From b1b0d62479805309c19879a087f0342de0869980 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 19 Jan 2024 09:36:13 +0900 Subject: [PATCH] Auto Update 2024/01/19 00:36:13 --- 2016/CVE-2016-5195.json | 4 ++-- 2017/CVE-2017-17917.json | 32 -------------------------------- 2017/CVE-2017-8046.json | 8 ++++---- 2017/CVE-2017-9947.json | 8 ++++---- 2019/CVE-2019-1040.json | 4 ++-- 2020/CVE-2020-0601.json | 2 +- 2020/CVE-2020-11519.json | 2 +- 2020/CVE-2020-11652.json | 8 ++++---- 2020/CVE-2020-15227.json | 2 +- 2020/CVE-2020-1938.json | 2 +- 2020/CVE-2020-2551.json | 4 ++-- 2020/CVE-2020-2555.json | 4 ++-- 2021/CVE-2021-1675.json | 2 +- 2021/CVE-2021-25641.json | 4 ++-- 2021/CVE-2021-42287.json | 4 ++-- 2021/CVE-2021-44228.json | 4 ++-- 2022/CVE-2022-20409.json | 8 ++++---- 2022/CVE-2022-28346.json | 30 ++++++++++++++++++++++++++++++ 2022/CVE-2022-33980.json | 4 ++-- 2022/CVE-2022-3602.json | 2 +- 2022/CVE-2022-41852.json | 4 ++-- 2022/CVE-2022-42889.json | 4 ++-- 2023/CVE-2023-21939.json | 4 ++-- 2023/CVE-2023-22515.json | 8 ++++---- 2023/CVE-2023-23752.json | 30 ++++++++++++++++++++++++++++++ 2023/CVE-2023-33246.json | 4 ++-- 2023/CVE-2023-34034.json | 4 ++-- 2023/CVE-2023-3460.json | 2 +- 2023/CVE-2023-36003.json | 12 ++++++------ 2023/CVE-2023-36802.json | 8 ++++---- 2023/CVE-2023-46501.json | 8 ++++---- 2023/CVE-2023-46604.json | 4 ++-- 2023/CVE-2023-4911.json | 16 ++++++++-------- 2023/CVE-2023-50164.json | 4 ++-- 2023/CVE-2023-7028.json | 12 ++++++------ 2024/CVE-2024-20656.json | 8 ++++---- README.md | 15 +++++---------- 37 files changed, 154 insertions(+), 131 deletions(-) delete mode 100644 2017/CVE-2017-17917.json diff --git a/2016/CVE-2016-5195.json b/2016/CVE-2016-5195.json index 105a44ed07..f182698823 100644 --- a/2016/CVE-2016-5195.json +++ b/2016/CVE-2016-5195.json @@ -78,13 +78,13 @@ "stargazers_count": 938, "watchers_count": 938, "has_discussions": false, - "forks_count": 402, + "forks_count": 403, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 402, + "forks": 403, "watchers": 938, "score": 0, "subscribers_count": 65 diff --git a/2017/CVE-2017-17917.json b/2017/CVE-2017-17917.json deleted file mode 100644 index 2177ff5dad..0000000000 --- a/2017/CVE-2017-17917.json +++ /dev/null @@ -1,32 +0,0 @@ -[ - { - "id": 744803275, - "name": "rails-cve-2017-17917", - "full_name": "matiasarenhard\/rails-cve-2017-17917", - "owner": { - "login": "matiasarenhard", - "id": 14844393, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14844393?v=4", - "html_url": "https:\/\/github.com\/matiasarenhard" - }, - "html_url": "https:\/\/github.com\/matiasarenhard\/rails-cve-2017-17917", - "description": null, - "fork": false, - "created_at": "2024-01-18T03:08:59Z", - "updated_at": "2024-01-18T03:11:54Z", - "pushed_at": "2024-01-18T03:11:51Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-8046.json b/2017/CVE-2017-8046.json index ae796722f4..1f575b8a8d 100644 --- a/2017/CVE-2017-8046.json +++ b/2017/CVE-2017-8046.json @@ -80,7 +80,7 @@ "stargazers_count": 11, "watchers_count": 11, "has_discussions": false, - "forks_count": 8, + "forks_count": 9, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -95,7 +95,7 @@ "vulnerability-scanners" ], "visibility": "public", - "forks": 8, + "forks": 9, "watchers": 11, "score": 0, "subscribers_count": 3 @@ -119,7 +119,7 @@ "stargazers_count": 17, "watchers_count": 17, "has_discussions": false, - "forks_count": 11, + "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -134,7 +134,7 @@ "vulnerability-scanners" ], "visibility": "public", - "forks": 11, + "forks": 12, "watchers": 17, "score": 0, "subscribers_count": 4 diff --git a/2017/CVE-2017-9947.json b/2017/CVE-2017-9947.json index afb169a276..e8a479cce4 100644 --- a/2017/CVE-2017-9947.json +++ b/2017/CVE-2017-9947.json @@ -13,10 +13,10 @@ "description": "APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947.", "fork": false, "created_at": "2022-05-26T01:13:42Z", - "updated_at": "2023-10-13T09:00:17Z", + "updated_at": "2024-01-18T23:12:06Z", "pushed_at": "2024-01-07T02:16:42Z", - "stargazers_count": 43, - "watchers_count": 43, + "stargazers_count": 44, + "watchers_count": 44, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 8, - "watchers": 43, + "watchers": 44, "score": 0, "subscribers_count": 2 } diff --git a/2019/CVE-2019-1040.json b/2019/CVE-2019-1040.json index 68a2ad8eb7..34cf9d9c10 100644 --- a/2019/CVE-2019-1040.json +++ b/2019/CVE-2019-1040.json @@ -48,13 +48,13 @@ "stargazers_count": 32, "watchers_count": 32, "has_discussions": false, - "forks_count": 4, + "forks_count": 5, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 4, + "forks": 5, "watchers": 32, "score": 0, "subscribers_count": 3 diff --git a/2020/CVE-2020-0601.json b/2020/CVE-2020-0601.json index 23b2663f5f..ebbce5a43b 100644 --- a/2020/CVE-2020-0601.json +++ b/2020/CVE-2020-0601.json @@ -703,7 +703,7 @@ "forks": 1, "watchers": 2, "score": 0, - "subscribers_count": 2 + "subscribers_count": 3 }, { "id": 237977846, diff --git a/2020/CVE-2020-11519.json b/2020/CVE-2020-11519.json index a20cfad030..0bc92830d9 100644 --- a/2020/CVE-2020-11519.json +++ b/2020/CVE-2020-11519.json @@ -34,6 +34,6 @@ "forks": 3, "watchers": 13, "score": 0, - "subscribers_count": 2 + "subscribers_count": 3 } ] \ No newline at end of file diff --git a/2020/CVE-2020-11652.json b/2020/CVE-2020-11652.json index d8e536e2ac..a1c3513399 100644 --- a/2020/CVE-2020-11652.json +++ b/2020/CVE-2020-11652.json @@ -73,10 +73,10 @@ "description": "This is a fix POC CVE-2020-11651 & CVE-2020-11651", "fork": false, "created_at": "2024-01-17T04:15:16Z", - "updated_at": "2024-01-17T04:26:04Z", + "updated_at": "2024-01-19T00:04:15Z", "pushed_at": "2024-01-17T04:26:00Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -85,7 +85,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2020/CVE-2020-15227.json b/2020/CVE-2020-15227.json index 342c8fff7b..84925a2ecb 100644 --- a/2020/CVE-2020-15227.json +++ b/2020/CVE-2020-15227.json @@ -94,6 +94,6 @@ "forks": 1, "watchers": 1, "score": 0, - "subscribers_count": 2 + "subscribers_count": 3 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 671c53d7c8..3579867b22 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -423,7 +423,7 @@ "forks": 113, "watchers": 332, "score": 0, - "subscribers_count": 3 + "subscribers_count": 4 }, { "id": 243285368, diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 10083691e7..bc590c11f0 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -129,13 +129,13 @@ "stargazers_count": 331, "watchers_count": 331, "has_discussions": false, - "forks_count": 79, + "forks_count": 80, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 79, + "forks": 80, "watchers": 331, "score": 0, "subscribers_count": 5 diff --git a/2020/CVE-2020-2555.json b/2020/CVE-2020-2555.json index 0d917c415e..fb63152190 100644 --- a/2020/CVE-2020-2555.json +++ b/2020/CVE-2020-2555.json @@ -78,13 +78,13 @@ "stargazers_count": 181, "watchers_count": 