Auto Update 2021/05/21 00:13:03

2025-01-29 02:54:10 +01:00 · 2021-05-21 00:13:03 +09:00 · 2021-05-21 00:13:03 +09:00 · bd2597d477
commit bd2597d477
parent c15e088be6
21 changed files with 116 additions and 68 deletions
--- a/2016/CVE-2016-1828.json
+++ b/2016/CVE-2016-1828.json
@ -13,13 +13,13 @@
        "description": "Local privilege escalation for OS X 10.10.5 via CVE-2016-1828.",
        "fork": false,
        "created_at": "2016-05-18T03:49:02Z",
-        "updated_at": "2020-06-19T20:05:43Z",
+        "updated_at": "2021-05-20T13:27:29Z",
        "pushed_at": "2016-05-18T03:53:42Z",
-        "stargazers_count": 75,
-        "watchers_count": 75,
+        "stargazers_count": 76,
+        "watchers_count": 76,
        "forks_count": 28,
        "forks": 28,
-        "watchers": 75,
+        "watchers": 76,
        "score": 0
    }
 ]
--- a/2017/CVE-2017-7269.json
+++ b/2017/CVE-2017-7269.json
@ -178,8 +178,8 @@
        "pushed_at": "2017-04-05T23:29:03Z",
        "stargazers_count": 40,
        "watchers_count": 40,
-        "forks_count": 37,
-        "forks": 37,
+        "forks_count": 38,
+        "forks": 38,
        "watchers": 40,
        "score": 0
    },
--- a/2018/CVE-2018-19987.json
+++ b/2018/CVE-2018-19987.json
@ -13,13 +13,13 @@
        "description": "This repo has a blog post about my analysis for CVE-2018-19987 an authenticated OS command injection affecting multiple D-Link routers",
        "fork": false,
        "created_at": "2020-11-19T23:01:11Z",
-        "updated_at": "2020-11-28T02:32:04Z",
+        "updated_at": "2021-05-20T13:32:15Z",
        "pushed_at": "2020-11-28T02:32:02Z",
-        "stargazers_count": 1,
-        "watchers_count": 1,
+        "stargazers_count": 2,
+        "watchers_count": 2,
        "forks_count": 1,
        "forks": 1,
-        "watchers": 1,
+        "watchers": 2,
        "score": 0
    }
 ]
--- a/2019/CVE-2019-0708.json
+++ b/2019/CVE-2019-0708.json
@ -1236,8 +1236,8 @@
        "pushed_at": "2019-06-22T21:48:45Z",
        "stargazers_count": 811,
        "watchers_count": 811,
-        "forks_count": 197,
-        "forks": 197,
+        "forks_count": 198,
+        "forks": 198,
        "watchers": 811,
        "score": 0
    },
--- a/2019/CVE-2019-14287.json
+++ b/2019/CVE-2019-14287.json
@ -458,5 +458,28 @@
        "forks": 0,
        "watchers": 0,
        "score": 0
+    },
+    {
+        "id": 369226666,
+        "name": "Linux-Privilege-Escalation-using-Sudo-Rights",
+        "full_name": "DularaAnushka\/Linux-Privilege-Escalation-using-Sudo-Rights",
+        "owner": {
+            "login": "DularaAnushka",
+            "id": 69114421,
+            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69114421?v=4",
+            "html_url": "https:\/\/github.com\/DularaAnushka"
+        },
+        "html_url": "https:\/\/github.com\/DularaAnushka\/Linux-Privilege-Escalation-using-Sudo-Rights",
+        "description": "CVE-2019-14287",
+        "fork": false,
+        "created_at": "2021-05-20T13:57:38Z",
+        "updated_at": "2021-05-20T13:58:32Z",
+        "pushed_at": "2021-05-20T13:58:29Z",
+        "stargazers_count": 0,
+        "watchers_count": 0,
+        "forks_count": 0,
+        "forks": 0,
+        "watchers": 0,
+        "score": 0
    }
 ]
--- a/2019/CVE-2019-17558.json
+++ b/2019/CVE-2019-17558.json
@ -36,13 +36,13 @@
        "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
        "fork": false,
        "created_at": "2020-04-01T09:33:35Z",
-        "updated_at": "2021-05-20T07:16:25Z",
