained in:
motikan2010-bot 2024-07-03 21:29:27 +09:00
parent 7749491aa9
commit 9c39c70db1
46 changed files with 865 additions and 231 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
2011/CVE-2011-2523.json
View file

@ -501,5 +501,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 823495260,
"name": "CVE-Research",
"full_name": "AnugiArrawwala\/CVE-Research",
"owner": {
"login": "AnugiArrawwala",
"id": 141626082,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141626082?v=4",
"html_url": "https:\/\/github.com\/AnugiArrawwala"
},
"html_url": "https:\/\/github.com\/AnugiArrawwala\/CVE-Research",
"description": "CVE-2017-0144 (Eternal Blue) | CVE-2023-3881 | CVE-2011-2523",
"fork": false,
"created_at": "2024-07-03T06:30:54Z",
"updated_at": "2024-07-03T06:52:39Z",
"pushed_at": "2024-07-03T06:52:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2014/CVE-2014-4210.json
View file

@ -43,10 +43,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-07-02T13:20:29Z",
"updated_at": "2024-07-03T08:44:42Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1949,
"watchers_count": 1949,
"stargazers_count": 1950,
"watchers_count": 1950,
"has_discussions": true,
"forks_count": 335,
"allow_forking": true,
@ -76,7 +76,7 @@
],
"visibility": "public",
"forks": 335,
"watchers": 1949,
"watchers": 1950,
"score": 0,
"subscribers_count": 35
},

8
2016/CVE-2016-0638.json
View file

@ -13,10 +13,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-07-02T13:20:29Z",
"updated_at": "2024-07-03T08:44:42Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1949,
"watchers_count": 1949,
"stargazers_count": 1950,
"watchers_count": 1950,
"has_discussions": true,
"forks_count": 335,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 335,
"watchers": 1949,
"watchers": 1950,
"score": 0,
"subscribers_count": 35
},

30
2017/CVE-2017-0144.json
View file

@ -148,5 +148,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 823495260,
"name": "CVE-Research",
"full_name": "AnugiArrawwala\/CVE-Research",
"owner": {
"login": "AnugiArrawwala",
"id": 141626082,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141626082?v=4",
"html_url": "https:\/\/github.com\/AnugiArrawwala"
},
"html_url": "https:\/\/github.com\/AnugiArrawwala\/CVE-Research",
"description": "CVE-2017-0144 (Eternal Blue) | CVE-2023-3881 | CVE-2011-2523",
"fork": false,
"created_at": "2024-07-03T06:30:54Z",
"updated_at": "2024-07-03T06:52:39Z",
"pushed_at": "2024-07-03T06:52:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2017/CVE-2017-3248.json
View file

@ -43,10 +43,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-07-02T13:20:29Z",
"updated_at": "2024-07-03T08:44:42Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1949,
"watchers_count": 1949,
"stargazers_count": 1950,
"watchers_count": 1950,
"has_discussions": true,
"forks_count": 335,
"allow_forking": true,
@ -76,7 +76,7 @@
],
"visibility": "public",
"forks": 335,
"watchers": 1949,
"watchers": 1950,
"score": 0,
"subscribers_count": 35
},

8
2017/CVE-2017-7525.json
View file

@ -77,10 +77,10 @@
"description": "Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.",
"fork": false,
"created_at": "2019-01-22T14:19:54Z",
"updated_at": "2023-09-27T07:07:46Z",
"updated_at": "2024-07-03T08:07:54Z",
"pushed_at": "2019-02-21T13:18:24Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -89,7 +89,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 16,
"watchers": 17,
"score": 0,
"subscribers_count": 3
},

8
2018/CVE-2018-2628.json
View file

@ -557,10 +557,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-07-02T13:20:29Z",
"updated_at": "2024-07-03T08:44:42Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1949,
"watchers_count": 1949,
"stargazers_count": 1950,
"watchers_count": 1950,
"has_discussions": true,
"forks_count": 335,
"allow_forking": true,
@ -590,7 +590,7 @@
],
"visibility": "public",
"forks": 335,
"watchers": 1949,
"watchers": 1950,
"score": 0,
"subscribers_count": 35
},

12
2019/CVE-2019-0708.json
View file

@ -3017,19 +3017,19 @@
"description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell",
"fork": false,
"created_at": "2020-01-21T02:22:29Z",
"updated_at": "2024-07-01T14:26:35Z",
"updated_at": "2024-07-03T07:30:07Z",
"pushed_at": "2020-01-21T03:15:41Z",
"stargazers_count": 323,
"watchers_count": 323,
"stargazers_count": 324,
"watchers_count": 324,
"has_discussions": false,
"forks_count": 69,
"forks_count": 70,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 69,
"watchers": 323,
"forks": 70,
"watchers": 324,
"score": 0,
"subscribers_count": 6
},

4
2019/CVE-2019-17558.json
View file

@ -48,7 +48,7 @@
"stargazers_count": 4056,
"watchers_count": 4056,
"has_discussions": false,
"forks_count": 1084,
"forks_count": 1085,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -74,7 +74,7 @@
"webshell"
],
"visibility": "public",
"forks": 1084,
"forks": 1085,
"watchers": 4056,
"score": 0,
"subscribers_count": 151

8
2019/CVE-2019-2618.json
View file

@ -193,10 +193,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-07-02T13:20:29Z",
"updated_at": "2024-07-03T08:44:42Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1949,
"watchers_count": 1949,
"stargazers_count": 1950,
"watchers_count": 1950,
"has_discussions": true,
"forks_count": 335,
"allow_forking": true,
@ -226,7 +226,7 @@
],
"visibility": "public",
"forks": 335,
"watchers": 1949,
"watchers": 1950,
"score": 0,
"subscribers_count": 35
}

8
2020/CVE-2020-1472.json
View file

@ -103,10 +103,10 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2024-07-02T10:30:43Z",
"updated_at": "2024-07-03T09:41:08Z",
"pushed_at": "2020-11-03T09:45:24Z",
"stargazers_count": 1156,
"watchers_count": 1156,
"stargazers_count": 1157,
"watchers_count": 1157,
"has_discussions": false,
"forks_count": 286,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 286,
"watchers": 1156,
"watchers": 1157,
"score": 0,
"subscribers_count": 35
},