181, "has_discussions": false, - "forks_count": 57, + "forks_count": 58, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 57, + "forks": 58, "watchers": 181, "score": 0, "subscribers_count": 4 diff --git a/2021/CVE-2021-1675.json b/2021/CVE-2021-1675.json index 67094656a0..e6735523b8 100644 --- a/2021/CVE-2021-1675.json +++ b/2021/CVE-2021-1675.json @@ -1289,6 +1289,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2021/CVE-2021-25641.json b/2021/CVE-2021-25641.json index 28095d40c7..861cf222cb 100644 --- a/2021/CVE-2021-25641.json +++ b/2021/CVE-2021-25641.json @@ -18,13 +18,13 @@ "stargazers_count": 54, "watchers_count": 54, "has_discussions": false, - "forks_count": 12, + "forks_count": 13, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 12, + "forks": 13, "watchers": 54, "score": 0, "subscribers_count": 2 diff --git a/2021/CVE-2021-42287.json b/2021/CVE-2021-42287.json index c1fd7b96c5..2b9d6d2b5f 100644 --- a/2021/CVE-2021-42287.json +++ b/2021/CVE-2021-42287.json @@ -18,13 +18,13 @@ "stargazers_count": 1277, "watchers_count": 1277, "has_discussions": false, - "forks_count": 317, + "forks_count": 318, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 317, + "forks": 318, "watchers": 1277, "score": 0, "subscribers_count": 27 diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 145542bff6..1fc6a65d62 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -862,7 +862,7 @@ "stargazers_count": 917, "watchers_count": 917, "has_discussions": false, - "forks_count": 141, + "forks_count": 142, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -888,7 +888,7 @@ "writeups" ], "visibility": "public", - "forks": 141, + "forks": 142, "watchers": 917, "score": 0, "subscribers_count": 24 diff --git a/2022/CVE-2022-20409.json b/2022/CVE-2022-20409.json index b774f35f6a..6b28540a43 100644 --- a/2022/CVE-2022-20409.json +++ b/2022/CVE-2022-20409.json @@ -13,10 +13,10 @@ "description": "Android kernel exploitation for CVE-2022-20409", "fork": false, "created_at": "2022-11-21T22:42:50Z", - "updated_at": "2024-01-12T02:30:56Z", + "updated_at": "2024-01-18T23:14:28Z", "pushed_at": "2023-08-05T20:56:12Z", - "stargazers_count": 131, - "watchers_count": 131, + "stargazers_count": 132, + "watchers_count": 132, "has_discussions": false, "forks_count": 21, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 21, - "watchers": 131, + "watchers": 132, "score": 0, "subscribers_count": 4 } diff --git a/2022/CVE-2022-28346.json b/2022/CVE-2022-28346.json index 51791de508..0853e13157 100644 --- a/2022/CVE-2022-28346.json +++ b/2022/CVE-2022-28346.json @@ -88,5 +88,35 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 745257468, + "name": "CVE-2022-28346", + "full_name": "kamal-marouane\/CVE-2022-28346", + "owner": { + "login": "kamal-marouane", + "id": 110986028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110986028?v=4", + "html_url": "https:\/\/github.com\/kamal-marouane" + }, + "html_url": "https:\/\/github.com\/kamal-marouane\/CVE-2022-28346", + "description": "A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely.", + "fork": false, + "created_at": "2024-01-19T00:15:59Z", + "updated_at": "2024-01-19T00:28:38Z", + "pushed_at": "2024-01-19T00:34:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-33980.json b/2022/CVE-2022-33980.json index c43b32477f..9d130dea1d 100644 --- a/2022/CVE-2022-33980.json +++ b/2022/CVE-2022-33980.json @@ -48,7 +48,7 @@ "stargazers_count": 33, "watchers_count": 33, "has_discussions": false, - "forks_count": 