From b7d5ab09b68f57c200967ff3f91a118f6c36881d Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sat, 10 Feb 2024 21:25:59 +0900 Subject: [PATCH] Auto Update 2024/02/10 12:25:59 --- 2013/CVE-2013-4786.json | 8 ++++---- 2014/CVE-2014-6271.json | 8 ++++---- 2015/CVE-2015-1427.json | 8 ++++---- 2017/CVE-2017-1000251.json | 8 ++++---- 2018/CVE-2018-10562.json | 4 ++-- 2019/CVE-2019-5029.json | 2 +- 2021/CVE-2021-4034.json | 4 ++-- 2022/CVE-2022-22947.json | 8 ++++---- 2022/CVE-2022-31814.json | 8 ++++---- 2022/CVE-2022-38691.json | 8 ++++---- 2022/CVE-2022-38694.json | 8 ++++---- 2022/CVE-2022-4262.json | 2 +- 2022/CVE-2022-46689.json | 8 ++++---- 2023/CVE-2023-28252.json | 8 ++++---- 2023/CVE-2023-28434.json | 8 ++++---- 2023/CVE-2023-38831.json | 8 ++++---- 2023/CVE-2023-42442.json | 6 +++--- 2023/CVE-2023-4863.json | 8 ++++---- 2024/CVE-2024-20656.json | 8 ++++---- 2024/CVE-2024-21893.json | 4 ++-- 2024/CVE-2024-22024.json | 16 ++++++++-------- 2024/CVE-2024-23208.json | 8 ++++---- 2024/CVE-2024-24816.json | 32 ++++++++++++++++++++++++++++++++ README.md | 7 +++++++ 24 files changed, 118 insertions(+), 79 deletions(-) create mode 100644 2024/CVE-2024-24816.json diff --git a/2013/CVE-2013-4786.json b/2013/CVE-2013-4786.json index 76f13890e3..3b54514512 100644 --- a/2013/CVE-2013-4786.json +++ b/2013/CVE-2013-4786.json @@ -13,10 +13,10 @@ "description": "CVE-2013-4786 Go exploitation tool", "fork": false, "created_at": "2023-10-23T20:01:37Z", - "updated_at": "2024-02-02T10:02:43Z", + "updated_at": "2024-02-10T07:04:23Z", "pushed_at": "2023-11-01T19:23:34Z", - "stargazers_count": 29, - "watchers_count": 29, + "stargazers_count": 30, + "watchers_count": 30, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 29, + "watchers": 30, "score": 0, "subscribers_count": 4 } diff --git a/2014/CVE-2014-6271.json b/2014/CVE-2014-6271.json index 57c279dfc8..5d2578accf 100644 --- a/2014/CVE-2014-6271.json +++ b/2014/CVE-2014-6271.json @@ -1158,10 +1158,10 @@ "description": "Shellshock exploit + vulnerable environment", "fork": false, "created_at": "2016-12-07T23:38:50Z", - "updated_at": "2024-02-05T18:14:56Z", + "updated_at": "2024-02-10T06:26:13Z", "pushed_at": "2023-05-11T02:12:25Z", - "stargazers_count": 181, - "watchers_count": 181, + "stargazers_count": 182, + "watchers_count": 182, "has_discussions": false, "forks_count": 57, "allow_forking": true, @@ -1177,7 +1177,7 @@ ], "visibility": "public", "forks": 57, - "watchers": 181, + "watchers": 182, "score": 0, "subscribers_count": 5 }, diff --git a/2015/CVE-2015-1427.json b/2015/CVE-2015-1427.json index 3dc8a8af91..92167aae42 100644 --- a/2015/CVE-2015-1427.json +++ b/2015/CVE-2015-1427.json @@ -13,10 +13,10 @@ "description": "Elasticsearch 1.4.0 < 1.4.2 Remote Code Execution exploit and vulnerable container", "fork": false, "created_at": "2017-01-09T20:08:56Z", - "updated_at": "2024-01-02T06:44:55Z", + "updated_at": "2024-02-10T07:28:49Z", "pushed_at": "2018-04-07T00:30:52Z", - "stargazers_count": 32, - "watchers_count": 32, + "stargazers_count": 33, + "watchers_count": 33, "has_discussions": false, "forks_count": 16, "allow_forking": true, @@ -31,7 +31,7 @@ ], "visibility": "public", "forks": 16, - "watchers": 32, + "watchers": 33, "score": 0, "subscribers_count": 2 }, diff --git a/2017/CVE-2017-1000251.json b/2017/CVE-2017-1000251.json index f2bd17d8ff..8e1fde43f3 100644 --- a/2017/CVE-2017-1000251.json +++ b/2017/CVE-2017-1000251.json @@ -13,10 +13,10 @@ "description": "Blueborne CVE-2017-1000251 PoC for linux machines", "fork": false, "created_at": "2017-09-23T06:29:31Z", - "updated_at": "2023-09-28T10:44:39Z", + "updated_at": "2024-02-10T11:17:40Z", "pushed_at": "2023-03-10T03:04:17Z", - "stargazers_count": 14, - "watchers_count": 14, + "stargazers_count": 15, + "watchers_count": 15, "has_discussions": false, "forks_count": 14, "allow_forking": true, @@ -30,7 +30,7 @@ ], "visibility": "public", "forks": 14, - "watchers": 14, + "watchers": 15, "score": 0, "subscribers_count": 2 }, diff --git