mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/11/20 00:31:29

Browse source
This commit is contained in:
motikan2010-bot 2024-11-20 09:31:29 +09:00
parent 4441955eab
commit bb34ae819e
36 changed files with 288 additions and 180 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2015/CVE-2015-1328.json
View file

@ -76,10 +76,10 @@
"description": "kernel exploit",
"fork": false,
"created_at": "2022-02-07T10:52:51Z",
"updated_at": "2024-03-29T20:00:55Z",
"updated_at": "2024-11-19T22:29:09Z",
"pushed_at": "2022-02-07T14:33:56Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 2
},

8
2016/CVE-2016-5195.json
View file

@ -462,10 +462,10 @@
"description": "Dirty Cow exploit - CVE-2016-5195",
"fork": false,
"created_at": "2016-11-25T21:08:01Z",
"updated_at": "2024-11-12T05:51:55Z",
"updated_at": "2024-11-19T23:44:17Z",
"pushed_at": "2021-04-08T11:35:12Z",
"stargazers_count": 860,
"watchers_count": 860,
"stargazers_count": 861,
"watchers_count": 861,
"has_discussions": false,
"forks_count": 429,
"allow_forking": true,
@ -478,7 +478,7 @@
],
"visibility": "public",
"forks": 429,
"watchers": 860,
"watchers": 861,
"score": 0,
"subscribers_count": 9
},

4
2020/CVE-2020-0688.json
View file

@ -522,8 +522,8 @@
"description": "CVE-2020-0688 PoC",
"fork": false,
"created_at": "2020-10-23T01:18:13Z",
"updated_at": "2024-08-12T20:07:01Z",
"pushed_at": "2021-06-02T22:22:37Z",
"updated_at": "2024-11-19T21:09:40Z",
"pushed_at": "2024-11-19T21:09:35Z",
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,

2
2020/CVE-2020-27786.json
View file

@ -152,6 +152,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2021/CVE-2021-33044.json
View file

@ -14,10 +14,10 @@
"description": "Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.",
"fork": false,
"created_at": "2021-10-11T22:08:47Z",
"updated_at": "2024-11-11T05:58:13Z",
"updated_at": "2024-11-19T21:56:04Z",
"pushed_at": "2021-10-13T22:32:36Z",
"stargazers_count": 130,
"watchers_count": 130,
"stargazers_count": 131,
"watchers_count": 131,
"has_discussions": false,
"forks_count": 31,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 31,
"watchers": 130,
"watchers": 131,
"score": 0,
"subscribers_count": 7
},

8
2021/CVE-2021-3560.json
View file

@ -209,10 +209,10 @@
"description": "Privilege escalation with polkit - CVE-2021-3560",
"fork": false,
"created_at": "2021-06-19T08:15:17Z",
"updated_at": "2024-10-22T06:20:59Z",
"updated_at": "2024-11-19T19:23:44Z",
"pushed_at": "2021-06-20T07:38:13Z",
"stargazers_count": 116,
"watchers_count": 116,
"stargazers_count": 115,
"watchers_count": 115,
"has_discussions": false,
"forks_count": 50,
"allow_forking": true,
@ -221,7 +221,7 @@
"topics": [],
"visibility": "public",
"forks": 50,
"watchers": 116,
"watchers": 115,
"score": 0,
"subscribers_count": 2
},

8
2021/CVE-2021-4034.json
View file

@ -967,10 +967,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2024-11-19T00:50:18Z",
"updated_at": "2024-11-19T18:36:15Z",
"pushed_at": "2022-06-21T14:52:05Z",
"stargazers_count": 1084,
"watchers_count": 1084,
"stargazers_count": 1085,
"watchers_count": 1085,
"has_discussions": false,
"forks_count": 189,
"allow_forking": true,
@ -981,7 +981,7 @@
],
"visibility": "public",
"forks": 189,
"watchers": 1084,
"watchers": 1085,
"score": 0,
"subscribers_count": 12
},