12
2020/CVE-2020-14882.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 4056,
"watchers_count": 4056,
"has_discussions": false,
"forks_count": 1084,
"forks_count": 1085,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -44,7 +44,7 @@
"webshell"
],
"visibility": "public",
"forks": 1084,
"forks": 1085,
"watchers": 4056,
"score": 0,
"subscribers_count": 151
@ -63,10 +63,10 @@
"description": "CVE-202014882、CVE-202014883",
"fork": false,
"created_at": "2020-10-28T11:43:37Z",
"updated_at": "2024-06-26T15:18:16Z",
"updated_at": "2024-07-03T07:20:08Z",
"pushed_at": "2020-11-16T04:23:09Z",
"stargazers_count": 281,
"watchers_count": 281,
"stargazers_count": 282,
"watchers_count": 282,
"has_discussions": false,
"forks_count": 62,
"allow_forking": true,
@ -75,7 +75,7 @@
"topics": [],
"visibility": "public",
"forks": 62,
"watchers": 281,
"watchers": 282,
"score": 0,
"subscribers_count": 7
},

8
2020/CVE-2020-2551.json
View file

@ -13,10 +13,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-07-02T13:20:29Z",
"updated_at": "2024-07-03T08:44:42Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1949,
"watchers_count": 1949,
"stargazers_count": 1950,
"watchers_count": 1950,
"has_discussions": true,
"forks_count": 335,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 335,
"watchers": 1949,
"watchers": 1950,
"score": 0,
"subscribers_count": 35
},

4
2021/CVE-2021-3156.json
View file

@ -1079,13 +1079,13 @@
"stargazers_count": 718,
"watchers_count": 718,
"has_discussions": false,
"forks_count": 167,
"forks_count": 168,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 167,
"forks": 168,
"watchers": 718,
"score": 0,
"subscribers_count": 11

8
2021/CVE-2021-41773.json
View file

@ -133,10 +133,10 @@
"description": null,
"fork": false,
"created_at": "2021-10-05T17:30:43Z",
"updated_at": "2024-04-02T02:54:31Z",
"updated_at": "2024-07-03T07:21:09Z",
"pushed_at": "2021-11-24T12:57:46Z",
"stargazers_count": 47,
"watchers_count": 47,
"stargazers_count": 48,
"watchers_count": 48,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -151,7 +151,7 @@
],
"visibility": "public",
"forks": 38,
"watchers": 47,
"watchers": 48,
"score": 0,
"subscribers_count": 1
},

16
2021/CVE-2021-44228.json
View file

@ -907,10 +907,10 @@
"description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ",
"fork": false,
"created_at": "2021-12-10T23:19:28Z",
"updated_at": "2024-07-01T17:49:33Z",
"updated_at": "2024-07-03T08:08:14Z",
"pushed_at": "2024-02-12T22:37:25Z",
"stargazers_count": 1771,
"watchers_count": 1771,
"stargazers_count": 1772,
"watchers_count": 1772,
"has_discussions": false,
"forks_count": 522,
"allow_forking": true,
@ -924,7 +924,7 @@
],
"visibility": "public",
"forks": 522,
"watchers": 1771,
"watchers": 1772,
"score": 0,
"subscribers_count": 27
},
@ -3636,10 +3636,10 @@
"description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ",
"fork": false,
"created_at": "2021-12-13T03:57:50Z",
"updated_at": "2024-07-02T20:09:08Z",
"updated_at": "2024-07-03T08:16:11Z",
"pushed_at": "2022-11-23T18:23:24Z",
"stargazers_count": 3379,
"watchers_count": 3379,
"stargazers_count": 3381,
"watchers_count": 3381,
"has_discussions": true,
"forks_count": 740,
"allow_forking": true,
@ -3648,7 +3648,7 @@
"topics": [],
"visibility": "public",
"forks": 740,
"watchers": 3379,
"watchers": 3381,
"score": 0,
"subscribers_count": 57
},

4
2022/CVE-2022-2588.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 462,
"watchers_count": 462,
"has_discussions": false,
"forks_count": 70,
"forks_count": 71,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 70,
"forks": 71,
"watchers": 462,
"score": 0,
"subscribers_count": 50

8
2022/CVE-2022-32250.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2022-08-24T06:00:47Z",
"updated_at": "2024-06-21T10:49:55Z",
"updated_at": "2024-07-03T07:39:06Z",
"pushed_at": "2023-06-18T14:43:52Z",
"stargazers_count": 165,
"watchers_count": 165,
"stargazers_count": 166,
"watchers_count": 166,
"has_discussions": false,
"forks_count": 45,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 45,
"watchers": 165,
"watchers": 166,
"score": 0,
"subscribers_count": 6
},

8
2022/CVE-2022-41852.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2022-41852 Proof of Concept (unofficial)",
"fork": false,
"created_at": "2022-10-14T12:09:19Z",
"updated_at": "2024-07-02T09:41:09Z",
"updated_at": "2024-07-03T10:10:06Z",
"pushed_at": "2022-10-20T08:01:38Z",
"stargazers_count": 71,
"watchers_count": 71,
"stargazers_count": 72,
"watchers_count": 72,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -37,7 +37,7 @@
],
"visibility": "public",
"forks": 17,
"watchers": 71,
"watchers": 72,
"score": 0,
"subscribers_count": 3
}

8
2023/CVE-2023-0386.json
View file

@ -73,10 +73,10 @@
"description": "CVE-2023-0386在ubuntu22.04上的提权",
"fork": false,
"created_at": "2023-05-05T03:02:13Z",
"updated_at": "2024-07-03T04:44:33Z",
"updated_at": "2024-07-03T06:53:08Z",
"pushed_at": "2023-06-13T08:58:53Z",
"stargazers_count": 380,
"watchers_count": 380,
"stargazers_count": 381,
"watchers_count": 381,
"has_discussions": false,
"forks_count": 65,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 65,
"watchers": 380,
"watchers": 381,
"score": 0,
"subscribers_count": 4
},

4
2023/CVE-2023-38490.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -31,7 +31,7 @@
"xxe"
],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 0,
"score": 0,
"subscribers_count": 2

32
2023/CVE-2023-3881.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 823495260,
"name": "CVE-Research",
"full_name": "AnugiArrawwala\/CVE-Research",
"owner": {
"login": "AnugiArrawwala",
"id": 141626082,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141626082?v=4",
"html_url": "https:\/\/github.com\/AnugiArrawwala"
},
"html_url": "https:\/\/github.com\/AnugiArrawwala\/CVE-Research",
"description": "CVE-2017-0144 (Eternal Blue) | CVE-2023-3881 | CVE-2011-2523",
"fork": false,
"created_at": "2024-07-03T06:30:54Z",
"updated_at": "2024-07-03T06:52:39Z",
"pushed_at": "2024-07-03T06:52:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-44976.json
View file