a/2018/CVE-2018-10562.json b/2018/CVE-2018-10562.json index 6150b9f026..7a0013847a 100644 --- a/2018/CVE-2018-10562.json +++ b/2018/CVE-2018-10562.json @@ -18,13 +18,13 @@ "stargazers_count": 209, "watchers_count": 209, "has_discussions": false, - "forks_count": 72, + "forks_count": 73, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 72, + "forks": 73, "watchers": 209, "score": 0, "subscribers_count": 11 diff --git a/2019/CVE-2019-5029.json b/2019/CVE-2019-5029.json index 72ccb6486c..e69e4b134e 100644 --- a/2019/CVE-2019-5029.json +++ b/2019/CVE-2019-5029.json @@ -14,7 +14,7 @@ "fork": false, "created_at": "2023-12-14T01:05:45Z", "updated_at": "2024-01-27T02:54:03Z", - "pushed_at": "2024-02-04T21:17:22Z", + "pushed_at": "2024-02-10T09:36:11Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index d50e772c81..8bf32b9597 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -174,7 +174,7 @@ "stargazers_count": 1005, "watchers_count": 1005, "has_discussions": false, - "forks_count": 313, + "forks_count": 314, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -184,7 +184,7 @@ "poc" ], "visibility": "public", - "forks": 313, + "forks": 314, "watchers": 1005, "score": 0, "subscribers_count": 16 diff --git a/2022/CVE-2022-22947.json b/2022/CVE-2022-22947.json index a8af993725..1004432347 100644 --- a/2022/CVE-2022-22947.json +++ b/2022/CVE-2022-22947.json @@ -1644,10 +1644,10 @@ "description": "一款Spring综合漏洞的利用工具,工具目前支持Spring Cloud Gateway RCE(CVE-2022-22947)、Spring Framework RCE (CVE-2022-22965) 的检测以及利用", "fork": false, "created_at": "2024-02-06T08:45:19Z", - "updated_at": "2024-02-09T10:07:04Z", + "updated_at": "2024-02-10T09:51:12Z", "pushed_at": "2024-02-06T09:14:32Z", - "stargazers_count": 8, - "watchers_count": 8, + "stargazers_count": 9, + "watchers_count": 9, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -1656,7 +1656,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 8, + "watchers": 9, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-31814.json b/2022/CVE-2022-31814.json index 35b4be7b25..63718b930b 100644 --- a/2022/CVE-2022-31814.json +++ b/2022/CVE-2022-31814.json @@ -13,10 +13,10 @@ "description": "CVE-2022-31814 Exploitation Toolkit.", "fork": false, "created_at": "2022-09-18T11:10:04Z", - "updated_at": "2023-07-21T00:29:36Z", + "updated_at": "2024-02-10T08:12:19Z", "pushed_at": "2022-09-21T13:41:29Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -30,7 +30,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 1 }, diff --git a/2022/CVE-2022-38691.json b/2022/CVE-2022-38691.json index 2072632707..25963fa387 100644 --- a/2022/CVE-2022-38691.json +++ b/2022/CVE-2022-38691.json @@ -13,10 +13,10 @@ "description": "Let's control Secure Boot Chain ourselves.", "fork": false, "created_at": "2023-12-01T07:32:18Z", - "updated_at": "2024-02-07T23:18:03Z", + "updated_at": "2024-02-10T11:56:08Z", "pushed_at": "2024-01-25T01:35:44Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 2, - "watchers": 11, + "watchers": 12, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-38694.json b/2022/CVE-2022-38694.json index e24edbff5c..a4d5e4d92c 100644 --- a/2022/CVE-2022-38694.json +++ b/2022/CVE-2022-38694.json @@ -13,10 +13,10 @@ "description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", "fork": false, "created_at": "2023-06-10T08:31:26Z", - "updated_at": "2024-02-07T23:15:26Z", + "updated_at": "2024-02-10T11:56:02Z", "pushed_at": "2024-02-06T01:58:14Z", - "stargazers_count": 158, - "watchers_count": 158, + "stargazers_count": 159, + "watchers_count": 159, "has_discussions": true, "forks_count": 22, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 22, - "watchers": 158, + "watchers": 159, "score": 0, "subscribers_count": 7 } diff --git a/2022/CVE-2022-4262.json b/2022/CVE-2022-4262.json index 15ae98b369..22e88ad82b 100644 --- a/2022/CVE-2022-4262.json +++ b/2022/CVE-2022-4262.json @@ -14,7 +14,7 @@ "fork": false, "created_at": "2023-07-13T13:17:20Z", "updated_at": "2024-01-30T02:29:21Z", - "pushed_at": "2024-02-09T16:32:55Z", + "pushed_at": "2024-02-10T12:06:26Z", "stargazers_count": 