+        "updated_at": "2021-05-20T15:14:09Z",
        "pushed_at": "2021-04-04T09:13:57Z",
-        "stargazers_count": 2578,
-        "watchers_count": 2578,
+        "stargazers_count": 2581,
+        "watchers_count": 2581,
        "forks_count": 753,
        "forks": 753,
-        "watchers": 2578,
+        "watchers": 2581,
        "score": 0
    },
    {
--- a/2019/CVE-2019-7238.json
+++ b/2019/CVE-2019-7238.json
@ -90,5 +90,28 @@
        "forks": 7,
        "watchers": 18,
        "score": 0
+    },
+    {
+        "id": 369228387,
+        "name": "CVE-2019-7238",
+        "full_name": "smallpiggy\/CVE-2019-7238",
+        "owner": {
+            "login": "smallpiggy",
+            "id": 44887613,
+            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44887613?v=4",
+            "html_url": "https:\/\/github.com\/smallpiggy"
+        },
+        "html_url": "https:\/\/github.com\/smallpiggy\/CVE-2019-7238",
+        "description": "RCE",
+        "fork": false,
+        "created_at": "2021-05-20T14:03:10Z",
+        "updated_at": "2021-05-20T14:48:35Z",
+        "pushed_at": "2021-05-20T14:44:06Z",
+        "stargazers_count": 1,
+        "watchers_count": 1,
+        "forks_count": 0,
+        "forks": 0,
+        "watchers": 1,
+        "score": 0
    }
 ]
--- a/2020/CVE-2020-0787.json
+++ b/2020/CVE-2020-0787.json
@ -13,13 +13,13 @@
        "description": "Support ALL Windows Version",
        "fork": false,
        "created_at": "2020-06-16T08:57:51Z",
-        "updated_at": "2021-05-19T03:09:28Z",
+        "updated_at": "2021-05-20T12:57:46Z",
        "pushed_at": "2020-09-11T07:38:22Z",
-        "stargazers_count": 532,
-        "watchers_count": 532,
+        "stargazers_count": 533,
+        "watchers_count": 533,
        "forks_count": 131,
        "forks": 131,
-        "watchers": 532,
+        "watchers": 533,
        "score": 0
    },
    {
--- a/2020/CVE-2020-14321.json
+++ b/2020/CVE-2020-14321.json
@ -36,13 +36,13 @@
        "description": "Python script to exploit CVE-2020-14321 - Course enrolments allowed privilege escalation from teacher role into manager role to RCE.",
        "fork": false,
        "created_at": "2021-04-28T19:46:55Z",
-        "updated_at": "2021-05-16T15:58:52Z",
+        "updated_at": "2021-05-20T12:51:11Z",
        "pushed_at": "2021-05-16T15:58:50Z",
-        "stargazers_count": 1,
-        "watchers_count": 1,
+        "stargazers_count": 2,
+        "watchers_count": 2,
        "forks_count": 0,
        "forks": 0,
-        "watchers": 1,
+        "watchers": 2,
        "score": 0
    }
 ]
--- a/2020/CVE-2020-14882.json
+++ b/2020/CVE-2020-14882.json
@ -13,13 +13,13 @@
        "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
        "fork": false,
        "created_at": "2020-04-01T09:33:35Z",
-        "updated_at": "2021-05-20T07:16:25Z",
+        "updated_at": "2021-05-20T15:14:09Z",
        "pushed_at": "2021-04-04T09:13:57Z",
-        "stargazers_count": 2578,
-        "watchers_count": 2578,
+        "stargazers_count": 2581,
+        "watchers_count": 2581,
        "forks_count": 753,
        "forks": 753,
-        "watchers": 2578,
+        "watchers": 2581,
        "score": 0
    },
    {
--- a/2020/CVE-2020-14883.json
+++ b/2020/CVE-2020-14883.json
@ -105,13 +105,13 @@
        "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE",
        "fork": false,
        "created_at": "2021-03-11T22:49:17Z",
-        "updated_at": "2021-05-19T00:17:18Z",
+        "updated_at": "2021-05-20T13:52:04Z",
