From a87431177d66300ce57f67771861b1254b63bace Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Mon, 26 Aug 2024 09:29:28 +0900 Subject: [PATCH] Auto Update 2024/08/26 00:29:28 --- 2017/CVE-2017-12615.json | 8 ++++---- 2018/CVE-2018-3191.json | 4 ++-- 2018/CVE-2018-4441.json | 8 ++++---- 2020/CVE-2020-15368.json | 8 ++++---- 2020/CVE-2020-1938.json | 8 ++++---- 2021/CVE-2021-36808.json | 8 ++++---- 2021/CVE-2021-40444.json | 8 ++++---- 2022/CVE-2022-35914.json | 34 ++++++++++++++++++++++++++++++++-- 2022/CVE-2022-37706.json | 4 ++-- 2022/CVE-2022-38694.json | 8 ++++---- 2023/CVE-2023-42793.json | 4 ++-- 2024/CVE-2024-1086.json | 8 ++++---- 2024/CVE-2024-21413.json | 8 ++++---- 2024/CVE-2024-25600.json | 8 ++++---- 2024/CVE-2024-28000.json | 8 ++++---- 2024/CVE-2024-30088.json | 8 ++++---- 2024/CVE-2024-38063.json | 20 ++++++++++---------- 2024/CVE-2024-40892.json | 8 ++++---- 2024/CVE-2024-44083.json | 10 +++++----- 2024/CVE-2024-5932.json | 12 +++++++++--- 2024/CVE-2024-7928.json | 8 ++++---- README.md | 1 + 22 files changed, 119 insertions(+), 82 deletions(-) diff --git a/2017/CVE-2017-12615.json b/2017/CVE-2017-12615.json index d6fcb50772..160ad85d9d 100644 --- a/2017/CVE-2017-12615.json +++ b/2017/CVE-2017-12615.json @@ -343,10 +343,10 @@ "description": "Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取\/包含", "fork": false, "created_at": "2022-11-13T11:01:41Z", - "updated_at": "2024-08-23T02:38:44Z", + "updated_at": "2024-08-25T20:04:36Z", "pushed_at": "2022-11-15T09:05:50Z", - "stargazers_count": 180, - "watchers_count": 180, + "stargazers_count": 181, + "watchers_count": 181, "has_discussions": false, "forks_count": 17, "allow_forking": true, @@ -355,7 +355,7 @@ "topics": [], "visibility": "public", "forks": 17, - "watchers": 180, + "watchers": 181, "score": 0, "subscribers_count": 4 }, diff --git a/2018/CVE-2018-3191.json b/2018/CVE-2018-3191.json index 51ecb15049..0240036fab 100644 --- a/2018/CVE-2018-3191.json +++ b/2018/CVE-2018-3191.json @@ -18,13 +18,13 @@ "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, - "forks_count": 49, + "forks_count": 48, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 49, + "forks": 48, "watchers": 0, "score": 0, "subscribers_count": 1 diff --git a/2018/CVE-2018-4441.json b/2018/CVE-2018-4441.json index d6cbc42831..4849276f8b 100644 --- a/2018/CVE-2018-4441.json +++ b/2018/CVE-2018-4441.json @@ -13,10 +13,10 @@ "description": "A WebKit exploit using CVE-2018-4441 to obtain RCE on PS4 6.20.", "fork": false, "created_at": "2019-03-08T18:06:10Z", - "updated_at": "2024-08-12T19:46:30Z", + "updated_at": "2024-08-25T20:04:02Z", "pushed_at": "2019-03-08T18:42:56Z", - "stargazers_count": 198, - "watchers_count": 198, + "stargazers_count": 199, + "watchers_count": 199, "has_discussions": false, "forks_count": 53, "allow_forking": true, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 53, - "watchers": 198, + "watchers": 199, "score": 0, "subscribers_count": 32 } diff --git a/2020/CVE-2020-15368.json b/2020/CVE-2020-15368.json index b99cb67879..10eb5d83f1 100644 --- a/2020/CVE-2020-15368.json +++ b/2020/CVE-2020-15368.json @@ -13,10 +13,10 @@ "description": "CVE-2020-15368, aka \"How to exploit a vulnerable