26, "watchers_count": 26, "has_discussions": false, diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index bc63a963f5..5c9a358b03 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -73,10 +73,10 @@ "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", "fork": false, "created_at": "2022-12-26T06:56:35Z", - "updated_at": "2024-02-04T11:34:15Z", + "updated_at": "2024-02-10T08:50:07Z", "pushed_at": "2023-08-02T09:35:14Z", - "stargazers_count": 865, - "watchers_count": 865, + "stargazers_count": 866, + "watchers_count": 866, "has_discussions": false, "forks_count": 72, "allow_forking": true, @@ -85,7 +85,7 @@ "topics": [], "visibility": "public", "forks": 72, - "watchers": 865, + "watchers": 866, "score": 0, "subscribers_count": 25 }, diff --git a/2023/CVE-2023-28252.json b/2023/CVE-2023-28252.json index e79479b2af..ac29747a07 100644 --- a/2023/CVE-2023-28252.json +++ b/2023/CVE-2023-28252.json @@ -133,10 +133,10 @@ "description": "A modification to fortra's CVE-2023-28252 exploit, compiled to exe", "fork": false, "created_at": "2024-01-22T10:38:02Z", - "updated_at": "2024-02-08T17:57:50Z", + "updated_at": "2024-02-10T08:19:40Z", "pushed_at": "2024-01-24T13:45:56Z", - "stargazers_count": 42, - "watchers_count": 42, + "stargazers_count": 43, + "watchers_count": 43, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -145,7 +145,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 42, + "watchers": 43, "score": 0, "subscribers_count": 2 } diff --git a/2023/CVE-2023-28434.json b/2023/CVE-2023-28434.json index bfd2b6e0b1..de1c8ea377 100644 --- a/2023/CVE-2023-28434.json +++ b/2023/CVE-2023-28434.json @@ -13,10 +13,10 @@ "description": "EXP for CVE-2023-28434 MinIO unauthorized to RCE", "fork": false, "created_at": "2023-03-27T08:53:04Z", - "updated_at": "2024-02-09T21:21:52Z", + "updated_at": "2024-02-10T06:27:30Z", "pushed_at": "2023-04-04T05:26:59Z", - "stargazers_count": 291, - "watchers_count": 291, + "stargazers_count": 292, + "watchers_count": 292, "has_discussions": false, "forks_count": 36, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 36, - "watchers": 291, + "watchers": 292, "score": 0, "subscribers_count": 3 } diff --git a/2023/CVE-2023-38831.json b/2023/CVE-2023-38831.json index d1f90361b9..f47aedfa15 100644 --- a/2023/CVE-2023-38831.json +++ b/2023/CVE-2023-38831.json @@ -174,10 +174,10 @@ "description": "CVE-2023-38831 PoC (Proof Of Concept)", "fork": false, "created_at": "2023-08-28T04:56:10Z", - "updated_at": "2024-01-31T08:07:52Z", + "updated_at": "2024-02-10T07:22:57Z", "pushed_at": "2023-08-28T20:41:57Z", - "stargazers_count": 51, - "watchers_count": 51, + "stargazers_count": 50, + "watchers_count": 50, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -186,7 +186,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 51, + "watchers": 50, "score": 0, "subscribers_count": 0 }, diff --git a/2023/CVE-2023-42442.json b/2023/CVE-2023-42442.json index 8bc31a0b38..a310ae39a6 100644 --- a/2023/CVE-2023-42442.json +++ b/2023/CVE-2023-42442.json @@ -40,11 +40,11 @@ "html_url": "https:\/\/github.com\/tarimoe" }, "html_url": "https:\/\/github.com\/tarimoe\/blackjump", - "description": "JumpServer 堡垒机未授权综合漏洞利用, CVE-2023-42442 \/ CVE-2023-42820 Exploit", + "description": "JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 \/ CVE-2023-42820 \/ RCE 2021", "fork": false, "created_at": "2023-10-14T09:35:07Z", - "updated_at": "2024-01-23T01:03:08Z", - "pushed_at": "2023-10-15T01:28:07Z", + "updated_at": "2024-02-10T09:41:11Z", + "pushed_at": "2024-02-10T09:42:29Z", "stargazers_count": 96, "watchers_count": 96, "has_discussions": false, diff --git a/2023/CVE-2023-4863.json b/2023/CVE-2023-4863.json index c380261b9f..a011327ccf 100644 --- a/2023/CVE-2023-4863.json +++ b/2023/CVE-2023-4863.json @@ -193,10 +193,10 @@ "description": null, "fork": false, "created_at": "2023-12-18T23:12:25Z", - "updated_at": "2024-01-27T22:39:35Z", + "updated_at": "2024-02-10T10:06:56Z", "pushed_at": "2024-01-22T14:29:21Z", - "stargazers_count": 33, - "watchers_count": 33, + "stargazers_count": 34, + "watchers_count": 34, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -205,7 +205,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 33, + "watchers": 34, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-20656.json b/2024/CVE-2024-20656.json index 1fcf029dd7..7b6603793d 100644 --- a/2024/CVE-2024-20656.json +++ b/2024/CVE-2024-20656.