@ -13,10 +13,10 @@
"description": "A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering them ineffective, working for both x32 and x64(CVE-2023-44976).",
"fork": false,
"created_at": "2023-10-01T18:24:38Z",
"updated_at": "2024-06-26T16:00:06Z",
"updated_at": "2024-07-03T09:51:23Z",
"pushed_at": "2024-01-27T01:35:24Z",
"stargazers_count": 50,
"watchers_count": 50,
"stargazers_count": 51,
"watchers_count": 51,
"has_discussions": false,
"forks_count": 11,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 11,
"watchers": 50,
"watchers": 51,
"score": 0,
"subscribers_count": 2
}

8
2023/CVE-2023-46604.json
View file

@ -133,10 +133,10 @@
"description": null,
"fork": false,
"created_at": "2023-11-04T11:58:21Z",
"updated_at": "2024-06-05T11:07:34Z",
"updated_at": "2024-07-03T12:13:33Z",
"pushed_at": "2023-11-06T07:26:30Z",
"stargazers_count": 24,
"watchers_count": 24,
"stargazers_count": 25,
"watchers_count": 25,
"has_discussions": false,
"forks_count": 11,
"allow_forking": true,
@ -145,7 +145,7 @@
"topics": [],
"visibility": "public",
"forks": 11,
"watchers": 24,
"watchers": 25,
"score": 0,
"subscribers_count": 1
},

38
2024/CVE-2024-0044.json
View file

@ -43,10 +43,10 @@
"description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13",
"fork": false,
"created_at": "2024-06-18T12:30:53Z",
"updated_at": "2024-07-03T05:25:29Z",
"updated_at": "2024-07-03T11:52:08Z",
"pushed_at": "2024-06-19T12:24:50Z",
"stargazers_count": 107,
"watchers_count": 107,
"stargazers_count": 109,
"watchers_count": 109,
"has_discussions": false,
"forks_count": 21,
"allow_forking": true,
@ -55,8 +55,38 @@
"topics": [],
"visibility": "public",
"forks": 21,
"watchers": 107,
"watchers": 109,
"score": 0,
"subscribers_count": 4
},
{
"id": 823594837,
"name": "CVE-2024-0044-EXP",
"full_name": "Re13orn\/CVE-2024-0044-EXP",
"owner": {
"login": "Re13orn",
"id": 29865055,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29865055?v=4",
"html_url": "https:\/\/github.com\/Re13orn"
},
"html_url": "https:\/\/github.com\/Re13orn\/CVE-2024-0044-EXP",
"description": "利用 CVE-2024-0044 Android 权限提升下载任意目标App沙箱文件。",
"fork": false,
"created_at": "2024-07-03T10:29:06Z",
"updated_at": "2024-07-03T10:42:56Z",
"pushed_at": "2024-07-03T10:42:53Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-1086.json
View file

@ -13,10 +13,10 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2024-07-02T12:45:09Z",
"updated_at": "2024-07-03T09:22:07Z",
"pushed_at": "2024-04-17T16:09:54Z",
"stargazers_count": 2164,
"watchers_count": 2164,
"stargazers_count": 2167,
"watchers_count": 2167,
"has_discussions": false,
"forks_count": 283,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 283,
"watchers": 2164,
"watchers": 2167,
"score": 0,
"subscribers_count": 23
},

32
2024/CVE-2024-20656.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 742476162,
"name": "CVE-2024-20656",
"full_name": "Wh04m1001\/CVE-2024-20656",
"owner": {
"login": "Wh04m1001",
"id": 44291883,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4",
"html_url": "https:\/\/github.com\/Wh04m1001"
},
"html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2024-20656",
"description": null,
"fork": false,
"created_at": "2024-01-12T15:08:01Z",
"updated_at": "2024-06-20T01:01:28Z",
"pushed_at": "2024-01-14T07:14:33Z",
"stargazers_count": 115,
"watchers_count": 115,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 17,
"watchers": 115,
"score": 0,
"subscribers_count": 2
}
]

35
2024/CVE-2024-21305.json Normal file
View file

@ -0,0 +1,35 @@
[
{
"id": 732514348,
"name": "CVE-2024-21305",
"full_name": "tandasat\/CVE-2024-21305",
"owner": {
"login": "tandasat",
"id": 1620923,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1620923?v=4",
"html_url": "https:\/\/github.com\/tandasat"
},
"html_url": "https:\/\/github.com\/tandasat\/CVE-2024-21305",
"description": "Report and exploit of CVE-2024-21305. ",
"fork": false,
"created_at": "2023-12-16T23:27:34Z",
"updated_at": "2024-06-02T09:52:32Z",
"pushed_at": "2024-01-14T17:21:42Z",
"stargazers_count": 26,
"watchers_count": 26,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"hyper-v",
"vulnerability"
],
"visibility": "public",
"forks": 3,
"watchers": 26,
"score": 0,
"subscribers_count": 2
}
]

30
2024/CVE-2024-21413.json
View file

@ -418,5 +418,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 823551343,
"name": "Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape",
"full_name": "Redfox-Secuirty\/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape",
"owner": {
"login": "Redfox-Secuirty",
"id": 173128884,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4",
"html_url": "https:\/\/github.com\/Redfox-Secuirty"
},
"html_url": "https:\/\/github.com\/Redfox-Secuirty\/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape",
"description": null,
"fork": false,
"created_at": "2024-07-03T08:45:05Z",
"updated_at": "2024-07-03T08:45:08Z",
"pushed_at": "2024-07-03T08:45:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

32
2024/CVE-2024-21633.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 740220878,
"name": "CVE-2024-21633",
"full_name": "0x33c0unt\/CVE-2024-21633",
"owner": {
"login": "0x33c0unt",
"id": 26827438,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26827438?v=4",
"html_url": "https:\/\/github.com\/0x33c0unt"
},
"html_url": "https:\/\/github.com\/0x33c0unt\/CVE-2024-21633",
"description": "MobSF Remote code execution (via CVE-2024-21633)",
"fork": false,
"created_at": "2024-01-07T21:34:09Z",
"updated_at": "2024-06-25T11:13:08Z",
"pushed_at": "2024-01-07T21:34:51Z",
"stargazers_count": 70,
"watchers_count": 70,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 70,
"score": 0,
"subscribers_count": 1
}
]

