Auto Update 2020/05/01 18:07:31

2025-01-16 04:42:22 +01:00 · 2020-05-01 18:07:31 +09:00 · 2020-05-01 18:07:31 +09:00 · a58de07c8d
commit a58de07c8d
parent 34244a9858
13 changed files with 125 additions and 45 deletions
--- a/2009/CVE-2009-1330.json
+++ b/2009/CVE-2009-1330.json
@ -1,4 +1,27 @@
 [
+    {
+        "id": 163585014,
+        "name": "CVE-2009-1330",
+        "full_name": "adenkiewicz\/CVE-2009-1330",
+        "owner": {
+            "login": "adenkiewicz",
+            "id": 1060275,
+            "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1060275?v=4",
+            "html_url": "https:\/\/github.com\/adenkiewicz"
+        },
+        "html_url": "https:\/\/github.com\/adenkiewicz\/CVE-2009-1330",
+        "description": "Simple exploit for Easy RM to MP3 Converter 2.7.3.700 on Windows 7 32b.",
+        "fork": false,
+        "created_at": "2018-12-30T12:17:08Z",
+        "updated_at": "2018-12-31T10:09:34Z",
+        "pushed_at": "2018-12-31T09:59:17Z",
+        "stargazers_count": 0,
+        "watchers_count": 0,
+        "forks_count": 0,
+        "forks": 0,
+        "watchers": 0,
+        "score": 0
+    },
    {
        "id": 164236833,
        "name": "CVE-2009-1330",
@ -21,5 +44,28 @@
        "forks": 0,
        "watchers": 0,
        "score": 0
+    },
+    {
+        "id": 171340357,
+        "name": "CVE-2009-1330_EasyRMToMp3Converter",
+        "full_name": "exploitwritter\/CVE-2009-1330_EasyRMToMp3Converter",
+        "owner": {
+            "login": "exploitwritter",
+            "id": 47488127,
+            "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/47488127?v=4",
+            "html_url": "https:\/\/github.com\/exploitwritter"
+        },
+        "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2009-1330_EasyRMToMp3Converter",
+        "description": "Easy RM to MP3 Converter  es un software que sufre de una vulnerabiliad de desbordamiento de buffer basada en la pila o StackBufferOverflow lo cual puede permite a los atacantes remotos ejecutar código arbitrario a través de un nombre de archivo largo en un archivo de lista de reproducción (.pls)",
+        "fork": false,
+        "created_at": "2019-02-18T19:07:02Z",
+        "updated_at": "2019-02-28T20:19:32Z",
+        "pushed_at": "2019-02-28T20:19:31Z",
+        "stargazers_count": 0,
+        "watchers_count": 0,
+        "forks_count": 0,
+        "forks": 0,
+        "watchers": 0,
+        "score": 0
    }
 ]
--- a/2014/CVE-2014-7169.json
+++ b/2014/CVE-2014-7169.json
@ -17,8 +17,8 @@
        "pushed_at": "2017-04-25T06:31:01Z",
        "stargazers_count": 5,
        "watchers_count": 5,
-        "forks_count": 2,
-        "forks": 2,
+        "forks_count": 1,
+        "forks": 1,
        "watchers": 5,
        "score": 0
    },
--- a/2017/CVE-2017-12149.json
+++ b/2017/CVE-2017-12149.json
@ -36,13 +36,13 @@
        "description": "CVE-2017-12149 jboss反序列化 可回显",
        "fork": false,
        "created_at": "2017-11-28T02:52:47Z",
-        "updated_at": "2020-04-29T02:45:07Z",
+        "updated_at": "2020-05-01T05:14:39Z",
        "pushed_at": "2019-03-13T08:57:50Z",
-        "stargazers_count": 92,
-        "watchers_count": 92,
+        "stargazers_count": 93,
+        "watchers_count": 93,
        "forks_count": 33,
        "forks": 33,
-        "watchers": 92,
+        "watchers": 93,
        "score": 0
    },
    {
--- a/2017/CVE-2017-5638.json
+++ b/2017/CVE-2017-5638.json
@ -715,14 +715,14 @@
    {
        "id": 92664422,
        "name": "Apache-Struts",
-        "full_name": "Reslient\/Apache-Struts",
+        "full_name": "NyaMeeEain\/Apache-Struts",
        "owner": {
-            "login": "Reslient",
+            "login": "NyaMeeEain",
            "id": 28331671,
            "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/28331671?v=4",
-            "html_url": "https:\/\/github.com\/Reslient"
+            "html_url": "https:\/\/github.com\/NyaMeeEain"
        },
-        "html_url": "https:\/\/github.com\/Reslient\/Apache-Struts",
+        "html_url": "https:\/\/github.com\/NyaMeeEain\/Apache-Struts",
        "description": " An exploit for Apache Struts CVE-2017-5638",
        "fork": false,
        "created_at": "2017-05-28T13:56:59Z",
--- a/2019/CVE-2019-12409.json
+++ b/2019/CVE-2019-12409.json
@ -13,13 +13,13 @@
        "description": "Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS=\"true\")",
        "fork": false,
        "created_at": "2019-11-19T08:53:56Z",
-        "updated_at": "2020-04-27T11:24:05Z",
+        "updated_at": "2020-05-01T06:05:15Z",
        "pushed_at": "2019-11-19T09:18:00Z",
-        "stargazers_count": 84,
-        "watchers_count": 84,
+        "stargazers_count": 85,
+        "watchers_count": 85,
        "forks_count": 25,
        "forks": 25,
-        "watchers": 84,
+        "watchers": 85,
        "score": 0
    }
 ]
--- a/2019/CVE-2019-16278.json
+++ b/2019/CVE-2019-16278.json
@ -36,13 +36,13 @@
        "description": "CVE-2019-16728  Proof of Concept",