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2024-01-12T15:08:01Z", - "updated_at": "2024-02-08T17:52:23Z", + "updated_at": "2024-02-10T11:04:24Z", "pushed_at": "2024-01-14T07:14:33Z", - "stargazers_count": 102, - "watchers_count": 102, + "stargazers_count": 104, + "watchers_count": 104, "has_discussions": false, "forks_count": 16, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 16, - "watchers": 102, + "watchers": 104, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-21893.json b/2024/CVE-2024-21893.json index 2b012ab7c2..df8947ad86 100644 --- a/2024/CVE-2024-21893.json +++ b/2024/CVE-2024-21893.json @@ -48,13 +48,13 @@ "stargazers_count": 8, "watchers_count": 8, "has_discussions": false, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 8, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-22024.json b/2024/CVE-2024-22024.json index 6bae35c795..3cf6de8c12 100644 --- a/2024/CVE-2024-22024.json +++ b/2024/CVE-2024-22024.json @@ -13,19 +13,19 @@ "description": "Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure", "fork": false, "created_at": "2024-02-09T14:31:56Z", - "updated_at": "2024-02-10T05:28:40Z", + "updated_at": "2024-02-10T09:11:55Z", "pushed_at": "2024-02-09T15:14:03Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 5, + "forks": 2, + "watchers": 8, "score": 0, "subscribers_count": 1 }, @@ -43,8 +43,8 @@ "description": "CVE-2024-22024 vulnerability in Ivanti Connect Secure", "fork": false, "created_at": "2024-02-10T06:23:44Z", - "updated_at": "2024-02-10T06:23:45Z", - "pushed_at": "2024-02-10T06:27:21Z", + "updated_at": "2024-02-10T06:37:03Z", + "pushed_at": "2024-02-10T06:38:59Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2024/CVE-2024-23208.json b/2024/CVE-2024-23208.json index 118a809691..e3acd8d1be 100644 --- a/2024/CVE-2024-23208.json +++ b/2024/CVE-2024-23208.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2024-02-04T07:37:21Z", - "updated_at": "2024-02-07T12:22:55Z", + "updated_at": "2024-02-10T10:04:06Z", "pushed_at": "2024-02-05T02:11:42Z", - "stargazers_count": 16, - "watchers_count": 16, + "stargazers_count": 17, + "watchers_count": 17, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 16, + "watchers": 17, "score": 0, "subscribers_count": 2 } diff --git a/2024/CVE-2024-24816.json b/2024/CVE-2024-24816.json new file mode 100644 index 0000000000..aa364f7798 --- /dev/null +++ b/2024/CVE-2024-24816.json @@ -0,0 +1,32 @@ +[ + { + "id": 755475889, + "name": "CVE-2024-24816", + "full_name": "afine-com\/CVE-2024-24816", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-24816", + "description": "CKEditor 4 < 4.24.0-lts - XSS vulnerability in samples that use the \"preview\" feature.", + "fork": false, + "created_at": "2024-02-10T10:26:35Z", + "updated_at": "2024-02-10T10:26:36Z", + "pushed_at": "2024-02-10T10:32:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 50bfcd786b..23483f7262 100644 --- a/README.md +++ b/README.md @@ -416,6 +416,13 @@ - [minj-ae/CVE-2024-24488](https://github.com/minj-ae/CVE-2024-24488) +### CVE-2024-24816 (-) + +CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can be affected. The vulnerability allows an attacker to execute JavaScript code by abusing the misconfigured preview feature. It affects all users using the CKEditor 4 at version < 4.24.0-lts with affected samples used in a production environment. A fix is available in version 4.24.0-lts. + + +- [afine-com/CVE-2024-24816](https://github.com/afine-com/CVE-2024-24816) + ### CVE-2024-65230 - [CBaekhyunC/cve-2024-65230](https://github.com/CBaekhyunC/cve-2024-65230)