90
2024/CVE-2024-21887.json
View file

@ -1,4 +1,94 @@
[
{
"id": 743084274,
"name": "ivanti-CVE-2024-21887",
"full_name": "oways\/ivanti-CVE-2024-21887",
"owner": {
"login": "oways",
"id": 11142952,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11142952?v=4",
"html_url": "https:\/\/github.com\/oways"
},
"html_url": "https:\/\/github.com\/oways\/ivanti-CVE-2024-21887",
"description": "POC Checker for ivanti CVE-2024-21887 Command injcetion",
"fork": false,
"created_at": "2024-01-14T09:25:56Z",
"updated_at": "2024-05-10T02:50:53Z",
"pushed_at": "2024-01-14T09:27:36Z",
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},
{
"id": 744186376,
"name": "CVE-2023-46805_CVE-2024-21887",
"full_name": "duy-31\/CVE-2023-46805_CVE-2024-21887",
"owner": {
"login": "duy-31",
"id": 20819326,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4",
"html_url": "https:\/\/github.com\/duy-31"
},
"html_url": "https:\/\/github.com\/duy-31\/CVE-2023-46805_CVE-2024-21887",
"description": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.",
"fork": false,
"created_at": "2024-01-16T19:40:59Z",
"updated_at": "2024-06-14T17:17:06Z",
"pushed_at": "2024-01-17T19:14:09Z",
"stargazers_count": 18,
"watchers_count": 18,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 18,
"score": 0,
"subscribers_count": 2
},
{
"id": 744213825,
"name": "CVE-2024-21887",
"full_name": "Chocapikk\/CVE-2024-21887",
"owner": {
"login": "Chocapikk",
"id": 88535377,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4",
"html_url": "https:\/\/github.com\/Chocapikk"
},
"html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-21887",
"description": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.",
"fork": false,
"created_at": "2024-01-16T20:59:38Z",
"updated_at": "2024-06-25T13:56:06Z",
"pushed_at": "2024-01-17T00:38:28Z",
"stargazers_count": 48,
"watchers_count": 48,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 48,
"score": 0,
"subscribers_count": 2
},
{
"id": 745015590,
"name": "CVE-2023-46805_CVE-2024-21887",

37
2024/CVE-2024-22145.json Normal file
View file

@ -0,0 +1,37 @@
[
{
"id": 744705693,
"name": "CVE-2024-22145",
"full_name": "RandomRobbieBF\/CVE-2024-22145",
"owner": {
"login": "RandomRobbieBF",
"id": 51722811,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4",
"html_url": "https:\/\/github.com\/RandomRobbieBF"
},
"html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-22145",
"description": "InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)",
"fork": false,
"created_at": "2024-01-17T20:56:21Z",
"updated_at": "2024-01-20T05:38:14Z",
"pushed_at": "2024-01-17T20:59:47Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2024-22145",
"exploit",
"instawp-connect",
"wordpress"
],
"visibility": "public",
"forks": 0,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}
]

30
2024/CVE-2024-24919.json
View file

@ -316,36 +316,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 808546456,
"name": "CVE-2024-24919",
"full_name": "3UR\/CVE-2024-24919",
"owner": {
"login": "3UR",
"id": 76826837,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76826837?v=4",
"html_url": "https:\/\/github.com\/3UR"
},
"html_url": "https:\/\/github.com\/3UR\/CVE-2024-24919",
"description": "CLI based PoC for CVE-2024-24919",
"fork": false,
"created_at": "2024-05-31T09:43:14Z",
"updated_at": "2024-06-08T06:29:24Z",
"pushed_at": "2024-06-08T06:29:21Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 808560094,
"name": "CVE-2024-24919",

4
2024/CVE-2024-28397.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 24,
"watchers_count": 24,
"has_discussions": false,
"forks_count": 4,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"forks": 5,
"watchers": 24,
"score": 0,
"subscribers_count": 1

8
2024/CVE-2024-29943.json
View file

@ -13,10 +13,10 @@
"description": "A Pwn2Own SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE",
"fork": false,
"created_at": "2024-06-27T13:47:52Z",
"updated_at": "2024-07-03T05:37:19Z",
"updated_at": "2024-07-03T08:06:48Z",
"pushed_at": "2024-06-29T04:05:12Z",
"stargazers_count": 67,
"watchers_count": 67,
"stargazers_count": 68,
"watchers_count": 68,
"has_discussions": false,
"forks_count": 11,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 11,
"watchers": 67,
"watchers": 68,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-30002.json
View file

@ -1,6 +1,6 @@
[
{
"id": 823483691,
"id": 823532806,
"name": "git_rce",
"full_name": "EQSTSeminar\/git_rce",
"owner": {
@ -12,9 +12,9 @@
"html_url": "https:\/\/github.com\/EQSTSeminar\/git_rce",
"description": "git clone rce CVE-2024-30002",
"fork": false,
"created_at": "2024-07-03T05:58:44Z",
"updated_at": "2024-07-03T06:01:53Z",
"pushed_at": "2024-07-03T06:01:50Z",
"created_at": "2024-07-03T08:01:39Z",
"updated_at": "2024-07-03T08:03:57Z",
"pushed_at": "2024-07-03T08:03:53Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2024/CVE-2024-3094.json
View file

@ -1012,10 +1012,10 @@
"description": "notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)",
"fork": false,
"created_at": "2024-04-01T14:28:09Z",
"updated_at": "2024-07-02T05:32:02Z",
"updated_at": "2024-07-03T07:40:23Z",
"pushed_at": "2024-04-03T04:58:50Z",
"stargazers_count": 3468,
"watchers_count": 3468,
"stargazers_count": 3467,
"watchers_count": 3467,
"has_discussions": false,
"forks_count": 234,
"allow_forking": true,
@ -1024,7 +1024,7 @@
"topics": [],
"visibility": "public",
"forks": 234,
"watchers": 3468,
"watchers": 3467,
"score": 0,
"subscribers_count": 39
},

64
2024/CVE-2024-32002.json
View file

@ -113,13 +113,13 @@
"stargazers_count": 13,
"watchers_count": 13,
"has_discussions": false,
"forks_count": 25,
"forks_count": 24,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 25,
"forks": 24,
"watchers": 13,
"score": 0,
"subscribers_count": 1
@ -1494,5 +1494,65 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 823630612,
"name": "CVE-2024-32002",
"full_name": "AmbroseCdMeng\/CVE-2024-32002",
"owner": {
"login": "AmbroseCdMeng",
"id": 32756131,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32756131?v=4",
"html_url": "https:\/\/github.com\/AmbroseCdMeng"
},
"html_url": "https:\/\/github.com\/AmbroseCdMeng\/CVE-2024-32002",
"description": null,
"fork": false,
"created_at": "2024-07-03T12:00:41Z",
"updated_at": "2024-07-03T12:00:41Z",
"pushed_at": "2024-07-03T12:00:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 823635251,
"name": "CVE-2024-32002-Hook",
"full_name": "AmbroseCdMeng\/CVE-2024-32002-Hook",
"owner": {
"login": "AmbroseCdMeng",
"id": 32756131,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32756131?v=4",
"html_url": "https:\/\/github.com\/AmbroseCdMeng"
},
"html_url": "https:\/\/github.com\/AmbroseCdMeng\/CVE-2024-32002-Hook",
"description": null,
"fork": false,
"created_at": "2024-07-03T12:11:17Z",
"updated_at": "2024-07-03T12:11:18Z",
"pushed_at": "2024-07-03T12:11:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-3495.json
View file