8
2021/CVE-2021-40444.json
View file

@ -231,10 +231,10 @@
"description": "CVE-2021-40444 PoC",
"fork": false,
"created_at": "2021-09-10T16:55:53Z",
"updated_at": "2024-11-18T01:40:17Z",
"updated_at": "2024-11-19T21:19:29Z",
"pushed_at": "2021-12-25T18:31:02Z",
"stargazers_count": 1595,
"watchers_count": 1595,
"stargazers_count": 1596,
"watchers_count": 1596,
"has_discussions": false,
"forks_count": 483,
"allow_forking": true,
@ -243,7 +243,7 @@
"topics": [],
"visibility": "public",
"forks": 483,
"watchers": 1595,
"watchers": 1596,
"score": 0,
"subscribers_count": 28
},

2
2021/CVE-2021-41773.json
View file

@ -2993,7 +2993,7 @@
"fork": false,
"created_at": "2022-09-15T09:27:04Z",
"updated_at": "2022-09-15T09:27:22Z",
"pushed_at": "2024-07-19T18:23:08Z",
"pushed_at": "2024-11-19T21:39:52Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2022/CVE-2022-0995.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2022-0995 exploit",
"fork": false,
"created_at": "2022-03-26T21:46:09Z",
"updated_at": "2024-10-08T20:26:59Z",
"updated_at": "2024-11-19T23:46:23Z",
"pushed_at": "2022-03-27T09:07:01Z",
"stargazers_count": 494,
"watchers_count": 494,
"stargazers_count": 495,
"watchers_count": 495,
"has_discussions": false,
"forks_count": 70,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 70,
"watchers": 494,
"watchers": 495,
"score": 0,
"subscribers_count": 8
},

8
2022/CVE-2022-21894.json
View file

@ -14,10 +14,10 @@
"description": "baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability",
"fork": false,
"created_at": "2022-08-09T15:53:48Z",
"updated_at": "2024-11-19T07:38:08Z",
"updated_at": "2024-11-19T23:39:44Z",
"pushed_at": "2023-09-27T06:44:27Z",
"stargazers_count": 297,
"watchers_count": 297,
"stargazers_count": 298,
"watchers_count": 298,
"has_discussions": false,
"forks_count": 60,
"allow_forking": true,
@ -34,7 +34,7 @@
],
"visibility": "public",
"forks": 60,
"watchers": 297,
"watchers": 298,
"score": 0,
"subscribers_count": 12
},

24
2024/CVE-2024-43639.json → 2022/CVE-2022-22970.json
View file

@ -1,21 +1,21 @@
[
{
"id": 890576474,
"name": "CVE-2024-43639",
"full_name": "exploitsecure\/CVE-2024-43639",
"id": 891177744,
"name": "CVE-2022-22970",
"full_name": "Performant-Labs\/CVE-2022-22970",
"owner": {
"login": "exploitsecure",
"id": 186581872,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186581872?v=4",
"html_url": "https:\/\/github.com\/exploitsecure",
"login": "Performant-Labs",
"id": 35463594,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35463594?v=4",
"html_url": "https:\/\/github.com\/Performant-Labs",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/exploitsecure\/CVE-2024-43639",
"html_url": "https:\/\/github.com\/Performant-Labs\/CVE-2022-22970",
"description": null,
"fork": false,
"created_at": "2024-11-18T20:14:14Z",
"updated_at": "2024-11-18T20:28:05Z",
"pushed_at": "2024-11-18T20:28:01Z",
"created_at": "2024-11-19T21:36:09Z",
"updated_at": "2024-11-19T23:55:52Z",
"pushed_at": "2024-11-19T23:55:49Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
"subscribers_count": 0
}
]

4
2023/CVE-2023-22515.json
View file

@ -768,8 +768,8 @@
"description": "Vulnerability checking tool via Nmap Scripting Engine",
"fork": false,
"created_at": "2024-07-18T19:55:59Z",
"updated_at": "2024-09-22T17:13:24Z",
"pushed_at": "2024-08-19T19:11:51Z",
"updated_at": "2024-11-19T23:11:17Z",
"pushed_at": "2024-11-19T23:11:14Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,