10, + "forks_count": 11, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -57,7 +57,7 @@ "cve-2022-42889" ], "visibility": "public", - "forks": 10, + "forks": 11, "watchers": 33, "score": 0, "subscribers_count": 2 diff --git a/2022/CVE-2022-3602.json b/2022/CVE-2022-3602.json index 52efdc8f81..d577adaabc 100644 --- a/2022/CVE-2022-3602.json +++ b/2022/CVE-2022-3602.json @@ -108,7 +108,7 @@ "description": "cve-2022-3602 poc", "fork": false, "created_at": "2022-11-01T23:36:08Z", - "updated_at": "2023-05-01T03:04:19Z", + "updated_at": "2024-01-18T20:23:36Z", "pushed_at": "2022-11-01T23:41:23Z", "stargazers_count": 3, "watchers_count": 3, diff --git a/2022/CVE-2022-41852.json b/2022/CVE-2022-41852.json index 49969d9cf8..9c9ad4e8a5 100644 --- a/2022/CVE-2022-41852.json +++ b/2022/CVE-2022-41852.json @@ -18,7 +18,7 @@ "stargazers_count": 69, "watchers_count": 69, "has_discussions": false, - "forks_count": 16, + "forks_count": 17, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -36,7 +36,7 @@ "vulnerability" ], "visibility": "public", - "forks": 16, + "forks": 17, "watchers": 69, "score": 0, "subscribers_count": 3 diff --git a/2022/CVE-2022-42889.json b/2022/CVE-2022-42889.json index 0938fc22b3..0c86834f18 100644 --- a/2022/CVE-2022-42889.json +++ b/2022/CVE-2022-42889.json @@ -55,7 +55,7 @@ "stargazers_count": 35, "watchers_count": 35, "has_discussions": true, - "forks_count": 16, + "forks_count": 17, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -66,7 +66,7 @@ "poc" ], "visibility": "public", - "forks": 16, + "forks": 17, "watchers": 35, "score": 0, "subscribers_count": 3 diff --git a/2023/CVE-2023-21939.json b/2023/CVE-2023-21939.json index 3aab14e340..43857fc3a7 100644 --- a/2023/CVE-2023-21939.json +++ b/2023/CVE-2023-21939.json @@ -18,13 +18,13 @@ "stargazers_count": 97, "watchers_count": 97, "has_discussions": false, - "forks_count": 13, + "forks_count": 14, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 13, + "forks": 14, "watchers": 97, "score": 0, "subscribers_count": 0 diff --git a/2023/CVE-2023-22515.json b/2023/CVE-2023-22515.json index 6dffd9f9e1..8e0ac24f5a 100644 --- a/2023/CVE-2023-22515.json +++ b/2023/CVE-2023-22515.json @@ -73,10 +73,10 @@ "description": "CVE-2023-22515: Confluence Broken Access Control Exploit", "fork": false, "created_at": "2023-10-10T21:40:09Z", - "updated_at": "2024-01-16T06:45:58Z", + "updated_at": "2024-01-18T23:14:11Z", "pushed_at": "2023-10-17T22:04:13Z", - "stargazers_count": 118, - "watchers_count": 118, + "stargazers_count": 119, + "watchers_count": 119, "has_discussions": false, "forks_count": 27, "allow_forking": true, @@ -94,7 +94,7 @@ ], "visibility": "public", "forks": 27, - "watchers": 118, + "watchers": 119, "score": 0, "subscribers_count": 3 }, diff --git a/2023/CVE-2023-23752.json b/2023/CVE-2023-23752.json index 13a5582356..bbd4a0f68d 100644 --- a/2023/CVE-2023-23752.json +++ b/2023/CVE-2023-23752.json @@ -618,6 +618,36 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 625201230, + "name": "Scanner-CVE-2023-23752", + "full_name": "Ge-Per\/Scanner-CVE-2023-23752", + "owner": { + "login": "Ge-Per", + "id": 97132622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97132622?v=4", + "html_url": "https:\/\/github.com\/Ge-Per" + }, + "html_url": "https:\/\/github.com\/Ge-Per\/Scanner-CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-04-08T11:27:09Z", + "updated_at": "2024-01-18T19:11:27Z", + "pushed_at": "2023-06-12T10:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, { "id": 