@ -43,10 +43,10 @@
"description": "The Country State City Dropdown CF7 WordPress plugin (versions up to 2.7.2) is vulnerable to SQL Injection via 'cnt' and 'sid' parameters. Insufficient escaping and lack of preparation in the SQL query allow unauthenticated attackers to append queries, potentially extracting sensitive database information.",
"fork": false,
"created_at": "2024-05-28T02:57:12Z",
"updated_at": "2024-05-28T02:57:16Z",
"updated_at": "2024-07-03T11:41:08Z",
"pushed_at": "2024-05-28T02:57:13Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

32
2024/CVE-2024-37726.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 823516489,
"name": "CVE-2024-37726-MSI-Center-Local-Privilege-Escalation",
"full_name": "carsonchan12345\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation",
"owner": {
"login": "carsonchan12345",
"id": 44266907,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44266907?v=4",
"html_url": "https:\/\/github.com\/carsonchan12345"
},
"html_url": "https:\/\/github.com\/carsonchan12345\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation",
"description": null,
"fork": false,
"created_at": "2024-07-03T07:26:07Z",
"updated_at": "2024-07-03T09:32:50Z",
"pushed_at": "2024-07-03T07:26:10Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-37791.json
View file

@ -13,10 +13,10 @@
"description": "我的CVE-2024-37791",
"fork": false,
"created_at": "2024-06-19T09:16:30Z",
"updated_at": "2024-06-19T10:01:09Z",
"updated_at": "2024-07-03T08:10:57Z",
"pushed_at": "2024-06-19T10:01:06Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-38366.json
View file

@ -1,19 +1,19 @@
[
{
"id": 821403467,
"name": "CocoaPods-RCE",
"full_name": "ReeFSpeK\/CocoaPods-RCE",
"name": "CocoaPods-RCE_CVE-2024-38366",
"full_name": "ReeFSpeK\/CocoaPods-RCE_CVE-2024-38366",
"owner": {
"login": "ReeFSpeK",
"id": 24816171,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24816171?v=4",
"html_url": "https:\/\/github.com\/ReeFSpeK"
},
"html_url": "https:\/\/github.com\/ReeFSpeK\/CocoaPods-RCE",
"html_url": "https:\/\/github.com\/ReeFSpeK\/CocoaPods-RCE_CVE-2024-38366",
"description": "CocoaPods RCE Vulnerability CVE-2024-38366",
"fork": false,
"created_at": "2024-06-28T13:11:28Z",
"updated_at": "2024-07-01T13:48:58Z",
"updated_at": "2024-07-03T10:19:25Z",
"pushed_at": "2024-07-01T12:28:04Z",
"stargazers_count": 0,
"watchers_count": 0,

32
2024/CVE-2024-4577.json
View file

@ -133,10 +133,10 @@
"description": "POC & $BASH script for CVE-2024-4577",
"fork": false,
"created_at": "2024-06-07T09:51:39Z",
"updated_at": "2024-06-21T00:53:45Z",
"updated_at": "2024-07-03T08:24:43Z",
"pushed_at": "2024-06-09T16:16:30Z",
"stargazers_count": 35,
"watchers_count": 35,
"stargazers_count": 36,
"watchers_count": 36,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -145,7 +145,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 35,
"watchers": 36,
"score": 0,
"subscribers_count": 1
},
@ -163,10 +163,10 @@
"description": "PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC",
"fork": false,
"created_at": "2024-06-07T09:52:54Z",
"updated_at": "2024-07-03T05:28:46Z",
"updated_at": "2024-07-03T08:19:32Z",
"pushed_at": "2024-06-22T15:13:52Z",
"stargazers_count": 158,
"watchers_count": 158,
"stargazers_count": 159,
"watchers_count": 159,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -175,7 +175,7 @@
"topics": [],
"visibility": "public",
"forks": 38,
"watchers": 158,
"watchers": 159,
"score": 0,
"subscribers_count": 4
},
@ -362,14 +362,14 @@
{
"id": 812032307,
"name": "CVE-2024-4577",
"full_name": "Yukiioz\/CVE-2024-4577",
"full_name": "BitMEXResearch\/CVE-2024-4577",
"owner": {
"login": "Yukiioz",
"login": "BitMEXResearch",
"id": 26349077,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26349077?v=4",
"html_url": "https:\/\/github.com\/Yukiioz"
"html_url": "https:\/\/github.com\/BitMEXResearch"
},
"html_url": "https:\/\/github.com\/Yukiioz\/CVE-2024-4577",
"html_url": "https:\/\/github.com\/BitMEXResearch\/CVE-2024-4577",
"description": null,
"fork": false,
"created_at": "2024-06-07T20:10:49Z",
@ -463,10 +463,10 @@
"description": "CVE-2024-4577 Exploit POC ",
"fork": false,
"created_at": "2024-06-08T06:36:14Z",
"updated_at": "2024-06-09T10:50:42Z",
"updated_at": "2024-07-03T11:38:45Z",
"pushed_at": "2024-06-09T16:47:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -475,7 +475,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},

32
2024/CVE-2024-5655.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 823554653,
"name": "CVE-2024-5655-Gitlab-CSRF-GraphQL",
"full_name": "VulnResearcher\/CVE-2024-5655-Gitlab-CSRF-GraphQL",
"owner": {
"login": "VulnResearcher",
"id": 174596938,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174596938?v=4",
"html_url": "https:\/\/github.com\/VulnResearcher"
},
"html_url": "https:\/\/github.com\/VulnResearcher\/CVE-2024-5655-Gitlab-CSRF-GraphQL",
"description": "Private exploit CVE-2024-5655 to Gitlab (Private repositories disclosure)",
"fork": false,
"created_at": "2024-07-03T08:52:48Z",
"updated_at": "2024-07-03T09:04:31Z",
"pushed_at": "2024-07-03T09:04:18Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

