From bbb9f19bf4610587010086af634b69654811f1d6 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sun, 20 Nov 2022 21:20:58 +0900 Subject: [PATCH] Auto Update 2022/11/20 12:20:58 --- 2008/CVE-2008-0166.json | 8 ++++---- 2016/CVE-2016-0051.json | 8 ++++---- 2018/CVE-2018-5955.json | 8 ++++---- 2020/CVE-2020-0683.json | 8 ++++---- 2020/CVE-2020-1938.json | 4 ++-- 2021/CVE-2021-23017.json | 4 ++-- 2021/CVE-2021-31166.json | 8 ++++---- 2021/CVE-2021-36260.json | 8 ++++---- 2021/CVE-2021-44228.json | 16 ++++++++-------- 2022/CVE-2022-31898.json | 12 ++++++------ 2022/CVE-2022-33679.json | 8 ++++---- 2022/CVE-2022-3546.json | 31 +++++++++++++++++++++++++++++++ 2022/CVE-2022-3602.json | 8 ++++---- 2022/CVE-2022-40127.json | 8 ++++---- 2022/CVE-2022-42889.json | 12 ++++++------ 2022/CVE-2022-43117.json | 31 +++++++++++++++++++++++++++++++ 2022/CVE-2022-44830.json | 31 +++++++++++++++++++++++++++++++ README.md | 14 ++++++++++++++ 18 files changed, 167 insertions(+), 60 deletions(-) create mode 100644 2022/CVE-2022-3546.json create mode 100644 2022/CVE-2022-43117.json create mode 100644 2022/CVE-2022-44830.json diff --git a/2008/CVE-2008-0166.json b/2008/CVE-2008-0166.json index 5cfb61ce3a..aa395ba1b7 100644 --- a/2008/CVE-2008-0166.json +++ b/2008/CVE-2008-0166.json @@ -13,10 +13,10 @@ "description": "Debian OpenSSL Predictable PRNG (CVE-2008-0166)", "fork": false, "created_at": "2013-09-22T21:20:31Z", - "updated_at": "2022-10-26T09:49:18Z", + "updated_at": "2022-11-20T08:10:55Z", "pushed_at": "2017-04-24T14:16:56Z", - "stargazers_count": 346, - "watchers_count": 346, + "stargazers_count": 347, + "watchers_count": 347, "has_discussions": false, "forks_count": 110, "allow_forking": true, @@ -27,7 +27,7 @@ ], "visibility": "public", "forks": 110, - "watchers": 346, + "watchers": 347, "score": 0 }, { diff --git a/2016/CVE-2016-0051.json b/2016/CVE-2016-0051.json index 4fc89b0000..2b449f229c 100644 --- a/2016/CVE-2016-0051.json +++ b/2016/CVE-2016-0051.json @@ -42,10 +42,10 @@ "description": null, "fork": false, "created_at": "2016-05-08T06:22:07Z", - "updated_at": "2021-10-06T04:53:16Z", + "updated_at": "2022-11-20T06:13:53Z", "pushed_at": "2016-05-10T22:41:12Z", - "stargazers_count": 40, - "watchers_count": 40, + "stargazers_count": 41, + "watchers_count": 41, "has_discussions": false, "forks_count": 16, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 16, - "watchers": 40, + "watchers": 41, "score": 0 }, { diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index a9ae720daf..a5d3096e96 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -42,10 +42,10 @@ "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", "fork": false, "created_at": "2019-12-21T22:45:55Z", - "updated_at": "2022-11-01T06:39:13Z", + "updated_at": "2022-11-20T10:40:37Z", "pushed_at": "2020-01-05T21:46:25Z", - "stargazers_count": 584, - "watchers_count": 584, + "stargazers_count": 585, + "watchers_count": 585, "has_discussions": false, "forks_count": 128, "allow_forking": true, @@ -67,7 +67,7 @@ ], "visibility": "public", "forks": 128, - "watchers": 584, + "watchers": 585, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0683.json b/2020/CVE-2020-0683.json index 5d7aaca5a6..0ce41e902e 100644 --- a/2020/CVE-2020-0683.json +++ b/2020/CVE-2020-0683.json @@ -13,10 +13,10 @@ "description": "CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege", "fork": false, "created_at": "2020-02-11T16:42:34Z", - "updated_at": "2022-11-19T16:11:41Z", + "updated_at": "2022-11-20T10:29:51Z", "pushed_at": "2021-12-23T16:28:28Z", - "stargazers_count": 311, - "watchers_count": 311, + "stargazers_count": 312, + "watchers_count": 312, "has_discussions": false, "forks_count": 53, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 53, - "watchers": 311, + "watchers": 312, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index f8d0d54aa9..87adc88917 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -18,13 +18,13 @@ "stargazers_count": 41, "watchers_count": 41, "has_discussions": false, - "forks_count": 33, + "forks_count": 34, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 33, + "forks": 34, "watchers": 41, "score": 0 }, diff --git a/2021/CVE-2021-23017.json b/2021/CVE-2021-23017.json index 77036451f1..933322ed64 100644 --- a/2021/CVE-2021-23017.json +++ b/2021/CVE-2021-23017.json @@ -18,7 +18,7 @@ "stargazers_count": 27, "watchers_count": 27, "has_discussions": false, - "forks_count": 7, + "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -27,7 +27,7 @@ "poc" ], "visibility": "public", - "forks": 7, + "forks": 8, "watchers": 27, "score": 0 } diff --git a/2021/CVE-2021-31166.json b/2021/CVE-2021-31166.json index c34af54b9a..cb71c75500 100644 --- a/2021/CVE-2021-31166.json +++ b/2021/CVE-2021-31166.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.", "fork": false, "created_at": "2021-05-16T16:15:56Z", - "updated_at": "2022-11-09T18:12:20Z", + "updated_at": "2022-11-20T08:43:55Z", "pushed_at": "2021-06-12T08:27:09Z", - "stargazers_count": 818, - "watchers_count": 818, + "stargazers_count": 819, + "watchers_count": 819, "has_discussions": false, "forks_count": 136, "allow_forking": true, @@ -30,7 +30,7 @@ ], "visibility": "public", "forks": 136, - "watchers": 818, + "watchers": 819, "score": 0 }, { diff --git a/2021/CVE-2021-36260.json b/2021/CVE-2021-36260.json index 3779686597..be941c7a63 100644 --- a/2021/CVE-2021-36260.json +++ b/2021/CVE-2021-36260.json @@ -71,10 +71,10 @@ "description": "海康威视RCE漏洞 批量检测和利用工具", "fork": false, "created_at": "2022-08-03T17:27:59Z", - "updated_at": "2022-11-10T06:25:57Z", + "updated_at": "2022-11-20T09:15:26Z", "pushed_at": "2022-08-05T19:57:30Z", - "stargazers_count": 39, - "watchers_count": 39, + "stargazers_count": 40, + "watchers_count": 40, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -86,7 +86,7 @@ ], "visibility": "public", "forks": 8, - "watchers": 39, + "watchers": 40, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index f86e6ad04a..ffbf2095dd 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -340,10 +340,10 @@ "description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ", "fork": false, "created_at": "2021-12-10T23:19:28Z", - "updated_at": "2022-11-19T23:09:37Z", + "updated_at": "2022-11-20T09:57:33Z", "pushed_at": "2022-09-21T07:49:03Z", - "stargazers_count": 1499, - "watchers_count": 1499, + "stargazers_count": 1500, + "watchers_count": 1500, "has_discussions": false, "forks_count": 430, "allow_forking": true, @@ -357,7 +357,7 @@ ], "visibility": "public", "forks": 430, - "watchers": 1499, + "watchers": 1500, "score": 0 }, { @@ -1884,10 +1884,10 @@ "description": "A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.", "fork": false, "created_at": "2021-12-14T06:37:59Z", - "updated_at": "2022-11-17T00:58:09Z", + "updated_at": "2022-11-20T07:15:47Z", "pushed_at": "2022-04-24T08:56:47Z", - "stargazers_count": 360, - "watchers_count": 360, + "stargazers_count": 359, + "watchers_count": 359, "has_discussions": false, "forks_count": 49, "allow_forking": true, @@ -1902,7 +1902,7 @@ ], "visibility": "public", "forks": 49, - "watchers": 360, + "watchers": 359, "score": 0 }, { diff --git a/2022/CVE-2022-31898.json b/2022/CVE-2022-31898.json index 5914234cfe..aaeb078f61 100644 --- a/2022/CVE-2022-31898.json +++ b/2022/CVE-2022-31898.json @@ -13,12 +13,12 @@ "description": "Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215", "fork": false, "created_at": "2022-11-11T05:11:14Z", - "updated_at": "2022-11-17T23:51:59Z", + "updated_at": "2022-11-20T11:54:55Z", "pushed_at": "2022-11-17T12:58:20Z", - "stargazers_count": 8, - "watchers_count": 8, + "stargazers_count": 9, + "watchers_count": 9, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -29,8 +29,8 @@ "gl-inet" ], "visibility": "public", - "forks": 1, - "watchers": 8, + "forks": 2, + "watchers": 9, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-33679.json b/2022/CVE-2022-33679.json index 4cdb8aa351..368a8b7235 100644 --- a/2022/CVE-2022-33679.json +++ b/2022/CVE-2022-33679.json @@ -13,10 +13,10 @@ "description": "One day based on https:\/\/googleprojectzero.blogspot.com\/2022\/10\/rc4-is-still-considered-harmful.html", "fork": false, "created_at": "2022-11-02T18:38:01Z", - "updated_at": "2022-11-19T13:11:04Z", + "updated_at": "2022-11-20T11:31:58Z", "pushed_at": "2022-11-07T16:21:14Z", - "stargazers_count": 302, - "watchers_count": 302, + "stargazers_count": 303, + "watchers_count": 303, "has_discussions": false, "forks_count": 51, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 51, - "watchers": 302, + "watchers": 303, "score": 0 }, { diff --git a/2022/CVE-2022-3546.json b/2022/CVE-2022-3546.json new file mode 100644 index 0000000000..ebaef57ebf --- /dev/null +++ b/2022/CVE-2022-3546.json @@ -0,0 +1,31 @@ +[ + { + "id": 552325321, + "name": "CVE-2022-3546", + "full_name": "thehackingverse\/CVE-2022-3546", + "owner": { + "login": "thehackingverse", + "id": 86924237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86924237?v=4", + "html_url": "https:\/\/github.com\/thehackingverse" + }, + "html_url": "https:\/\/github.com\/thehackingverse\/CVE-2022-3546", + "description": null, + "fork": false, + "created_at": "2022-10-16T10:35:24Z", + "updated_at": "2022-11-20T07:45:32Z", + "pushed_at": "2022-11-20T07:45:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3602.json b/2022/CVE-2022-3602.json index e52d304b98..2e6f27fd2c 100644 --- a/2022/CVE-2022-3602.json +++ b/2022/CVE-2022-3602.json @@ -198,10 +198,10 @@ "description": "Detects attempts at exploitation of CVE-2022-3602, a remote code execution vulnerability in OpenSSL v 3.0.0 through v.3.0.6 ", "fork": false, "created_at": "2022-11-03T03:19:52Z", - "updated_at": "2022-11-14T06:06:26Z", + "updated_at": "2022-11-20T07:37:49Z", "pushed_at": "2022-11-08T22:59:21Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -210,7 +210,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0 }, { diff --git a/2022/CVE-2022-40127.json