625551982, "name": "CVE-2023-23752", diff --git a/2023/CVE-2023-33246.json b/2023/CVE-2023-33246.json index 5f28f6fb90..c7f72e6b22 100644 --- a/2023/CVE-2023-33246.json +++ b/2023/CVE-2023-33246.json @@ -18,13 +18,13 @@ "stargazers_count": 58, "watchers_count": 58, "has_discussions": false, - "forks_count": 21, + "forks_count": 22, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 21, + "forks": 22, "watchers": 58, "score": 0, "subscribers_count": 2 diff --git a/2023/CVE-2023-34034.json b/2023/CVE-2023-34034.json index 0ba6e16e04..1411cf25c7 100644 --- a/2023/CVE-2023-34034.json +++ b/2023/CVE-2023-34034.json @@ -18,13 +18,13 @@ "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 2 diff --git a/2023/CVE-2023-3460.json b/2023/CVE-2023-3460.json index ea329ed574..6a1bc7bed5 100644 --- a/2023/CVE-2023-3460.json +++ b/2023/CVE-2023-3460.json @@ -227,7 +227,7 @@ "fork": false, "created_at": "2024-01-04T22:43:19Z", "updated_at": "2024-01-05T02:09:03Z", - "pushed_at": "2024-01-09T18:43:22Z", + "pushed_at": "2024-01-18T18:40:30Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2023/CVE-2023-36003.json b/2023/CVE-2023-36003.json index 2d4b9edf4f..d881f7a699 100644 --- a/2023/CVE-2023-36003.json +++ b/2023/CVE-2023-36003.json @@ -13,19 +13,19 @@ "description": "Privilege escalation using the XAML diagnostics API (CVE-2023-36003)", "fork": false, "created_at": "2024-01-11T19:17:13Z", - "updated_at": "2024-01-17T16:13:41Z", + "updated_at": "2024-01-18T18:36:25Z", "pushed_at": "2024-01-11T19:42:03Z", - "stargazers_count": 75, - "watchers_count": 75, + "stargazers_count": 76, + "watchers_count": 76, "has_discussions": false, - "forks_count": 15, + "forks_count": 16, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 15, - "watchers": 75, + "forks": 16, + "watchers": 76, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-36802.json b/2023/CVE-2023-36802.json index be49681231..6e64e45b6c 100644 --- a/2023/CVE-2023-36802.json +++ b/2023/CVE-2023-36802.json @@ -13,10 +13,10 @@ "description": "LPE exploit for CVE-2023-36802", "fork": false, "created_at": "2023-10-09T17:32:15Z", - "updated_at": "2024-01-10T07:11:10Z", + "updated_at": "2024-01-18T23:14:07Z", "pushed_at": "2023-10-10T17:44:17Z", - "stargazers_count": 139, - "watchers_count": 139, + "stargazers_count": 140, + "watchers_count": 140, "has_discussions": false, "forks_count": 39, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 39, - "watchers": 139, + "watchers": 140, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-46501.json b/2023/CVE-2023-46501.json index da5621032f..01ae52c9e9 100644 --- a/2023/CVE-2023-46501.json +++ b/2023/CVE-2023-46501.json @@ -13,10 +13,10 @@ "description": "BoltWire v6.03 vulnerable to \"Improper Access Control\"", "fork": false, "created_at": "2023-10-31T12:40:14Z", - "updated_at": "2024-01-11T00:42:29Z", + "updated_at": "2024-01-19T00:32:50Z", "pushed_at": "2023-10-31T12:41:20Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 9, + "watchers": 10, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-46604.json b/2023/CVE-2023-46604.json index 215920ab9f..e883a35d6d 100644 --- a/2023/CVE-2023-46604.json +++ b/2023/CVE-2023-46604.json @@ -18,13 +18,13 @@ "stargazers_count": 27, "watchers_count": 27, "has_discussions": false, - "forks_count": 7, + "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 7, + "forks": 8, "watchers": 27, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-4911.json