230
2024/CVE-2024-6387.json
View file

@ -13,10 +13,10 @@
"description": "Spirit - Network Pentest Tools CVE-2024-6387",
"fork": false,
"created_at": "2022-05-25T00:13:18Z",
"updated_at": "2024-07-03T01:25:02Z",
"updated_at": "2024-07-03T10:16:48Z",
"pushed_at": "2024-07-02T17:42:14Z",
"stargazers_count": 58,
"watchers_count": 58,
"stargazers_count": 59,
"watchers_count": 59,
"has_discussions": false,
"forks_count": 11,
"allow_forking": true,
@ -38,7 +38,7 @@
],
"visibility": "public",
"forks": 11,
"watchers": 58,
"watchers": 59,
"score": 0,
"subscribers_count": 5
},
@ -56,19 +56,19 @@
"description": "a signal handler race condition in OpenSSH's server (sshd)",
"fork": false,
"created_at": "2024-07-01T10:55:29Z",
"updated_at": "2024-07-03T06:32:41Z",
"updated_at": "2024-07-03T12:14:13Z",
"pushed_at": "2024-07-01T10:54:02Z",
"stargazers_count": 327,
"watchers_count": 327,
"stargazers_count": 344,
"watchers_count": 344,
"has_discussions": false,
"forks_count": 166,
"forks_count": 173,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 166,
"watchers": 327,
"forks": 173,
"watchers": 344,
"score": 0,
"subscribers_count": 3
},
@ -86,19 +86,19 @@
"description": "32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo\/cve-2024-6387-poc",
"fork": false,
"created_at": "2024-07-01T12:16:21Z",
"updated_at": "2024-07-03T03:03:13Z",
"updated_at": "2024-07-03T12:07:56Z",
"pushed_at": "2024-07-01T12:25:01Z",
"stargazers_count": 96,
"watchers_count": 96,
"stargazers_count": 115,
"watchers_count": 115,
"has_discussions": false,
"forks_count": 49,
"forks_count": 50,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 49,
"watchers": 96,
"forks": 50,
"watchers": 115,
"score": 0,
"subscribers_count": 3
},
@ -116,12 +116,12 @@
"description": "32-bit PoC for CVE-2024-6387 \"regreSSHion\" -- mirror of the original 7etsuo\/cve-2024-6387-poc",
"fork": false,
"created_at": "2024-07-01T12:26:40Z",
"updated_at": "2024-07-03T05:51:14Z",
"updated_at": "2024-07-03T10:14:36Z",
"pushed_at": "2024-07-01T14:16:36Z",
"stargazers_count": 59,
"watchers_count": 59,
"stargazers_count": 64,
"watchers_count": 64,
"has_discussions": false,
"forks_count": 31,
"forks_count": 32,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -134,8 +134,8 @@
"ssh"
],
"visibility": "public",
"forks": 31,
"watchers": 59,
"forks": 32,
"watchers": 64,
"score": 0,
"subscribers_count": 2
},
@ -183,10 +183,10 @@
"description": null,
"fork": false,
"created_at": "2024-07-01T12:51:18Z",
"updated_at": "2024-07-02T21:12:21Z",
"updated_at": "2024-07-03T08:11:39Z",
"pushed_at": "2024-07-01T13:34:47Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 13,
"watchers_count": 13,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -195,7 +195,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 11,
"watchers": 13,
"score": 0,
"subscribers_count": 1
},
@ -303,19 +303,25 @@
"description": "CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH",
"fork": false,
"created_at": "2024-07-01T20:33:20Z",
"updated_at": "2024-07-03T06:25:00Z",
"pushed_at": "2024-07-02T20:39:05Z",
"stargazers_count": 219,
"watchers_count": 219,
"updated_at": "2024-07-03T12:29:37Z",
"pushed_at": "2024-07-03T09:31:35Z",
"stargazers_count": 248,
"watchers_count": 248,
"has_discussions": false,
"forks_count": 56,
"forks_count": 59,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"topics": [
"cve-2024-6387",
"exploit",
"pentesting",
"python3",
"redteam"
],
"visibility": "public",
"forks": 56,
"watchers": 219,
"forks": 59,
"watchers": 248,
"score": 0,
"subscribers_count": 1
},
@ -453,19 +459,19 @@
"description": null,
"fork": false,
"created_at": "2024-07-02T01:39:10Z",
"updated_at": "2024-07-02T13:53:50Z",
"updated_at": "2024-07-03T12:17:24Z",
"pushed_at": "2024-07-02T01:54:25Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 3,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 6,
"forks": 4,
"watchers": 7,
"score": 0,
"subscribers_count": 1
},
@ -693,10 +699,10 @@
"description": "CVE-2024-6387 exploit",
"fork": false,
"created_at": "2024-07-02T04:09:44Z",
"updated_at": "2024-07-02T08:51:25Z",
"updated_at": "2024-07-03T08:32:20Z",
"pushed_at": "2024-07-02T04:45:15Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -705,7 +711,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
@ -783,19 +789,19 @@
"description": "This Python script exploits a remote code execution vulnerability (CVE-2024-6387) in OpenSSH.",
"fork": false,
"created_at": "2024-07-02T06:53:35Z",
"updated_at": "2024-07-03T06:08:14Z",
"updated_at": "2024-07-03T07:03:56Z",
"pushed_at": "2024-07-02T06:57:34Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 6,
"forks": 2,
"watchers": 7,
"score": 0,
"subscribers_count": 1
},
@ -1123,12 +1129,12 @@
"description": "CVE-2024-6387 Checker is a fast, efficient tool for detecting OpenSSH servers vulnerable to the regreSSHion exploit. It quickly scans multiple IPs, domain names, and CIDR ranges to identify risks and help secure your infrastructure.",
"fork": false,
"created_at": "2024-07-02T11:55:39Z",
"updated_at": "2024-07-03T05:27:51Z",
"updated_at": "2024-07-03T11:49:14Z",
"pushed_at": "2024-07-02T23:32:12Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -1138,14 +1144,17 @@
"cve-2024-6387-checker",
"devarshishimpi",
"openssh",
"openssh-client",
"openssh-server",
"openssh-sftp-server",
"regresshion",
"ssh",
"vulnerability-detection",
"vulnerability-scanners"
],
"visibility": "public",
"forks": 0,
"watchers": 3,
"forks": 1,
"watchers": 5,
"score": 0,
"subscribers_count": 2
},
@ -1491,10 +1500,10 @@
"description": "PoC - Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387) ",
"fork": false,
"created_at": "2024-07-02T18:32:46Z",
"updated_at": "2024-07-03T05:55:42Z",
"updated_at": "2024-07-03T11:27:57Z",
"pushed_at": "2024-07-03T05:12:19Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -1512,7 +1521,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 4,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},
@ -1704,6 +1713,36 @@
"score": 0,
"subscribers_count": 0
},
{
"id": 823349523,
"name": "CVE-2024-6387-Checker",
"full_name": "CognisysGroup\/CVE-2024-6387-Checker",
"owner": {
"login": "CognisysGroup",
"id": 101755095,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101755095?v=4",
"html_url": "https:\/\/github.com\/CognisysGroup"
},
"html_url": "https:\/\/github.com\/CognisysGroup\/CVE-2024-6387-Checker",
"description": null,
"fork": false,
"created_at": "2024-07-02T21:47:02Z",
"updated_at": "2024-07-03T12:15:46Z",
"pushed_at": "2024-07-03T12:13:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 823487291,
"name": "CVE-2024-6387",
@ -1718,8 +1757,8 @@
"description": "Targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems.",
"fork": false,
"created_at": "2024-07-03T06:08:32Z",
"updated_at": "2024-07-03T06:32:59Z",
"pushed_at": "2024-07-03T06:32:56Z",
"updated_at": "2024-07-03T06:47:49Z",
"pushed_at": "2024-07-03T06:47:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -1735,5 +1774,72 @@
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 823542110,
"name": "CVE-2024-6387",
"full_name": "Symbolexe\/CVE-2024-6387",
"owner": {
"login": "Symbolexe",
"id": 140549630,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4",
"html_url": "https:\/\/github.com\/Symbolexe"
},
"html_url": "https:\/\/github.com\/Symbolexe\/CVE-2024-6387",
"description": "SSH Exploit for CVE-2024-6387 : RCE in OpenSSH's server, on glibc-based Linux systems",
"fork": false,
"created_at": "2024-07-03T08:22:57Z",
"updated_at": "2024-07-03T10:43:33Z",
"pushed_at": "2024-07-03T08:30:54Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2024-6387",
"exploit",
"pentesting",
"python3",
"redteam"
],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 823593765,
"name": "sentinelssh",
"full_name": "harshinsecurity\/sentinelssh",
"owner": {
"login": "harshinsecurity",
"id": 51978908,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51978908?v=4",
"html_url": "https:\/\/github.com\/harshinsecurity"
},
"html_url": "https:\/\/github.com\/harshinsecurity\/sentinelssh",
"description": "SentinelSSH is an advanced, high-performance SSH vulnerability scanner written in Go. It's specifically designed to detect the CVE-2024-6387 vulnerability in OpenSSH servers across various network environments.",
"fork": false,
"created_at": "2024-07-03T10:26:23Z",
"updated_at": "2024-07-03T10:33:39Z",
"pushed_at": "2024-07-03T10:33:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