8
2023/CVE-2023-25157.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2023-25157 - GeoServer SQL Injection - PoC",
"fork": false,
"created_at": "2023-06-06T14:05:09Z",
"updated_at": "2024-11-18T14:55:48Z",
"updated_at": "2024-11-19T23:14:35Z",
"pushed_at": "2023-07-14T10:40:17Z",
"stargazers_count": 162,
"watchers_count": 162,
"stargazers_count": 163,
"watchers_count": 163,
"has_discussions": false,
"forks_count": 33,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 33,
"watchers": 162,
"watchers": 163,
"score": 0,
"subscribers_count": 2
},

2
2023/CVE-2023-25194.json
View file

@ -77,7 +77,7 @@
"fork": false,
"created_at": "2024-04-17T13:36:34Z",
"updated_at": "2024-10-30T14:55:15Z",
"pushed_at": "2024-10-30T16:02:49Z",
"pushed_at": "2024-11-19T22:32:11Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,

8
2023/CVE-2023-27532.json
View file

@ -14,10 +14,10 @@
"description": "POC for Veeam Backup and Replication CVE-2023-27532",
"fork": false,
"created_at": "2023-03-18T16:20:53Z",
"updated_at": "2024-11-15T16:42:52Z",
"updated_at": "2024-11-19T19:27:25Z",
"pushed_at": "2023-03-28T18:21:55Z",
"stargazers_count": 60,
"watchers_count": 60,
"stargazers_count": 61,
"watchers_count": 61,
"has_discussions": false,
"forks_count": 11,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 11,
"watchers": 60,
"watchers": 61,
"score": 0,
"subscribers_count": 4
},

33
2023/CVE-2023-3722.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 891135457,
"name": "CVE-2023-3722",
"full_name": "pizza-power\/CVE-2023-3722",
"owner": {
"login": "pizza-power",
"id": 6135659,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4",
"html_url": "https:\/\/github.com\/pizza-power",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/pizza-power\/CVE-2023-3722",
"description": "Python POC for CVE-2023-3722 Avaya Aura Device Services Unrestricted File Upload RCE",
"fork": false,
"created_at": "2024-11-19T19:40:41Z",
"updated_at": "2024-11-19T19:44:39Z",
"pushed_at": "2024-11-19T19:44:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

20
2024/CVE-2024-0012.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2024-11-19T08:29:32Z",
"updated_at": "2024-11-19T12:57:21Z",
"updated_at": "2024-11-19T23:56:19Z",
"pushed_at": "2024-11-19T09:28:42Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 7,
"score": 0,
"subscribers_count": 0
},
@ -45,19 +45,19 @@
"description": "CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC",
"fork": false,
"created_at": "2024-11-19T11:30:25Z",
"updated_at": "2024-11-19T14:40:24Z",
"updated_at": "2024-11-19T23:36:51Z",
"pushed_at": "2024-11-19T11:37:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"forks": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}

8
2024/CVE-2024-10924.json
View file

@ -76,10 +76,10 @@
"description": "WARNING: This is a vulnerable application to test the exploit for the Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924). Run it at your own risk!",
"fork": false,
"created_at": "2024-11-18T20:37:07Z",
"updated_at": "2024-11-19T12:19:39Z",
"updated_at": "2024-11-19T23:59:24Z",
"pushed_at": "2024-11-19T12:19:36Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -94,7 +94,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-21762.json
View file

@ -107,10 +107,10 @@
"description": "Chequea si tu firewall es vulnerable a CVE-2024-21762 (RCE sin autenticación)",
"fork": false,
"created_at": "2024-03-13T22:57:00Z",
"updated_at": "2024-09-18T22:47:57Z",
"updated_at": "2024-11-19T18:50:22Z",
"pushed_at": "2024-03-24T22:01:21Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 9,
"watchers": 10,
"score": 0,
"subscribers_count": 1
},

33
2024/CVE-2024-22262.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 891146409,
"name": "CVE-2024-22262",
"full_name": "Performant-Labs\/CVE-2024-22262",
"owner": {
"login": "Performant-Labs",
"id": 35463594,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35463594?v=4",
"html_url": "https:\/\/github.com\/Performant-Labs",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Performant-Labs\/CVE-2024-22262",
"description": null,
"fork": false,
"created_at": "2024-11-19T20:08:57Z",
"updated_at": "2024-11-20T00:07:25Z",
"pushed_at": "2024-11-20T00:07:22Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-23113.json
View file

