Auto Update 2024/12/13 00:32:02

This commit is contained in:
motikan2010-bot 2024-12-13 09:32:02 +09:00
parent 145ce69511
commit b53a2bb950
20 changed files with 137 additions and 65 deletions

View file

@ -46,7 +46,7 @@
"fork": false,
"created_at": "2023-03-30T06:39:25Z",
"updated_at": "2023-11-15T05:13:25Z",
"pushed_at": "2024-11-21T18:34:33Z",
"pushed_at": "2024-12-12T23:55:36Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

View file

@ -76,10 +76,10 @@
"description": "Unsigned driver loader using CVE-2018-19320",
"fork": false,
"created_at": "2022-11-12T05:48:13Z",
"updated_at": "2024-12-12T12:16:18Z",
"updated_at": "2024-12-12T20:58:15Z",
"pushed_at": "2023-04-09T13:50:29Z",
"stargazers_count": 211,
"watchers_count": 211,
"stargazers_count": 212,
"watchers_count": 212,
"has_discussions": false,
"forks_count": 57,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 57,
"watchers": 211,
"watchers": 212,
"score": 0,
"subscribers_count": 9
}

View file

@ -324,8 +324,8 @@
"description": "This repo contains both the exploit and the explaination of how this vulnerability is exploited",
"fork": false,
"created_at": "2024-12-11T13:33:42Z",
"updated_at": "2024-12-12T16:25:42Z",
"pushed_at": "2024-12-12T16:25:38Z",
"updated_at": "2024-12-12T20:40:34Z",
"pushed_at": "2024-12-12T20:40:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -338,6 +338,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

View file

@ -107,10 +107,10 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2024-12-11T16:14:44Z",
"updated_at": "2024-12-12T21:54:29Z",
"pushed_at": "2020-11-03T09:45:24Z",
"stargazers_count": 1198,
"watchers_count": 1198,
"stargazers_count": 1199,
"watchers_count": 1199,
"has_discussions": false,
"forks_count": 288,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 288,
"watchers": 1198,
"watchers": 1199,
"score": 0,
"subscribers_count": 34
},

View file

@ -45,10 +45,10 @@
"description": "CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Poc\/Exploit开发",
"fork": false,
"created_at": "2021-03-08T05:07:15Z",
"updated_at": "2024-11-22T03:14:35Z",
"updated_at": "2024-12-12T23:39:03Z",
"pushed_at": "2021-03-08T11:41:19Z",
"stargazers_count": 80,
"watchers_count": 80,
"stargazers_count": 81,
"watchers_count": 81,
"has_discussions": false,
"forks_count": 27,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 27,
"watchers": 80,
"watchers": 81,
"score": 0,
"subscribers_count": 2
},

View file

@ -3749,10 +3749,10 @@
"description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ",
"fork": false,
"created_at": "2021-12-13T03:57:50Z",
"updated_at": "2024-12-11T22:08:09Z",
"updated_at": "2024-12-12T21:22:23Z",
"pushed_at": "2022-11-23T18:23:24Z",
"stargazers_count": 3405,
"watchers_count": 3405,
"stargazers_count": 3404,
"watchers_count": 3404,
"has_discussions": true,
"forks_count": 740,
"allow_forking": true,
@ -3761,7 +3761,7 @@
"topics": [],
"visibility": "public",
"forks": 740,
"watchers": 3405,
"watchers": 3404,
"score": 0,
"subscribers_count": 55
},

View file

@ -14,10 +14,10 @@
"description": "CVE-2022-27499",
"fork": false,
"created_at": "2022-01-07T03:45:41Z",
"updated_at": "2024-04-09T14:45:26Z",
"updated_at": "2024-12-12T20:41:30Z",
"pushed_at": "2023-01-16T14:30:40Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 3
}

View file

@ -15,7 +15,7 @@
"fork": false,
"created_at": "2024-11-15T22:21:16Z",
"updated_at": "2024-11-15T22:24:28Z",
"pushed_at": "2024-11-22T21:38:50Z",
"pushed_at": "2024-12-12T21:02:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

View file

@ -76,10 +76,10 @@
"description": "Reverse Shell POC exploit for Dolibarr <= 17.0.0 (CVE-2023-30253), PHP Code Injection",
"fork": false,
"created_at": "2024-05-27T15:10:12Z",
"updated_at": "2024-12-06T04:48:34Z",
"updated_at": "2024-12-12T20:32:55Z",
"pushed_at": "2024-05-28T15:10:20Z",
"stargazers_count": 37,
"watchers_count": 37,
"stargazers_count": 36,
"watchers_count": 36,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 37,
"watchers": 36,
"score": 0,
"subscribers_count": 1
},

View file

@ -60,5 +60,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 902533209,
"name": "Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028",
"full_name": "0xDTC\/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028",
"owner": {
"login": "0xDTC",
"id": 95960398,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4",
"html_url": "https:\/\/github.com\/0xDTC",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xDTC\/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028",
"description": "CVE-2023-40028 affects Ghost, an open source content management system, where versions prior to 5.59.1 allow authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system.",
"fork": false,
"created_at": "2024-12-12T18:50:58Z",
"updated_at": "2024-12-12T19:30:34Z",
"pushed_at": "2024-12-12T19:30:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

View file

@ -14,10 +14,10 @@
"description": "For V8CTF M122",
"fork": false,
"created_at": "2024-08-25T12:08:54Z",
"updated_at": "2024-11-18T10:55:45Z",
"updated_at": "2024-12-12T23:59:01Z",
"pushed_at": "2024-08-25T12:42:14Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 1
}