62
README.md
View file

@ -22,6 +22,7 @@
- [scs-labrat/android_autorooter](https://github.com/scs-labrat/android_autorooter)
- [pl4int3xt/cve_2024_0044](https://github.com/pl4int3xt/cve_2024_0044)
- [Re13orn/CVE-2024-0044-EXP](https://github.com/Re13orn/CVE-2024-0044-EXP)
### CVE-2024-0195 (2024-01-02)
@ -705,7 +706,7 @@
- [Wh02m1/CVE-2024-4577](https://github.com/Wh02m1/CVE-2024-4577)
- [Sysc4ll3r/CVE-2024-4577](https://github.com/Sysc4ll3r/CVE-2024-4577)
- [WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP](https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP)
- [Yukiioz/CVE-2024-4577](https://github.com/Yukiioz/CVE-2024-4577)
- [BitMEXResearch/CVE-2024-4577](https://github.com/BitMEXResearch/CVE-2024-4577)
- [0x20c/CVE-2024-4577-nuclei](https://github.com/0x20c/CVE-2024-4577-nuclei)
- [manuelinfosec/CVE-2024-4577](https://github.com/manuelinfosec/CVE-2024-4577)
- [zomasec/CVE-2024-4577](https://github.com/zomasec/CVE-2024-4577)
@ -812,6 +813,13 @@
- [truonghuuphuc/CVE-2024-5522-Poc](https://github.com/truonghuuphuc/CVE-2024-5522-Poc)
### CVE-2024-5655 (2024-06-26)
<code>An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
</code>
- [VulnResearcher/CVE-2024-5655-Gitlab-CSRF-GraphQL](https://github.com/VulnResearcher/CVE-2024-5655-Gitlab-CSRF-GraphQL)
### CVE-2024-5735 (2024-06-28)
<code>Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0.
@ -920,7 +928,10 @@
- [edsonjt81/CVE-2024-6387_Check](https://github.com/edsonjt81/CVE-2024-6387_Check)
- [EkaterinaMarchetti/CVE-2024-6387-regreSSHion-Checker](https://github.com/EkaterinaMarchetti/CVE-2024-6387-regreSSHion-Checker)
- [grupooruss/CVE-2024-6387-Tester](https://github.com/grupooruss/CVE-2024-6387-Tester)
- [CognisysGroup/CVE-2024-6387-Checker](https://github.com/CognisysGroup/CVE-2024-6387-Checker)
- [sxlmnwb/CVE-2024-6387](https://github.com/sxlmnwb/CVE-2024-6387)
- [Symbolexe/CVE-2024-6387](https://github.com/Symbolexe/CVE-2024-6387)
- [harshinsecurity/sentinelssh](https://github.com/harshinsecurity/sentinelssh)
### CVE-2024-12883
- [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883)
@ -968,6 +979,13 @@
- [AbdElRahmanEzzat1995/CVE-2024-20405](https://github.com/AbdElRahmanEzzat1995/CVE-2024-20405)
### CVE-2024-20656 (2024-01-09)
<code>Visual Studio Elevation of Privilege Vulnerability
</code>
- [Wh04m1001/CVE-2024-20656](https://github.com/Wh04m1001/CVE-2024-20656)
### CVE-2024-20666 (2024-01-09)
<code>BitLocker Security Feature Bypass Vulnerability
@ -1034,6 +1052,13 @@
- [10cks/CVE-2024-21111-del](https://github.com/10cks/CVE-2024-21111-del)
- [x0rsys/CVE-2024-21111](https://github.com/x0rsys/CVE-2024-21111)
### CVE-2024-21305 (2024-01-09)
<code>Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
</code>
- [tandasat/CVE-2024-21305](https://github.com/tandasat/CVE-2024-21305)
### CVE-2024-21306 (2024-01-09)
<code>Microsoft Bluetooth Driver Spoofing Vulnerability
@ -1101,6 +1126,7 @@
- [ShubhamKanhere307/CVE-2024-21413](https://github.com/ShubhamKanhere307/CVE-2024-21413)
- [olebris/CVE-2024-21413](https://github.com/olebris/CVE-2024-21413)
- [DerZiad/CVE-2024-21413](https://github.com/DerZiad/CVE-2024-21413)
- [Redfox-Secuirty/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape](https://github.com/Redfox-Secuirty/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape)
### CVE-2024-21514 (2024-06-22)
@ -1126,6 +1152,13 @@
- [KubernetesBachelor/CVE-2024-21626](https://github.com/KubernetesBachelor/CVE-2024-21626)
- [dorser/cve-2024-21626](https://github.com/dorser/cve-2024-21626)
### CVE-2024-21633 (2024-01-03)
<code>Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are those in which an attacker may write/overwrite any file that user has write access, and either user name is known or cwd is under user folder. Commit d348c43b24a9de350ff6e5bd610545a10c1fc712 contains a patch for this issue.
</code>
- [0x33c0unt/CVE-2024-21633](https://github.com/0x33c0unt/CVE-2024-21633)
### CVE-2024-21644 (2024-01-08)
<code>pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
@ -1176,6 +1209,9 @@
<code>A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
</code>
- [oways/ivanti-CVE-2024-21887](https://github.com/oways/ivanti-CVE-2024-21887)
- [duy-31/CVE-2023-46805_CVE-2024-21887](https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887)
- [Chocapikk/CVE-2024-21887](https://github.com/Chocapikk/CVE-2024-21887)