        "fork": false,
        "created_at": "2019-10-15T09:22:36Z",
-        "updated_at": "2020-04-24T12:52:02Z",
+        "updated_at": "2020-05-01T05:50:43Z",
        "pushed_at": "2019-10-15T09:28:25Z",
-        "stargazers_count": 6,
-        "watchers_count": 6,
-        "forks_count": 0,
-        "forks": 0,
-        "watchers": 6,
+        "stargazers_count": 7,
+        "watchers_count": 7,
+        "forks_count": 1,
+        "forks": 1,
+        "watchers": 7,
        "score": 0
    },
    {
@ -63,8 +63,8 @@
        "pushed_at": "2020-01-11T07:25:38Z",
        "stargazers_count": 3,
        "watchers_count": 3,
-        "forks_count": 3,
-        "forks": 3,
+        "forks_count": 4,
+        "forks": 4,
        "watchers": 3,
        "score": 0
    },
--- a/2019/CVE-2019-19781.json
+++ b/2019/CVE-2019-19781.json
@ -105,13 +105,13 @@
        "description": "Citrix ADC Remote Code Execution",
        "fork": false,
        "created_at": "2020-01-11T03:10:12Z",
-        "updated_at": "2020-04-29T04:55:19Z",
+        "updated_at": "2020-05-01T06:03:56Z",
        "pushed_at": "2020-01-11T14:03:52Z",
-        "stargazers_count": 66,
-        "watchers_count": 66,
+        "stargazers_count": 67,
+        "watchers_count": 67,
        "forks_count": 16,
        "forks": 16,
-        "watchers": 66,
+        "watchers": 67,
        "score": 0
    },
    {
--- a/2019/CVE-2019-2215.json
+++ b/2019/CVE-2019-2215.json
@ -63,8 +63,8 @@
        "pushed_at": "2019-10-15T01:04:08Z",
        "stargazers_count": 46,
        "watchers_count": 46,
-        "forks_count": 33,
-        "forks": 33,
+        "forks_count": 34,
+        "forks": 34,
        "watchers": 46,
        "score": 0
    },
--- a/2020/CVE-2020-0668.json
+++ b/2020/CVE-2020-0668.json
@ -36,13 +36,13 @@
        "description": "Use CVE-2020-0668 to perform an arbitrary privileged file move operation.",
        "fork": false,
        "created_at": "2020-02-20T06:22:40Z",
-        "updated_at": "2020-04-30T18:05:56Z",
+        "updated_at": "2020-05-01T09:00:51Z",
        "pushed_at": "2020-02-20T11:03:18Z",
-        "stargazers_count": 163,
-        "watchers_count": 163,
+        "stargazers_count": 165,
+        "watchers_count": 165,
        "forks_count": 39,
        "forks": 39,
-        "watchers": 163,
+        "watchers": 165,
        "score": 0
    },
    {
--- a/2020/CVE-2020-0796.json
+++ b/2020/CVE-2020-0796.json
@ -956,13 +956,13 @@
        "description": "CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost",
        "fork": false,
        "created_at": "2020-03-30T11:42:56Z",
-        "updated_at": "2020-05-01T02:43:24Z",
+        "updated_at": "2020-05-01T06:02:04Z",
        "pushed_at": "2020-04-08T19:27:07Z",
-        "stargazers_count": 850,
-        "watchers_count": 850,
+        "stargazers_count": 851,
+        "watchers_count": 851,
        "forks_count": 245,
        "forks": 245,
-        "watchers": 850,
+        "watchers": 851,
        "score": 0
    },
    {
--- a/2020/CVE-2020-1938.json
+++ b/2020/CVE-2020-1938.json
@ -13,13 +13,13 @@
        "description": "CVE-2020-1938",
        "fork": false,
        "created_at": "2020-02-20T16:32:52Z",
-        "updated_at": "2020-04-27T11:24:59Z",
+        "updated_at": "2020-05-01T06:03:09Z",
        "pushed_at": "2020-02-25T02:04:16Z",
-        "stargazers_count": 159,
-        "watchers_count": 159,
+        "stargazers_count": 160,
+        "watchers_count": 160,
        "forks_count": 88,
        "forks": 88,
-        "watchers": 159,
+        "watchers": 160,
        "score": 0
    },
    {
--- a/2020/CVE-2020-3952.json
+++ b/2020/CVE-2020-3952.json
@ -59,13 +59,13 @@
        "description": "Exploit for CVE-2020-3952 in vCenter 6.7",
        "fork": false,
        "created_at": "2020-04-16T07:40:51Z",
-        "updated_at": "2020-04-30T01:13:07Z",
+        "updated_at": "2020-05-01T04:12:04Z",
        "pushed_at": "2020-04-16T08:38:42Z",
-        "stargazers_count": 180,
-        "watchers_count": 180,
+        "stargazers_count": 181,
+        "watchers_count": 181,
        "forks_count": 33,
        "forks": 33,
-        "watchers": 180,
+        "watchers": 181,
        "score": 0
    },
    {
--- a/README.md
+++ b/README.md
@ -8520,7 +8520,7 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be
 - [Aasron/Struts2-045-Exp](https://github.com/Aasron/Struts2-045-Exp)
 - [SpiderMate/Stutsfi](https://github.com/SpiderMate/Stutsfi)
 - [jpacora/Struts2Shell](https://github.com/jpacora/Struts2Shell)
- [Reslient/Apache-Struts](https://github.com/Reslient/Apache-Struts)
+- [NyaMeeEain/Apache-Struts](https://github.com/NyaMeeEain/Apache-Struts)
 - [AndreasKl/CVE-2017-5638](https://github.com/AndreasKl/CVE-2017-5638)
 - [riyazwalikar/struts-rce-cve-2017-5638](https://github.com/riyazwalikar/struts-rce-cve-2017-5638)
 - [homjxi0e/CVE-2017-5638](https://github.com/homjxi0e/CVE-2017-5638)
@ -12742,6 +12742,14 @@ Open redirect vulnerability in the web interface in the Rockwell Automation Cont