View file

@ -45,10 +45,10 @@
"description": "Windows LPE",
"fork": false,
"created_at": "2024-06-11T08:03:29Z",
"updated_at": "2024-12-04T12:14:02Z",
"updated_at": "2024-12-12T23:45:20Z",
"pushed_at": "2024-06-11T20:41:59Z",
"stargazers_count": 108,
"watchers_count": 108,
"stargazers_count": 109,
"watchers_count": 109,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 108,
"watchers": 109,
"score": 0,
"subscribers_count": 1
},

33
2024/CVE-2024-38998.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 902615056,
"name": "PP_CVE-2024-38998",
"full_name": "AlbedoPrime\/PP_CVE-2024-38998",
"owner": {
"login": "AlbedoPrime",
"id": 128452420,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128452420?v=4",
"html_url": "https:\/\/github.com\/AlbedoPrime",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/AlbedoPrime\/PP_CVE-2024-38998",
"description": "Uma vulnerabilidade (CVE-2024-38998) foi identificada na versão 2.3.6 do módulo JavaScript requirejs. Ela explora prototype pollution na função config, permitindo que invasores modifiquem Object.prototype com entradas maliciosas. Isso pode causar DoS, execução remota de código (RCE) ou XSS. A gravidade é crítica (CVSS 9.8). ",
"fork": false,
"created_at": "2024-12-12T23:19:44Z",
"updated_at": "2024-12-12T23:21:00Z",
"pushed_at": "2024-12-12T23:20:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

View file

@ -50,13 +50,13 @@
"stargazers_count": 33,
"watchers_count": 33,
"has_discussions": false,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"forks": 6,
"watchers": 33,
"score": 0,
"subscribers_count": 1

View file

@ -107,10 +107,10 @@
"description": "POC for CVE-2024-42327, an authenticated SQL Injection in Zabbix through the user.get API Method",
"fork": false,
"created_at": "2024-12-07T21:25:40Z",
"updated_at": "2024-12-11T00:48:46Z",
"updated_at": "2024-12-12T22:27:55Z",
"pushed_at": "2024-12-08T12:27:53Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
@ -169,8 +169,8 @@
"description": "writeup cve-2024-42327",
"fork": false,
"created_at": "2024-12-12T01:32:26Z",
"updated_at": "2024-12-12T18:15:09Z",
"pushed_at": "2024-12-12T18:15:05Z",
"updated_at": "2024-12-12T19:21:47Z",
"pushed_at": "2024-12-12T19:21:44Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

View file

@ -55,10 +55,10 @@
"description": "based on [EQSTLab](https:\/\/github.com\/EQSTLab)",
"fork": false,
"created_at": "2024-12-04T15:51:40Z",
"updated_at": "2024-12-11T16:49:18Z",
"updated_at": "2024-12-12T23:58:51Z",
"pushed_at": "2024-12-04T16:00:45Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -67,7 +67,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

View file

@ -14,19 +14,19 @@
"description": "PoC for CVE-2024-48990",
"fork": false,
"created_at": "2024-11-20T18:41:25Z",
"updated_at": "2024-12-12T13:17:01Z",
"updated_at": "2024-12-12T20:25:15Z",
"pushed_at": "2024-11-20T18:49:33Z",
"stargazers_count": 89,
"watchers_count": 89,
"stargazers_count": 90,
"watchers_count": 90,
"has_discussions": false,
"forks_count": 15,
"forks_count": 16,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 15,
"watchers": 89,
"forks": 16,
"watchers": 90,
"score": 0,
"subscribers_count": 1
},

View file

@ -14,19 +14,19 @@
"description": "Cleo Unrestricted file upload and download PoC (CVE-2024-50623)",
"fork": false,
"created_at": "2024-12-11T14:19:55Z",
"updated_at": "2024-12-12T15:14:47Z",
"updated_at": "2024-12-12T19:41:32Z",
"pushed_at": "2024-12-11T14:23:19Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 11,
"forks": 3,
"watchers": 12,
"score": 0,
"subscribers_count": 0
}

View file

@ -14,10 +14,10 @@
"description": "WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via wp_ajax_nopriv_shortcode_Api_Add",
"fork": false,
"created_at": "2024-10-16T07:57:48Z",
"updated_at": "2024-10-18T17:57:08Z",
"updated_at": "2024-12-12T19:21:27Z",
"pushed_at": "2024-10-16T07:59:43Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

View file

@ -5715,6 +5715,13 @@
- [BBD-YZZ/CVE-2024-38856-RCE](https://github.com/BBD-YZZ/CVE-2024-38856-RCE)
- [XiaomingX/cve-2024-38856-poc](https://github.com/XiaomingX/cve-2024-38856-poc)
### CVE-2024-38998 (2024-07-01)
<code>jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
</code>
- [AlbedoPrime/PP_CVE-2024-38998](https://github.com/AlbedoPrime/PP_CVE-2024-38998)
### CVE-2024-39031 (2024-07-09)
<code>In Silverpeas Core &lt;= 6.3.5, in Mes Agendas, a user can create new events and add them to their calendar. Additionally, users can invite others from the same domain, including administrators, to these events. A standard user can inject an XSS payload into the &quot;Titre&quot; and &quot;Description&quot; fields when creating an event and then add the administrator or any user to the event. When the invited user (victim) views their own profile, the payload will be executed on their side, even if they do not click on the event.
@ -13248,6 +13255,7 @@
- [0xyassine/CVE-2023-40028](https://github.com/0xyassine/CVE-2023-40028)
- [BBSynapse/CVE-2023-40028](https://github.com/BBSynapse/CVE-2023-40028)
- [0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028](https://github.com/0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028)
### CVE-2023-40031 (2023-08-25)