- [raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887](https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887)
- [seajaysec/Ivanti-Connect-Around-Scan](https://github.com/seajaysec/Ivanti-Connect-Around-Scan)
- [mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped](https://github.com/mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped)
@ -1218,6 +1254,13 @@
- [W01fh4cker/CVE-2024-22120-RCE](https://github.com/W01fh4cker/CVE-2024-22120-RCE)
### CVE-2024-22145 (2024-05-17)
<code>Improper Privilege Management vulnerability in InstaWP Team InstaWP Connect allows Privilege Escalation.This issue affects InstaWP Connect: from n/a through 0.1.0.8.
</code>
- [RandomRobbieBF/CVE-2024-22145](https://github.com/RandomRobbieBF/CVE-2024-22145)
### CVE-2024-22243 (2024-02-23)
<code>Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.\n
@ -1755,7 +1798,6 @@
- [P3wc0/CVE-2024-24919](https://github.com/P3wc0/CVE-2024-24919)
- [zam89/CVE-2024-24919](https://github.com/zam89/CVE-2024-24919)
- [satriarizka/CVE-2024-24919](https://github.com/satriarizka/CVE-2024-24919)
- [3UR/CVE-2024-24919](https://github.com/3UR/CVE-2024-24919)
- [RevoltSecurities/CVE-2024-24919](https://github.com/RevoltSecurities/CVE-2024-24919)
- [Vulnpire/CVE-2024-24919](https://github.com/Vulnpire/CVE-2024-24919)
- [seed1337/CVE-2024-24919-POC](https://github.com/seed1337/CVE-2024-24919-POC)
@ -2664,6 +2706,8 @@
- [tobelight/cve_2024_32002](https://github.com/tobelight/cve_2024_32002)
- [Basyaact/CVE-2024-32002-PoC_Chinese](https://github.com/Basyaact/CVE-2024-32002-PoC_Chinese)
- [bonnettheo/CVE-2024-32002](https://github.com/bonnettheo/CVE-2024-32002)
- [AmbroseCdMeng/CVE-2024-32002](https://github.com/AmbroseCdMeng/CVE-2024-32002)
- [AmbroseCdMeng/CVE-2024-32002-Hook](https://github.com/AmbroseCdMeng/CVE-2024-32002-Hook)
### CVE-2024-32004 (2024-05-14)
@ -3109,6 +3153,9 @@
- [optistream/securenvoy-cve-2024-37393](https://github.com/optistream/securenvoy-cve-2024-37393)
### CVE-2024-37726
- [carsonchan12345/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation](https://github.com/carsonchan12345/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation)
### CVE-2024-37742 (2024-06-25)
<code>Insecure Access Control in Safe Exam Browser (SEB) = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair advantage during exams.
@ -3184,7 +3231,7 @@
<code>trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX. This lookup could be manipulated to also execute a command on the trunk server, effectively giving root access to the server and the infrastructure. This issue was patched server-side with commit 001cc3a430e75a16307f5fd6cdff1363ad2f40f3 in September 2023. This RCE triggered a full user-session reset, as an attacker could have used this method to write to any Podspec in trunk.
</code>
- [ReeFSpeK/CocoaPods-RCE](https://github.com/ReeFSpeK/CocoaPods-RCE)
- [ReeFSpeK/CocoaPods-RCE_CVE-2024-38366](https://github.com/ReeFSpeK/CocoaPods-RCE_CVE-2024-38366)
### CVE-2024-38396 (2024-06-16)
@ -3921,6 +3968,13 @@
- [zh-byte/CVE-2023-3836](https://github.com/zh-byte/CVE-2023-3836)
### CVE-2023-3881 (2023-07-25)
<code>In Campcodes Beauty Salon Management System 1.0 wurde eine kritische Schwachstelle entdeckt. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /admin/forgot-password.php. Durch Manipulieren des Arguments contactno mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
</code>
- [AnugiArrawwala/CVE-Research](https://github.com/AnugiArrawwala/CVE-Research)
### CVE-2023-3971 (2023-10-04)
<code>An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.
@ -37301,6 +37355,7 @@
- [EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution](https://github.com/EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution)
- [quynhold/Detect-CVE-2017-0144-attack](https://github.com/quynhold/Detect-CVE-2017-0144-attack)
- [ducanh2oo3/Vulnerability-Research-CVE-2017-0144](https://github.com/ducanh2oo3/Vulnerability-Research-CVE-2017-0144)
- [AnugiArrawwala/CVE-Research](https://github.com/AnugiArrawwala/CVE-Research)
### CVE-2017-0145 (2017-03-17)
@ -43464,6 +43519,7 @@
- [Shubham-2k1/Exploit-CVE-2011-2523](https://github.com/Shubham-2k1/Exploit-CVE-2011-2523)
- [Tenor-Z/SmileySploit](https://github.com/Tenor-Z/SmileySploit)
- [Fatalitysec/vsftpd_2.3.4_Backdoor](https://github.com/Fatalitysec/vsftpd_2.3.4_Backdoor)
- [AnugiArrawwala/CVE-Research](https://github.com/AnugiArrawwala/CVE-Research)
### CVE-2011-2894 (2011-10-04)