driver\"", "fork": false, "created_at": "2021-06-29T04:38:24Z", - "updated_at": "2024-08-25T12:12:39Z", + "updated_at": "2024-08-25T20:15:43Z", "pushed_at": "2022-04-14T03:17:44Z", - "stargazers_count": 423, - "watchers_count": 423, + "stargazers_count": 424, + "watchers_count": 424, "has_discussions": false, "forks_count": 45, "allow_forking": true, @@ -30,7 +30,7 @@ ], "visibility": "public", "forks": 45, - "watchers": 423, + "watchers": 424, "score": 0, "subscribers_count": 6 }, diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 8af3e5f0be..481a28135f 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -859,10 +859,10 @@ "description": "Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取\/包含", "fork": false, "created_at": "2022-11-13T11:01:41Z", - "updated_at": "2024-08-23T02:38:44Z", + "updated_at": "2024-08-25T20:04:36Z", "pushed_at": "2022-11-15T09:05:50Z", - "stargazers_count": 180, - "watchers_count": 180, + "stargazers_count": 181, + "watchers_count": 181, "has_discussions": false, "forks_count": 17, "allow_forking": true, @@ -871,7 +871,7 @@ "topics": [], "visibility": "public", "forks": 17, - "watchers": 180, + "watchers": 181, "score": 0, "subscribers_count": 4 }, diff --git a/2021/CVE-2021-36808.json b/2021/CVE-2021-36808.json index 3f86c512d8..5e79bd3bb4 100644 --- a/2021/CVE-2021-36808.json +++ b/2021/CVE-2021-36808.json @@ -13,10 +13,10 @@ "description": "A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.", "fork": false, "created_at": "2021-11-09T07:48:55Z", - "updated_at": "2024-08-12T17:00:42Z", + "updated_at": "2024-08-25T22:49:14Z", "pushed_at": "2021-11-09T07:54:48Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 0, + "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 0, "score": 0, "subscribers_count": 1 } diff --git a/2021/CVE-2021-40444.json b/2021/CVE-2021-40444.json index e76ba09cab..6308245c26 100644 --- a/2021/CVE-2021-40444.json +++ b/2021/CVE-2021-40444.json @@ -223,10 +223,10 @@ "description": "CVE-2021-40444 PoC", "fork": false, "created_at": "2021-09-10T16:55:53Z", - "updated_at": "2024-08-23T14:48:16Z", + "updated_at": "2024-08-25T23:24:56Z", "pushed_at": "2021-12-25T18:31:02Z", - "stargazers_count": 1570, - "watchers_count": 1570, + "stargazers_count": 1571, + "watchers_count": 1571, "has_discussions": false, "forks_count": 482, "allow_forking": true, @@ -235,7 +235,7 @@ "topics": [], "visibility": "public", "forks": 482, - "watchers": 1570, + "watchers": 1571, "score": 0, "subscribers_count": 28 }, diff --git a/2022/CVE-2022-35914.json b/2022/CVE-2022-35914.json index a19577628f..a5d36be633 100644 --- a/2022/CVE-2022-35914.json +++ b/2022/CVE-2022-35914.json @@ -18,13 +18,13 @@ "stargazers_count": 45, "watchers_count": 45, "has_discussions": false, - "forks_count": 13, + "forks_count": 11, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 13, + "forks": 11, "watchers": 45, "score": 0, "subscribers_count": 2 @@ -208,5 +208,35 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 847425433, + "name": "CVE-2022-35914_poc", + "full_name": "noxlumens\/CVE-2022-35914_poc", + "owner": { + "login": "noxlumens", + "id": 