b/2023/CVE-2023-4911.json index 85052d8850..982bdcb835 100644 --- a/2023/CVE-2023-4911.json +++ b/2023/CVE-2023-4911.json @@ -43,10 +43,10 @@ "description": "PoC for CVE-2023-4911", "fork": false, "created_at": "2023-10-04T14:12:16Z", - "updated_at": "2024-01-04T15:57:10Z", + "updated_at": "2024-01-18T19:31:17Z", "pushed_at": "2023-10-04T14:16:36Z", - "stargazers_count": 361, - "watchers_count": 361, + "stargazers_count": 362, + "watchers_count": 362, "has_discussions": false, "forks_count": 57, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 57, - "watchers": 361, + "watchers": 362, "score": 0, "subscribers_count": 5 }, @@ -163,10 +163,10 @@ "description": null, "fork": false, "created_at": "2023-10-10T22:04:23Z", - "updated_at": "2024-01-13T09:26:52Z", + "updated_at": "2024-01-18T19:31:19Z", "pushed_at": "2023-10-15T19:37:06Z", - "stargazers_count": 17, - "watchers_count": 17, + "stargazers_count": 18, + "watchers_count": 18, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -175,7 +175,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 17, + "watchers": 18, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-50164.json b/2023/CVE-2023-50164.json index 3447bcb955..134c1f530a 100644 --- a/2023/CVE-2023-50164.json +++ b/2023/CVE-2023-50164.json @@ -228,13 +228,13 @@ "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-7028.json b/2023/CVE-2023-7028.json index 4160022be4..2f01f70a36 100644 --- a/2023/CVE-2023-7028.json +++ b/2023/CVE-2023-7028.json @@ -106,19 +106,19 @@ "description": "This repository presents a proof-of-concept of CVE-2023-7028", "fork": false, "created_at": "2024-01-12T18:29:27Z", - "updated_at": "2024-01-18T16:39:03Z", + "updated_at": "2024-01-18T21:01:25Z", "pushed_at": "2024-01-13T13:50:20Z", - "stargazers_count": 175, - "watchers_count": 175, + "stargazers_count": 176, + "watchers_count": 176, "has_discussions": false, - "forks_count": 29, + "forks_count": 30, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 29, - "watchers": 175, + "forks": 30, + "watchers": 176, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-20656.json b/2024/CVE-2024-20656.json index 8bd04acd44..f0d2905dd5 100644 --- a/2024/CVE-2024-20656.json +++ b/2024/CVE-2024-20656.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2024-01-12T15:08:01Z", - "updated_at": "2024-01-18T15:26:55Z", + "updated_at": "2024-01-18T23:13:27Z", "pushed_at": "2024-01-14T07:14:33Z", - "stargazers_count": 86, - "watchers_count": 86, + "stargazers_count": 87, + "watchers_count": 87, "has_discussions": false, "forks_count": 14, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 14, - "watchers": 86, + "watchers": 87, "score": 0, "subscribers_count": 1 } diff --git a/README.md b/README.md index 2f21cfff25..cd440b5d82 100644 --- a/README.md +++ b/README.md @@ -1903,6 +1903,7 @@ - [0xNahim/CVE-2023-23752](https://github.com/0xNahim/CVE-2023-23752) - [adhikara13/CVE-2023-23752](https://github.com/adhikara13/CVE-2023-23752) - [AkbarWiraN/Joomla-Scanner](https://github.com/AkbarWiraN/Joomla-Scanner) +- [Ge-Per/Scanner-CVE-2023-23752](https://github.com/Ge-Per/Scanner-CVE-2023-23752) - [ThatNotEasy/CVE-2023-23752](https://github.com/ThatNotEasy/CVE-2023-23752) - [wibuheker/Joomla-CVE-2023-23752](https://github.com/wibuheker/Joomla-CVE-2023-23752) - [Sweelg/CVE-2023-23752](https://github.com/Sweelg/CVE-2023-23752) @@ -9714,6 +9715,7 @@ - [YouGina/CVE-2022-28346](https://github.com/YouGina/CVE-2022-28346) - [DeEpinGh0st/CVE-2022-28346](https://github.com/DeEpinGh0st/CVE-2022-28346) - [vincentinttsh/CVE-2022-28346](https://github.com/vincentinttsh/CVE-2022-28346) +- [kamal-marouane/CVE-2022-28346](https://github.com/kamal-marouane/CVE-2022-28346) ### CVE-2022-28368 (2022-04-02) @@ -20274,7 +20276,7 @@ ### CVE-2020-1337 (2020-08-17) -<p>An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.