b/2022/CVE-2022-40127.json index ee96b10286..97e40245d1 100644 --- a/2022/CVE-2022-40127.json +++ b/2022/CVE-2022-40127.json @@ -13,10 +13,10 @@ "description": "Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC", "fork": false, "created_at": "2022-11-18T13:19:23Z", - "updated_at": "2022-11-20T00:57:12Z", + "updated_at": "2022-11-20T06:30:50Z", "pushed_at": "2022-11-19T10:35:50Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -30,7 +30,7 @@ ], "visibility": "public", "forks": 3, - "watchers": 7, + "watchers": 8, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-42889.json b/2022/CVE-2022-42889.json index 9cec2e2688..2f9c056bb7 100644 --- a/2022/CVE-2022-42889.json +++ b/2022/CVE-2022-42889.json @@ -831,19 +831,19 @@ "description": "Proof of Concept for CVE-2022-42889 (Text4Shell Vulnerability) ", "fork": false, "created_at": "2022-11-04T19:26:23Z", - "updated_at": "2022-11-17T02:38:39Z", + "updated_at": "2022-11-20T11:54:11Z", "pushed_at": "2022-11-17T07:28:22Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 4, + "forks": 1, + "watchers": 5, "score": 0 }, { diff --git a/2022/CVE-2022-43117.json b/2022/CVE-2022-43117.json new file mode 100644 index 0000000000..0c940f098e --- /dev/null +++ b/2022/CVE-2022-43117.json @@ -0,0 +1,31 @@ +[ + { + "id": 568387385, + "name": "CVE-2022-43117", + "full_name": "RashidKhanPathan\/CVE-2022-43117", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-43117", + "description": null, + "fork": false, + "created_at": "2022-11-20T11:33:46Z", + "updated_at": "2022-11-20T11:33:46Z", + "pushed_at": "2022-11-20T11:34:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44830.json b/2022/CVE-2022-44830.json new file mode 100644 index 0000000000..fb27354801 --- /dev/null +++ b/2022/CVE-2022-44830.json @@ -0,0 +1,31 @@ +[ + { + "id": 568387723, + "name": "CVE-2022-44830", + "full_name": "RashidKhanPathan\/CVE-2022-44830", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-44830", + "description": null, + "fork": false, + "created_at": "2022-11-20T11:35:05Z", + "updated_at": "2022-11-20T11:35:05Z", + "pushed_at": "2022-11-20T11:35:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 5a57b69513..c45657c414 100644 --- a/README.md +++ b/README.md @@ -652,6 +652,14 @@ A vulnerability classified as problematic has been found in SourceCodester Sanit - [lohith19/CVE-2022-3518](https://github.com/lohith19/CVE-2022-3518) +### CVE-2022-3546 (2022-10-17) + + +A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability. + + +- [thehackingverse/CVE-2022-3546](https://github.com/thehackingverse/CVE-2022-3546) + ### CVE-2022-3602 (2022-11-01) @@ -4350,6 +4358,9 @@ Mediatrix 4102 before v48.5.2718 allows local attackers to gain root access via - [ProxyStaffy/Mediatrix-CVE-2022-43096](https://github.com/ProxyStaffy/Mediatrix-CVE-2022-43096) +### CVE-2022-43117 +- [RashidKhanPathan/CVE-2022-43117](https://github.com/RashidKhanPathan/CVE-2022-43117) + ### CVE-2022-43144 (2022-11-08) @@ -4369,6 +4380,9 @@ A cross-site scripting (XSS) vulnerability in Wondercms v3.3.4 allows attackers ### CVE-2022-43959 - [secware-ru/CVE-2022-43959](https://github.com/secware-ru/CVE-2022-43959) +### CVE-2022-44830 +- [RashidKhanPathan/CVE-2022-44830](https://github.com/RashidKhanPathan/CVE-2022-44830) + ## 2021 ### CVE-2021-0302 (2021-02-10)