111706416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111706416?v=4", + "html_url": "https:\/\/github.com\/noxlumens" + }, + "html_url": "https:\/\/github.com\/noxlumens\/CVE-2022-35914_poc", + "description": "Modified for GLPI Offsec Lab: call_user_func, array_map, passthru", + "fork": false, + "created_at": "2024-08-25T19:32:59Z", + "updated_at": "2024-08-25T19:34:26Z", + "pushed_at": "2024-08-25T19:34:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-37706.json b/2022/CVE-2022-37706.json index fa73ecaff6..fc468bb6c4 100644 --- a/2022/CVE-2022-37706.json +++ b/2022/CVE-2022-37706.json @@ -18,13 +18,13 @@ "stargazers_count": 282, "watchers_count": 282, "has_discussions": false, - "forks_count": 42, + "forks_count": 41, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 42, + "forks": 41, "watchers": 282, "score": 0, "subscribers_count": 6 diff --git a/2022/CVE-2022-38694.json b/2022/CVE-2022-38694.json index 9bfb238d35..28932a6768 100644 --- a/2022/CVE-2022-38694.json +++ b/2022/CVE-2022-38694.json @@ -13,10 +13,10 @@ "description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", "fork": false, "created_at": "2023-06-10T08:31:26Z", - "updated_at": "2024-08-24T16:41:56Z", + "updated_at": "2024-08-25T18:50:01Z", "pushed_at": "2024-08-01T15:09:15Z", - "stargazers_count": 249, - "watchers_count": 249, + "stargazers_count": 250, + "watchers_count": 250, "has_discussions": true, "forks_count": 36, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 36, - "watchers": 249, + "watchers": 250, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-42793.json b/2023/CVE-2023-42793.json index 8d16caf9d8..7b2605943c 100644 --- a/2023/CVE-2023-42793.json +++ b/2023/CVE-2023-42793.json @@ -268,8 +268,8 @@ "description": "TeamCity CVE-2023-42793 RCE (Remote Code Execution)", "fork": false, "created_at": "2024-08-24T17:17:21Z", - "updated_at": "2024-08-25T14:15:12Z", - "pushed_at": "2024-08-25T14:15:08Z", + "updated_at": "2024-08-25T20:58:50Z", + "pushed_at": "2024-08-25T20:58:47Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2024/CVE-2024-1086.json b/2024/CVE-2024-1086.json index 075e3a4d2e..c7e5d283ea 100644 --- a/2024/CVE-2024-1086.json +++ b/2024/CVE-2024-1086.json @@ -13,10 +13,10 @@ "description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.", "fork": false, "created_at": "2024-03-20T21:16:41Z", - "updated_at": "2024-08-24T22:52:33Z", + "updated_at": "2024-08-25T21:02:30Z", "pushed_at": "2024-04-17T16:09:54Z", - "stargazers_count": 2222, - "watchers_count": 2222, + "stargazers_count": 2223, + "watchers_count": 2223, "has_discussions": false, "forks_count": 291, "allow_forking": true, @@ -31,7 +31,7 @@ ], "visibility": "public", "forks": 291, - "watchers": 2222, + "watchers": 2223, "score": 0, "subscribers_count": 23 }, diff --git a/2024/CVE-2024-21413.json b/2024/CVE-2024-21413.json index 8ba3ef51df..7724170808 100644 --- a/2024/CVE-2024-21413.json +++ b/2024/CVE-2024-21413.json @@ -43,10 +43,10 @@ "description": "Microsoft-Outlook-Remote-Code-Execution-Vulnerability", "fork": false, "created_at": "2024-02-16T15:17:59Z", - "updated_at": "2024-08-24T09:40:32Z", + "updated_at": "2024-08-25T20:02:46Z", "pushed_at": "2024-02-19T20:00:35Z", - "stargazers_count": 663, - "watchers_count": 663, + "stargazers_count": 664, + "watchers_count": 