</p>\n<p>The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.</p>\n +An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.\nThe update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.\n - [math1as/CVE-2020-1337-exploit](https://github.com/math1as/CVE-2020-1337-exploit) @@ -20320,7 +20322,7 @@ ### CVE-2020-1472 (2020-08-17) -<p>An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (<a href="https://docs.microsoft.com/openspecs/windows_protocols/ms-nrpc/ff8f970f-3e37-40f7-bd4b-af7336e4792f">MS-NRPC</a>). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.</p>\n<p>To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.</p>\n<p>Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.</p>\n<p>For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see <a href="https://support.microsoft.com/kb/4557222">How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472</a> (updated September 28, 2020).</p>\n<p>When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See <a href="https://technet.microsoft.com/en-us/security/dd252948">Microsoft Technical Security Notifications</a>.</p>\n +An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.\nTo exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.\nMicrosoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.\nFor guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).\nWhen the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.\n - [Tobey123/CVE-2020-1472-visualizer](https://github.com/Tobey123/CVE-2020-1472-visualizer) @@ -20390,7 +20392,7 @@ ### CVE-2020-1493 (2020-08-17) -<p>An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific users.</p>\n<p>To exploit this vulnerability, an attacker would have to attach a file as a link to an email. The email could then be shared with individuals that should not have access to the files, ignoring the default organizational setting.</p>\n<p>The security update addresses the vulnerability by correcting how Outlook handles file attachment links.</p>\n +An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific users.\nTo exploit this vulnerability, an attacker would have to attach a file as a link to an email. The email could then be shared with individuals that should not have access to the files, ignoring the default organizational setting.\nThe security update addresses the vulnerability by correcting how Outlook handles file attachment links.\n - [0neb1n/CVE-2020-1493](https://github.com/0neb1n/CVE-2020-1493) @@ -34006,13 +34008,6 @@ - [0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736](https://github.com/0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736) -### CVE-2017-17917 (2017-12-29) - -** DISPUTED ** SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input. - - -- [matiasarenhard/rails-cve-2017-17917](https://github.com/matiasarenhard/rails-cve-2017-17917) - ### CVE-2017-18019 (2018-01-03) In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a fixed value, which in turn can be used to read the contents of arbitrary memory. Similarly, the product crashes upon a \\.\K7Sentry DeviceIoControl call with an invalid kernel pointer.