@ -138,10 +138,10 @@
"description": null,
"fork": false,
"created_at": "2024-11-15T13:23:19Z",
"updated_at": "2024-11-15T13:32:57Z",
"updated_at": "2024-11-19T19:03:13Z",
"pushed_at": "2024-11-15T13:25:50Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -150,7 +150,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-27956.json
View file

@ -169,10 +169,10 @@
"description": "WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries",
"fork": false,
"created_at": "2024-05-14T14:21:49Z",
"updated_at": "2024-11-18T03:16:24Z",
"updated_at": "2024-11-19T22:51:04Z",
"pushed_at": "2024-07-01T09:29:02Z",
"stargazers_count": 90,
"watchers_count": 90,
"stargazers_count": 91,
"watchers_count": 91,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -201,7 +201,7 @@
],
"visibility": "public",
"forks": 23,
"watchers": 90,
"watchers": 91,
"score": 0,
"subscribers_count": 3
},

8
2024/CVE-2024-28987.json
View file

@ -107,10 +107,10 @@
"description": null,
"fork": false,
"created_at": "2024-11-15T13:27:46Z",
"updated_at": "2024-11-15T13:32:46Z",
"updated_at": "2024-11-19T19:03:13Z",
"pushed_at": "2024-11-15T13:31:14Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-30051.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2024-08-14T16:20:38Z",
"updated_at": "2024-11-17T11:18:20Z",
"updated_at": "2024-11-19T18:50:26Z",
"pushed_at": "2024-09-05T23:21:00Z",
"stargazers_count": 105,
"watchers_count": 105,
"stargazers_count": 106,
"watchers_count": 106,
"has_discussions": false,
"forks_count": 31,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 31,
"watchers": 105,
"watchers": 106,
"score": 0,
"subscribers_count": 2
}

12
2024/CVE-2024-38063.json
View file

@ -265,10 +265,10 @@
"description": "poc for CVE-2024-38063 (RCE in tcpip.sys)",
"fork": false,
"created_at": "2024-08-24T18:25:46Z",
"updated_at": "2024-11-19T01:40:50Z",
"updated_at": "2024-11-19T19:00:11Z",
"pushed_at": "2024-08-27T12:22:39Z",
"stargazers_count": 620,
"watchers_count": 620,
"stargazers_count": 621,
"watchers_count": 621,
"has_discussions": false,
"forks_count": 115,
"allow_forking": true,
@ -277,7 +277,7 @@
"topics": [],
"visibility": "public",
"forks": 115,
"watchers": 620,
"watchers": 621,
"score": 0,
"subscribers_count": 4
},
@ -799,8 +799,8 @@
"description": "PoC for Windows' IPv6 CVE-2024-38063",
"fork": false,
"created_at": "2024-11-16T17:22:08Z",
"updated_at": "2024-11-17T22:36:00Z",
"pushed_at": "2024-11-17T22:35:57Z",
"updated_at": "2024-11-20T00:15:41Z",
"pushed_at": "2024-11-20T00:15:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

31
2024/CVE-2024-42640.json
View file

@ -34,5 +34,36 @@
"watchers": 25,
"score": 0,
"subscribers_count": 1
},
{
"id": 891216922,
"name": "CVE-2024-42640",
"full_name": "KTN1990\/CVE-2024-42640",
"owner": {
"login": "KTN1990",
"id": 33407405,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4",
"html_url": "https:\/\/github.com\/KTN1990",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-42640",
"description": "Unauthenticated Remote Code Execution via Angular-Base64-Upload Library (npm:bower)",
"fork": false,
"created_at": "2024-11-19T23:54:30Z",
"updated_at": "2024-11-19T23:58:20Z",
"pushed_at": "2024-11-19T23:58:17Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

33
2024/CVE-2024-43093.json
View file

@ -1,33 +0,0 @@
[
{
"id": 883768867,
"name": "CVE-2024-43093",
"full_name": "exploitsecure\/CVE-2024-43093",
"owner": {
"login": "exploitsecure",
"id": 186581872,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186581872?v=4",
"html_url": "https:\/\/github.com\/exploitsecure",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/exploitsecure\/CVE-2024-43093",
"description": null,
"fork": false,
"created_at": "2024-11-05T14:40:29Z",
"updated_at": "2024-11-13T16:39:57Z",
"pushed_at": "2024-11-05T15:04:26Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}
]