664, "has_discussions": false, "forks_count": 147, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 147, - "watchers": 663, + "watchers": 664, "score": 0, "subscribers_count": 10 }, diff --git a/2024/CVE-2024-25600.json b/2024/CVE-2024-25600.json index 683174bfe3..0adc50c17f 100644 --- a/2024/CVE-2024-25600.json +++ b/2024/CVE-2024-25600.json @@ -13,10 +13,10 @@ "description": "Unauthenticated Remote Code Execution – Bricks <= 1.9.6", "fork": false, "created_at": "2024-02-20T20:16:09Z", - "updated_at": "2024-08-25T16:03:45Z", + "updated_at": "2024-08-25T22:58:47Z", "pushed_at": "2024-02-25T21:50:09Z", - "stargazers_count": 143, - "watchers_count": 143, + "stargazers_count": 144, + "watchers_count": 144, "has_discussions": false, "forks_count": 32, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 32, - "watchers": 143, + "watchers": 144, "score": 0, "subscribers_count": 3 }, diff --git a/2024/CVE-2024-28000.json b/2024/CVE-2024-28000.json index d8100c8f73..723736b7e9 100644 --- a/2024/CVE-2024-28000.json +++ b/2024/CVE-2024-28000.json @@ -13,10 +13,10 @@ "description": "LiteSpeed Cache Privilege Escalation PoC", "fork": false, "created_at": "2024-08-24T05:12:56Z", - "updated_at": "2024-08-25T09:49:25Z", + "updated_at": "2024-08-25T23:41:50Z", "pushed_at": "2024-08-25T03:06:56Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 6, + "watchers": 7, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-30088.json b/2024/CVE-2024-30088.json index e9c49338d8..2709068d47 100644 --- a/2024/CVE-2024-30088.json +++ b/2024/CVE-2024-30088.json @@ -103,10 +103,10 @@ "description": "Kernel exploit for Xbox SystemOS using CVE-2024-30088", "fork": false, "created_at": "2024-07-15T08:07:05Z", - "updated_at": "2024-08-25T00:06:34Z", + "updated_at": "2024-08-26T00:10:42Z", "pushed_at": "2024-08-19T15:29:58Z", - "stargazers_count": 305, - "watchers_count": 305, + "stargazers_count": 306, + "watchers_count": 306, "has_discussions": false, "forks_count": 27, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 27, - "watchers": 305, + "watchers": 306, "score": 0, "subscribers_count": 17 }, diff --git a/2024/CVE-2024-38063.json b/2024/CVE-2024-38063.json index 50f4689f7a..75fd4279e2 100644 --- a/2024/CVE-2024-38063.json +++ b/2024/CVE-2024-38063.json @@ -73,19 +73,19 @@ "description": "Note: I am not responsible for any bad act. This is written by Chirag Artani to demonstrate the vulnerability.", "fork": false, "created_at": "2024-08-17T14:58:36Z", - "updated_at": "2024-08-25T15:22:35Z", + "updated_at": "2024-08-25T20:15:24Z", "pushed_at": "2024-08-21T06:24:27Z", - "stargazers_count": 68, - "watchers_count": 68, + "stargazers_count": 69, + "watchers_count": 69, "has_discussions": false, - "forks_count": 23, + "forks_count": 24, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 23, - "watchers": 68, + "forks": 24, + "watchers": 69, "score": 0, "subscribers_count": 4 }, @@ -256,10 +256,10 @@ "description": "poc for CVE-2024-38063 (RCE in tcpip.sys)", "fork": false, "created_at": "2024-08-24T18:25:46Z", - "updated_at": "2024-08-25T12:35:24Z", + "updated_at": "2024-08-25T22:20:46Z", "pushed_at": "2024-08-25T12:35:21Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -268,7 +268,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-40892.json b/2024/CVE-2024-40892.json index 2d0bbf67fa..d018e045fb 100644 --- a/2024/CVE-2024-40892.json +++ b/2024/CVE-2024-40892.json @@ -13,10 +13,10 @@ "description": "Proof of Concept code for interaction with Firewalla via Bluetooth Low-Energy and exploitation of CVE-2024-40892 \/ CVE-2024-40893", "fork": false, "created_at": "2024-08-21T17:27:21Z", - "updated_at": "2024-08-22T03:49:46Z", + "updated_at": "2024-08-25T19:39:16Z", "pushed_at": "2024-08-21T17:35:50Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 3, + "watchers": 4, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-44083.json b/2024/CVE-2024-44083.json index 21b9b21d8f..6cc3e24460 100644 --- a/2024/CVE-2024-44083.json +++ b/2024/CVE-2024-44083.json @@ -13,10 +13,10 @@ "description": "Makes IDA (all versions) to crash upon opening it. ", "fork": false, "created_at": "2024-08-25T12:33:14Z", - "updated_at": "2024-08-25T18:06:58Z", - "pushed_at": "2024-08-25T13:07:50Z", - "stargazers_count": 13, - "watchers_count": 13, + "updated_at": "2024-08-26T00:13:00Z", + "pushed_at": "2024-08-26T00:12:57Z", + "stargazers_count": 17, + "watchers_count": 17, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 13, + "watchers": 17, "score": 0, "subscribers_count": 0 } diff --git a/2024/CVE-2024-5932.json b/2024/CVE-2024-5932.json index ae22f685bf..d7dec891d6 100644 --- a/2024/CVE-2024-5932.json +++ b/2024/CVE-2024-5932.json @@ -10,10 +10,10 @@ "html_url": "https:\/\/github.com\/EQSTSeminar" }, "html_url": "https:\/\/github.com\/EQSTSeminar\/CVE-2024-5932", - "description": "PoC for CVE-2024-5932", + "description": "Proof-of-Concept for CVE-2024-5932", "fork": false, "created_at": "2024-08-25T11:51:36Z", - "updated_at": "2024-08-25T14:05:09Z", + "updated_at": "2024-08-25T23:22:13Z", "pushed_at": "2024-08-25T14:05:06Z", "stargazers_count": 1, "watchers_count": 1, @@ -22,7 +22,13 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "cve-2024-5932", + "givewp", + "object-injection", + "php", + "proof-of-concept" + ], "visibility": "public", "forks": 0, "watchers": 1, diff --git a/2024/CVE-2024-7928.json b/2024/CVE-2024-7928.json index 10915640fb..74f9443f6d 100644 --- a/2024/CVE-2024-7928.json +++ b/2024/CVE-2024-7928.json @@ -13,10 +13,10 @@ "description": "Will attempt to retrieve DB details for FastAdmin instances", "fork": false, "created_at": "2024-08-20T03:09:47Z", - "updated_at": "2024-08-24T21:48:51Z", + "updated_at": "2024-08-25T19:44:48Z", "pushed_at": "2024-08-20T03:21:56Z", - "stargazers_count": 56, - "watchers_count": 56, + "stargazers_count": 57, + "watchers_count": 57, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 56, + "watchers": 57, "score": 0, "subscribers_count": 2 }, diff --git a/README.md b/README.md index 6727a66978..a269ba4d78 100644 --- a/README.md +++ b/README.md @@ -17216,6 +17216,7 @@ - [Johnermac/CVE-2022-35914](https://github.com/Johnermac/CVE-2022-35914) - [allendemoura/CVE-2022-35914](https://github.com/allendemoura/CVE-2022-35914) - [0romos/CVE-2022-35914](https://github.com/0romos/CVE-2022-35914) +- [noxlumens/CVE-2022-35914_poc](https://github.com/noxlumens/CVE-2022-35914_poc) ### CVE-2022-35919 (2022-08-01)