diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index 0e375c141d..7e60449c02 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -41,10 +41,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-09-08T18:27:21Z", + "updated_at": "2022-09-09T13:25:22Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1499, - "watchers_count": 1499, + "stargazers_count": 1500, + "watchers_count": 1500, "forks_count": 306, "allow_forking": true, "is_template": false, @@ -73,7 +73,7 @@ ], "visibility": "public", "forks": 306, - "watchers": 1499, + "watchers": 1500, "score": 0 }, { diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index 6174230210..9f0c703027 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-09-08T18:27:21Z", + "updated_at": "2022-09-09T13:25:22Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1499, - "watchers_count": 1499, + "stargazers_count": 1500, + "watchers_count": 1500, "forks_count": 306, "allow_forking": true, "is_template": false, @@ -45,7 +45,7 @@ ], "visibility": "public", "forks": 306, - "watchers": 1499, + "watchers": 1500, "score": 0 }, { diff --git a/2017/CVE-2017-1000486.json b/2017/CVE-2017-1000486.json index 690006a929..a6c7960755 100644 --- a/2017/CVE-2017-1000486.json +++ b/2017/CVE-2017-1000486.json @@ -42,7 +42,7 @@ "fork": false, "created_at": "2018-10-17T22:47:30Z", "updated_at": "2022-06-22T16:31:40Z", - "pushed_at": "2022-06-13T09:39:57Z", + "pushed_at": "2022-09-09T13:50:49Z", "stargazers_count": 7, "watchers_count": 7, "forks_count": 1, diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 2bddc6fd52..8a497429c3 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -41,10 +41,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-09-08T18:27:21Z", + "updated_at": "2022-09-09T13:25:22Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1499, - "watchers_count": 1499, + "stargazers_count": 1500, + "watchers_count": 1500, "forks_count": 306, "allow_forking": true, "is_template": false, @@ -73,7 +73,7 @@ ], "visibility": "public", "forks": 306, - "watchers": 1499, + "watchers": 1500, "score": 0 }, { diff --git a/2017/CVE-2017-7494.json b/2017/CVE-2017-7494.json index 108dd21853..c83bde2f62 100644 --- a/2017/CVE-2017-7494.json +++ b/2017/CVE-2017-7494.json @@ -163,13 +163,13 @@ "pushed_at": "2021-03-09T09:12:55Z", "stargazers_count": 250, "watchers_count": 250, - "forks_count": 84, + "forks_count": 85, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 84, + "forks": 85, "watchers": 250, "score": 0 }, @@ -331,13 +331,13 @@ "pushed_at": "2021-08-27T10:16:45Z", "stargazers_count": 2, "watchers_count": 2, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 2, "score": 0 }, diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index cc755f2ac3..7cd973ebfd 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -549,10 +549,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-09-08T18:27:21Z", + "updated_at": "2022-09-09T13:25:22Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1499, - "watchers_count": 1499, + "stargazers_count": 1500, + "watchers_count": 1500, "forks_count": 306, "allow_forking": true, "is_template": false, @@ -581,7 +581,7 @@ ], "visibility": "public", "forks": 306, - "watchers": 1499, + "watchers": 1500, "score": 0 }, { diff --git a/2018/CVE-2018-4110.json b/2018/CVE-2018-4110.json index 2df4f98975..9a94f4a9cb 100644 --- a/2018/CVE-2018-4110.json +++ b/2018/CVE-2018-4110.json @@ -13,7 +13,7 @@ "description": "Reproduction of iOS 11 bug CVE-2018-4110", "fork": false, "created_at": "2017-10-03T18:09:30Z", - "updated_at": "2021-03-23T12:27:43Z", + "updated_at": "2022-09-09T16:50:43Z", "pushed_at": "2017-10-16T15:07:13Z", "stargazers_count": 