8
2024/CVE-2024-43532.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2024-11-15T13:15:39Z",
"updated_at": "2024-11-15T13:32:38Z",
"updated_at": "2024-11-19T19:03:13Z",
"pushed_at": "2024-11-15T13:19:13Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-4367.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-4367 & CVE-2024-34342 Proof of Concept",
"fork": false,
"created_at": "2024-05-20T10:02:23Z",
"updated_at": "2024-11-14T02:51:19Z",
"updated_at": "2024-11-19T20:30:28Z",
"pushed_at": "2024-06-07T03:28:00Z",
"stargazers_count": 134,
"watchers_count": 134,
"stargazers_count": 135,
"watchers_count": 135,
"has_discussions": false,
"forks_count": 19,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 134,
"watchers": 135,
"score": 0,
"subscribers_count": 2
},

16
2024/CVE-2024-4577.json
View file

@ -1027,10 +1027,10 @@
"description": "This is an Incident Response Walkthrough: Mitigating a Zero-Day Attack (CVE-2024-4577)",
"fork": false,
"created_at": "2024-06-24T10:48:24Z",
"updated_at": "2024-10-11T21:06:41Z",
"updated_at": "2024-11-19T23:50:04Z",
"pushed_at": "2024-06-24T11:00:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1039,7 +1039,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
@ -1656,10 +1656,10 @@
"description": "CVE-2024-4577 RCE PoC",
"fork": false,
"created_at": "2024-11-06T05:30:33Z",
"updated_at": "2024-11-19T14:27:07Z",
"updated_at": "2024-11-19T18:39:40Z",
"pushed_at": "2024-11-15T09:01:10Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -1668,7 +1668,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
}

16
2024/CVE-2024-47575.json
View file

@ -14,10 +14,10 @@
"description": "Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575",
"fork": false,
"created_at": "2024-11-07T21:03:30Z",
"updated_at": "2024-11-19T16:07:03Z",
"updated_at": "2024-11-19T23:48:21Z",
"pushed_at": "2024-11-14T16:25:52Z",
"stargazers_count": 53,
"watchers_count": 53,
"stargazers_count": 55,
"watchers_count": 55,
"has_discussions": false,
"forks_count": 22,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 22,
"watchers": 53,
"watchers": 55,
"score": 0,
"subscribers_count": 0
},
@ -76,10 +76,10 @@
"description": null,
"fork": false,
"created_at": "2024-11-15T13:19:33Z",
"updated_at": "2024-11-15T18:56:04Z",
"updated_at": "2024-11-19T19:03:13Z",
"pushed_at": "2024-11-15T18:56:01Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-52940.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-52940 - A critical zero-day vulnerability in AnyDesk's \"Allow Direct Connections\" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.",
"fork": false,
"created_at": "2024-10-27T15:29:56Z",
"updated_at": "2024-11-19T16:00:44Z",
"updated_at": "2024-11-19T22:06:18Z",
"pushed_at": "2024-11-18T15:09:32Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -38,7 +38,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-6387.json
View file

@ -1110,10 +1110,10 @@
"description": "CVE-2024-6387 with auto ip scanner and auto expliot ",
"fork": false,
"created_at": "2024-07-02T12:57:35Z",
"updated_at": "2024-10-13T04:38:20Z",
"updated_at": "2024-11-19T22:52:23Z",
"pushed_at": "2024-07-04T01:55:26Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -1140,7 +1140,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
},

33
2024/CVE-2024-9474.json
View file

@ -14,8 +14,39 @@
"description": "PAN-OS auth bypass + RCE",
"fork": false,
"created_at": "2024-11-19T17:26:27Z",
"updated_at": "2024-11-19T17:38:33Z",
"updated_at": "2024-11-19T23:20:25Z",
"pushed_at": "2024-11-19T17:38:29Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 3,
"score": 0,
"subscribers_count": 0
},
{
"id": 891185979,
"name": "CVE-2024-9474",
"full_name": "k4nfr3\/CVE-2024-9474",
"owner": {
"login": "k4nfr3",
"id": 45294916,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45294916?v=4",
"html_url": "https:\/\/github.com\/k4nfr3",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/k4nfr3\/CVE-2024-9474",
"description": null,
"fork": false,
"created_at": "2024-11-19T22:03:13Z",
"updated_at": "2024-11-19T22:04:50Z",
"pushed_at": "2024-11-19T22:04:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