 - [akbarq/CVE-2009-0473](https://github.com/akbarq/CVE-2009-0473)

+### CVE-2009-0689
+
+<code>
+Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
+</code>
+
+- [Fullmetal5/str2hax](https://github.com/Fullmetal5/str2hax)
+
 ### CVE-2009-1151

 <code>
@ -12750,13 +12758,31 @@ Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.1

 - [minervais/pocs](https://github.com/minervais/pocs)

+### CVE-2009-1244
+
+<code>
+Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
+</code>
+
+- [piotrbania/vmware_exploit_pack_CVE-2009-1244](https://github.com/piotrbania/vmware_exploit_pack_CVE-2009-1244)
+
+### CVE-2009-1324
+
+<code>
+Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
+</code>
+
+- [war4uthor/CVE-2009-1324](https://github.com/war4uthor/CVE-2009-1324)
+
 ### CVE-2009-1330

 <code>
 Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
 </code>

+- [adenkiewicz/CVE-2009-1330](https://github.com/adenkiewicz/CVE-2009-1330)
 - [war4uthor/CVE-2009-1330](https://github.com/war4uthor/CVE-2009-1330)
+- [exploitwritter/CVE-2009-1330_EasyRMToMp3Converter](https://github.com/exploitwritter/CVE-2009-1330_EasyRMToMp3Converter)

 ### CVE-2009-1437

@ -12782,6 +12808,14 @@ The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not in

 - [jdvalentini/CVE-2009-2692](https://github.com/jdvalentini/CVE-2009-2692)

+### CVE-2009-2698
+
+<code>
+The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
+</code>
+
+- [xiaoxiaoleo/CVE-2009-2698](https://github.com/xiaoxiaoleo/CVE-2009-2698)
+
 ### CVE-2009-3103

 <code>