4, "watchers_count": 4, diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 6909cd2ec0..5a7dcfe558 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -181,10 +181,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-09-08T18:27:21Z", + "updated_at": "2022-09-09T13:25:22Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1499, - "watchers_count": 1499, + "stargazers_count": 1500, + "watchers_count": 1500, "forks_count": 306, "allow_forking": true, "is_template": false, @@ -213,7 +213,7 @@ ], "visibility": "public", "forks": 306, - "watchers": 1499, + "watchers": 1500, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json index 7f12ded872..d39f5dfd26 100644 --- a/2020/CVE-2020-1350.json +++ b/2020/CVE-2020-1350.json @@ -13,10 +13,10 @@ "description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473", "fork": false, "created_at": "2020-03-11T17:51:29Z", - "updated_at": "2022-09-07T02:07:53Z", + "updated_at": "2022-09-09T15:15:34Z", "pushed_at": "2021-08-16T18:16:20Z", - "stargazers_count": 137, - "watchers_count": 137, + "stargazers_count": 138, + "watchers_count": 138, "forks_count": 27, "allow_forking": true, "is_template": false, @@ -41,7 +41,7 @@ ], "visibility": "public", "forks": 27, - "watchers": 137, + "watchers": 138, "score": 0 }, { diff --git a/2020/CVE-2020-1948.json b/2020/CVE-2020-1948.json index 3bcffe2ffb..9ab10d9c20 100644 --- a/2020/CVE-2020-1948.json +++ b/2020/CVE-2020-1948.json @@ -98,7 +98,7 @@ "fork": false, "created_at": "2020-07-14T02:42:41Z", "updated_at": "2022-04-14T08:25:21Z", - "pushed_at": "2022-07-15T21:03:09Z", + "pushed_at": "2022-09-09T18:13:30Z", "stargazers_count": 12, "watchers_count": 12, "forks_count": 5, diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 6641a0c8d5..27349f232d 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-09-08T18:27:21Z", + "updated_at": "2022-09-09T13:25:22Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1499, - "watchers_count": 1499, + "stargazers_count": 1500, + "watchers_count": 1500, "forks_count": 306, "allow_forking": true, "is_template": false, @@ -45,7 +45,7 @@ ], "visibility": "public", "forks": 306, - "watchers": 1499, + "watchers": 1500, "score": 0 }, { diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 9f5334df83..4e9b43e716 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -13,10 +13,10 @@ "description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473", "fork": false, "created_at": "2020-03-11T17:51:29Z", - "updated_at": "2022-09-07T02:07:53Z", + "updated_at": "2022-09-09T15:15:34Z", "pushed_at": "2021-08-16T18:16:20Z", - "stargazers_count": 137, - "watchers_count": 137, + "stargazers_count": 138, + "watchers_count": 138, "forks_count": 27, "allow_forking": true, "is_template": false, @@ -41,7 +41,7 @@ ], "visibility": "public", "forks": 27, - "watchers": 137, + "watchers": 138, "score": 0 }, { diff --git a/2021/CVE-2021-21985.json b/2021/CVE-2021-21985.json index 3a655789d6..9a067e2b64 100644 --- a/2021/CVE-2021-21985.json +++ b/2021/CVE-2021-21985.json @@ -41,10 +41,10 @@ "description": null, "fork": false, "created_at": "2021-05-29T13:07:14Z", - "updated_at": "2022-07-26T19:23:27Z", + "updated_at": "2022-09-09T13:35:27Z", "pushed_at": "2022-01-16T04:17:08Z", - "stargazers_count": 202, - "watchers_count": 202, + "stargazers_count": 203, + "watchers_count": 203, "forks_count": 51, "allow_forking": true, "is_template": false, @@ -52,7 +52,7 @@ "topics": [], "visibility": "public", "forks": 51, - "watchers": 202, + "watchers": 203, "score": 0 }, { diff --git a/2021/CVE-2021-4154.json b/2021/CVE-2021-4154.json index 86ff13d532..d0a54447f8 100644 --- a/2021/CVE-2021-4154.json +++ b/2021/CVE-2021-4154.json @@ -13,10 +13,10 @@ "description": "CVE-2021-4154 exploit", "fork": false, "created_at": "2022-08-11T05:46:27Z", - "updated_at": "2022-09-05T14:24:19Z", + "updated_at": "2022-09-09T14:17:54Z", "pushed_at": "2022-08-11T06:00:10Z", - "stargazers_count": 35, - "watchers_count": 35, + "stargazers_count": 36, + "watchers_count": 36, "forks_count": 11, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 35, + "watchers": 36, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json index 920a694717..cfe9172813 100644 --- a/2021/CVE-2021-41773.json +++ b/2021/CVE-2021-41773.json @@ -42,7 +42,7 @@ "fork": false, "created_at": "2021-10-06T02:28:41Z", "updated_at": "2022-08-03T18:35:01Z", - "pushed_at": "2021-12-22T23:54:18Z", + "pushed_at": "2022-09-09T16:09:11Z", "stargazers_count": 20, "watchers_count": 20, "forks_count": 8, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 443316ab82..846b3e0dab 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -101,7 +101,7 @@ "pushed_at": "2021-12-16T01:33:48Z", "stargazers_count": 180, "watchers_count": 180, - "forks_count": 34, + "forks_count": 33, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -115,7 +115,7 @@ "minecraft" ], "visibility": "public", - "forks": 34, + "forks": 33, "watchers": 180, "score": 0 }, @@ -523,10 +523,10 @@ "description": "CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks", "fork": false, "created_at": "2021-12-11T07:19:11Z", - "updated_at": "2022-09-09T02:53:07Z", + "updated_at": "2022-09-09T13:42:04Z", "pushed_at": "2022-08-31T05:56:13Z", - "stargazers_count": 503, - "watchers_count": 503, + "stargazers_count": 504, + "watchers_count": 504, "forks_count": 94, "allow_forking": true, "is_template": false, @@ -539,7 +539,7 @@ ], "visibility": "public", "forks": 94, - "watchers": 503, + "watchers": 504, "score": 0 }, { @@ -6146,10 +6146,10 @@ "description": "Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more.", "fork": false, "created_at": "2021-12-24T13:18:49Z", - "updated_at": "2022-08-29T04:01:32Z", + "updated_at": "2022-09-09T16:21:22Z", "pushed_at": "2022-08-12T20:12:50Z", - "stargazers_count": 83, - "watchers_count": 83, + "stargazers_count": 84, + "watchers_count": 84, "forks_count": 20, "allow_forking": true, "is_template": false, @@ -6157,7 +6157,7 @@ "topics": [], "visibility": "public", "forks": 20, - "watchers": 83, + "watchers": 84, "score": 0 }, { @@ -6202,18 +6202,18 @@ "description": "PoC for CVE-2021-44228.", "fork": false, "created_at": "2021-12-24T19:26:36Z", - "updated_at": "2022-09-01T09:25:32Z", + "updated_at": "2022-09-09T14:29:56Z", "pushed_at": "2021-12-25T11:26:49Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 4, + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 5, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 4, - "watchers": 3, + "forks": 5, + "watchers": 4, "score": 0 }, { diff --git a/2022/CVE-2022-20128.json b/2022/CVE-2022-20128.json new file mode 100644 index 0000000000..882c64a2c3 --- /dev/null +++ b/2022/CVE-2022-20128.json @@ -0,0 +1,30 @@ +[ + { + "id": 534637282, + "name": "CVE-2022-20128", + "full_name": "irsl\/CVE-2022-20128", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2022-20128", + "description": "Android Debug Bridge (adb) was vulnerable to directory traversal attacks that could have been mounted by rogue\/compromised adb daemons during an adb pull operation.", + "fork": false, + "created_at": "2022-09-09T12:40:21Z", + "updated_at": "2022-09-09T12:40:55Z", + "pushed_at": "2022-09-09T12:42:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2588.json b/2022/CVE-2022-2588.json index 590a69b07d..8b42f30371 100644 --- a/2022/CVE-2022-2588.json +++ b/2022/CVE-2022-2588.json @@ -69,18 +69,18 @@ "description": "CVE-2022-2588,CVE-2022-2586,CVE-2022-2585 ", "fork": false, "created_at": "2022-08-23T13:23:29Z", - "updated_at": "2022-08-23T10:42:46Z", + "updated_at": "2022-09-09T13:56:58Z", "pushed_at": "2022-08-23T10:47:36Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 0, + "forks": 2, + "watchers": 1, "score": 0 }, { diff --git a/2022/CVE-2022-26134.json b/2022/CVE-2022-26134.json index d9c707abc6..299aa7c337 100644 --- a/2022/CVE-2022-26134.json +++ b/2022/CVE-2022-26134.json @@ -13,10 +13,10 @@ "description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。", "fork": false, "created_at": "2022-05-31T07:44:01Z", - "updated_at": "2022-09-09T07:44:10Z", + "updated_at": "2022-09-09T16:15:03Z", "pushed_at": "2022-08-29T12:54:56Z", - "stargazers_count": 745, - "watchers_count": 745, + "stargazers_count": 746, + "watchers_count": 746, "forks_count": 138, "allow_forking": true, "is_template": false, @@ -44,7 +44,7 @@ ], "visibility": "public", "forks": 138, - "watchers": 745, + "watchers": 746, "score": 0 }, { diff --git a/2022/CVE-2022-29464.json b/2022/CVE-2022-29464.json index e9bb5a570a..069f85e5a2 100644 --- a/2022/CVE-2022-29464.json +++ b/2022/CVE-2022-29464.json @@ -13,10 +13,10 @@ "description": "WSO2 RCE (CVE-2022-29464) exploit and writeup.", "fork": false, "created_at": "2022-04-20T21:23:52Z", - "updated_at": "2022-09-06T16:15:58Z", + "updated_at": "2022-09-09T14:28:57Z", "pushed_at": "2022-04-27T05:52:43Z", - "stargazers_count": 306, - "watchers_count": 306, + "stargazers_count": 307, + "watchers_count": 307, "forks_count": 69, "allow_forking": true, "is_template": false, @@ -26,7 +26,7 @@ ], "visibility": "public", "forks": 69, - "watchers": 306, + "watchers": 307, "score": 0 }, { diff --git a/2022/CVE-2022-30075.json b/2022/CVE-2022-30075.json index 8743faad43..1eedb0f05e 100644 --- a/2022/CVE-2022-30075.json +++ b/2022/CVE-2022-30075.json @@ -17,13 +17,13 @@ "pushed_at": "2022-06-16T12:42:43Z", "stargazers_count": 167, "watchers_count": 167, - "forks_count": 40, + "forks_count": 41, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 40, + "forks": 41, "watchers": 167, "score": 0 }, diff --git a/2022/CVE-2022-31188.json b/2022/CVE-2022-31188.json index e498243015..6760455f6e 100644 --- a/2022/CVE-2022-31188.json +++ b/2022/CVE-2022-31188.json @@ -13,18 +13,18 @@ "description": "CVE-2022-31188 - OpenCV CVAT (Computer Vision Annotation Tool) SSRF", "fork": false, "created_at": "2022-09-09T10:36:59Z", - "updated_at": "2022-09-09T10:36:59Z", + "updated_at": "2022-09-09T14:51:45Z", "pushed_at": "2022-09-09T11:26:24Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 0, + "forks": 1, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-3168.json b/2022/CVE-2022-3168.json new file mode 100644 index 0000000000..e4b15c41fa --- /dev/null +++ b/2022/CVE-2022-3168.json @@ -0,0 +1,30 @@ +[ + { + "id": 534634523, + "name": "CVE-2022-3168-adb-unexpected-reverse-forwards", + "full_name": "irsl\/CVE-2022-3168-adb-unexpected-reverse-forwards", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2022-3168-adb-unexpected-reverse-forwards", + "description": "Proof of concept code to exploit flaw in adb that allowed opening network connections on the host to arbitrary destinations", + "fork": false, + "created_at": "2022-09-09T12:31:56Z", + "updated_at": "2022-09-09T12:35:41Z", + "pushed_at": "2022-09-09T12:39:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36446.json b/2022/CVE-2022-36446.json index 019ddbb72f..b9e063a309 100644 --- a/2022/CVE-2022-36446.json +++ b/2022/CVE-2022-36446.json @@ -49,18 +49,18 @@ "description": "CVE-2022-36446 - Webmin 1.996 Remote Code Execution", "fork": false, "created_at": "2022-09-09T10:34:53Z", - "updated_at": "2022-09-09T10:34:53Z", + "updated_at": "2022-09-09T14:52:49Z", "pushed_at": "2022-09-09T10:35:09Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 0, + "forks": 1, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-40297.json b/2022/CVE-2022-40297.json new file mode 100644 index 0000000000..d1509f40d3 --- /dev/null +++ b/2022/CVE-2022-40297.json @@ -0,0 +1,47 @@ +[ + { + "id": 532543106, + "name": "PoC-ubuntutouch-pin-privesc", + "full_name": "filipkarc\/PoC-ubuntutouch-pin-privesc", + "owner": { + "login": "filipkarc", + "id": 111286209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111286209?v=4", + "html_url": "https:\/\/github.com\/filipkarc" + }, + "html_url": "https:\/\/github.com\/filipkarc\/PoC-ubuntutouch-pin-privesc", + "description": "CVE-2022-40297 - Proof of Concept: Privilage escalation in Ubuntu Touch 16.04 - by PIN Bruteforce", + "fork": false, + "created_at": "2022-09-04T13:05:58Z", + "updated_at": "2022-09-09T12:30:44Z", + "pushed_at": "2022-09-09T12:29:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "brute-force", + "bruteforce", + "bugbountytips", + "bugbountytricks", + "exploit", + "hacking", + "linux", + "linuxphone", + "malware", + "mobile", + "pentesting", + "privesc", + "ubuntu", + "ubuntutouch", + "vulnerability", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40317.json b/2022/CVE-2022-40317.json new file mode 100644 index 0000000000..8167b47aff --- /dev/null +++ b/2022/CVE-2022-40317.json @@ -0,0 +1,30 @@ +[ + { + "id": 534698979, + "name": "CVE-2022-40317", + "full_name": "izdiwho\/CVE-2022-40317", + "owner": { + "login": "izdiwho", + "id": 5587598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5587598?v=4", + "html_url": "https:\/\/github.com\/izdiwho" + }, + "html_url": "https:\/\/github.com\/izdiwho\/CVE-2022-40317", + "description": null, + "fork": false, + "created_at": "2022-09-09T15:27:12Z", + "updated_at": "2022-09-09T17:19:26Z", + "pushed_at": "2022-09-09T17:14:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 89c7d7461a..b8f98523e3 100644 --- a/README.md +++ b/README.md @@ -550,6 +550,9 @@ An integer coercion error was found in the openvswitch kernel module. Given a su - [avboy1337/CVE-2022-2639-PipeVersion](https://github.com/avboy1337/CVE-2022-2639-PipeVersion) +### CVE-2022-3168 +- [irsl/CVE-2022-3168-adb-unexpected-reverse-forwards](https://github.com/irsl/CVE-2022-3168-adb-unexpected-reverse-forwards) + ### CVE-2022-3452 - [kenyon-wong/cve-2022-3452](https://github.com/kenyon-wong/cve-2022-3452) @@ -610,6 +613,9 @@ In setScanMode of AdapterService.java, there is a possible way to enable Bluetoo - [Trinadh465/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126](https://github.com/Trinadh465/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126) +### CVE-2022-20128 +- [irsl/CVE-2022-20128](https://github.com/irsl/CVE-2022-20128) + ### CVE-2022-20130 (2022-06-15) @@ -3478,6 +3484,22 @@ Systematic FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017 allows remote file inclusion - [jet-pentest/CVE-2022-39838](https://github.com/jet-pentest/CVE-2022-39838) +### CVE-2022-40297 (2022-09-08) + + +UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. + + +- [filipkarc/PoC-ubuntutouch-pin-privesc](https://github.com/filipkarc/PoC-ubuntutouch-pin-privesc) + +### CVE-2022-40317 (2022-09-09) + + +OpenKM 6.3.11 allows stored XSS related to the javascript: substring in an A element. + + +- [izdiwho/CVE-2022-40317](https://github.com/izdiwho/CVE-2022-40317) + ## 2021 ### CVE-2021-0302 (2021-02-10)