43
README.md
View file

@ -1836,6 +1836,7 @@
</code>
- [Chocapikk/CVE-2024-9474](https://github.com/Chocapikk/CVE-2024-9474)
- [k4nfr3/CVE-2024-9474](https://github.com/k4nfr3/CVE-2024-9474)
### CVE-2024-9570 (2024-10-07)
@ -2506,6 +2507,13 @@
- [SeanPesce/CVE-2024-22243](https://github.com/SeanPesce/CVE-2024-22243)
- [shellfeel/CVE-2024-22243-CVE-2024-22234](https://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234)
### CVE-2024-22262 (2024-04-16)
<code>Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259  and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\n
</code>
- [Performant-Labs/CVE-2024-22262](https://github.com/Performant-Labs/CVE-2024-22262)
### CVE-2024-22263 (2024-06-19)
<code>Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes. The Skipper server has the ability to receive upload package requests. However, due to improper sanitization for upload path, a malicious user who has access to skipper server api can use a crafted upload request to write arbitrary file to any location on file system, may even compromises the server.
@ -5827,6 +5835,7 @@
</code>
- [rvizx/CVE-2024-42640](https://github.com/rvizx/CVE-2024-42640)
- [KTN1990/CVE-2024-42640](https://github.com/KTN1990/CVE-2024-42640)
### CVE-2024-42642 (2024-09-04)
@ -5914,13 +5923,6 @@
- [v9d0g/CVE-2024-43044-POC](https://github.com/v9d0g/CVE-2024-43044-POC)
- [convisolabs/CVE-2024-43044-jenkins](https://github.com/convisolabs/CVE-2024-43044-jenkins)
### CVE-2024-43093 (2024-11-13)
<code>In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
</code>
- [exploitsecure/CVE-2024-43093](https://github.com/exploitsecure/CVE-2024-43093)
### CVE-2024-43160 (2024-08-13)
<code>Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection.This issue affects BerqWP: from n/a through 1.7.6.
@ -5963,13 +5965,6 @@
- [jinxongwi/CVE-2024-43582-RCE](https://github.com/jinxongwi/CVE-2024-43582-RCE)
### CVE-2024-43639 (2024-11-12)
<code>Windows KDC Proxy Remote Code Execution Vulnerability
</code>
- [exploitsecure/CVE-2024-43639](https://github.com/exploitsecure/CVE-2024-43639)
### CVE-2024-43917 (2024-08-29)
<code>Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce Wishlist: from n/a through 2.8.2.
@ -7646,6 +7641,13 @@
- [vpxuser/CVE-2023-3712-POC](https://github.com/vpxuser/CVE-2023-3712-POC)
### CVE-2023-3722 (2023-07-19)
<code>An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.
</code>
- [pizza-power/CVE-2023-3722](https://github.com/pizza-power/CVE-2023-3722)
### CVE-2023-3824 (2023-08-11)
<code>In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. \n\n
@ -17254,6 +17256,13 @@
- [MarcinGadz/spring-rce-poc](https://github.com/MarcinGadz/spring-rce-poc)
### CVE-2022-22970 (2022-05-12)
<code>In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.
</code>
- [Performant-Labs/CVE-2022-22970](https://github.com/Performant-Labs/CVE-2022-22970)
### CVE-2022-22971 (2022-05-12)
<code>In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.
@ -39834,7 +39843,11 @@
### CVE-2018-9375
- [IOActive/AOSP-ExploitUserDictionary](https://github.com/IOActive/AOSP-ExploitUserDictionary)
### CVE-2018-9411
### CVE-2018-9411 (2024-11-19)
<code>In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.
</code>
- [tamirzb/CVE-2018-9411](https://github.com/tamirzb/CVE-2018-9411)
### CVE-2018-9468