        "pushed_at": "2021-04-26T02:30:11Z",
-        "stargazers_count": 756,
-        "watchers_count": 756,
+        "stargazers_count": 757,
+        "watchers_count": 757,
        "forks_count": 240,
        "forks": 240,
-        "watchers": 756,
+        "watchers": 757,
        "score": 0
    }
 ]
--- a/2020/CVE-2020-2883.json
+++ b/2020/CVE-2020-2883.json
@ -17,8 +17,8 @@
        "pushed_at": "2020-05-10T09:29:36Z",
        "stargazers_count": 169,
        "watchers_count": 169,
-        "forks_count": 32,
-        "forks": 32,
+        "forks_count": 33,
+        "forks": 33,
        "watchers": 169,
        "score": 0
    },
--- a/2020/CVE-2020-7461.json
+++ b/2020/CVE-2020-7461.json
@ -13,13 +13,13 @@
        "description": "PoC for DHCP vulnerability (NAME:WRECK) in FreeBSD",
        "fork": false,
        "created_at": "2021-04-14T20:37:38Z",
-        "updated_at": "2021-04-26T02:41:13Z",
+        "updated_at": "2021-05-20T11:51:50Z",
        "pushed_at": "2021-04-14T21:36:08Z",
-        "stargazers_count": 11,
-        "watchers_count": 11,
+        "stargazers_count": 12,
+        "watchers_count": 12,
        "forks_count": 4,
        "forks": 4,
-        "watchers": 11,
+        "watchers": 12,
        "score": 0
    }
 ]
--- a/2021/CVE-2021-25646.json
+++ b/2021/CVE-2021-25646.json
@ -105,13 +105,13 @@
        "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE",
        "fork": false,
        "created_at": "2021-03-11T22:49:17Z",
-        "updated_at": "2021-05-19T00:17:18Z",
+        "updated_at": "2021-05-20T13:52:04Z",
        "pushed_at": "2021-04-26T02:30:11Z",
-        "stargazers_count": 756,
-        "watchers_count": 756,
+        "stargazers_count": 757,
+        "watchers_count": 757,
        "forks_count": 240,
        "forks": 240,
-        "watchers": 756,
+        "watchers": 757,
        "score": 0
    },
    {
--- a/2021/CVE-2021-26855.json
+++ b/2021/CVE-2021-26855.json
@ -615,8 +615,8 @@
        "pushed_at": "2021-05-01T17:20:15Z",
        "stargazers_count": 3,
        "watchers_count": 3,
-        "forks_count": 0,
-        "forks": 0,
+        "forks_count": 1,
+        "forks": 1,
        "watchers": 3,
        "score": 0
    },
--- a/2021/CVE-2021-27651.json
+++ b/2021/CVE-2021-27651.json
@ -13,13 +13,13 @@
        "description": "RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2",
        "fork": false,
        "created_at": "2021-05-16T01:40:47Z",
-        "updated_at": "2021-05-19T15:08:54Z",
+        "updated_at": "2021-05-20T09:32:07Z",
        "pushed_at": "2021-05-16T05:54:07Z",
-        "stargazers_count": 37,
-        "watchers_count": 37,
-        "forks_count": 7,
-        "forks": 7,
-        "watchers": 37,
+        "stargazers_count": 38,
+        "watchers_count": 38,
+        "forks_count": 8,
+        "forks": 8,
+        "watchers": 38,
        "score": 0
    },
    {
--- a/2021/CVE-2021-29386.json
+++ b/2021/CVE-2021-29386.json
@ -13,8 +13,8 @@
        "description": "Due to a reflected XSS vulnerability in PowerSchool (CVE-2021-29386), it is possible to view other people's grades just by having them click on a link while they are logged in to PowerSchool. This demonstrates that with a proof-of-concept.",
        "fork": false,
        "created_at": "2020-11-26T00:43:36Z",
-        "updated_at": "2021-05-17T16:29:52Z",
-        "pushed_at": "2021-05-17T16:29:50Z",
+        "updated_at": "2021-05-20T13:27:23Z",
+        "pushed_at": "2021-05-20T13:27:21Z",
        "stargazers_count": 0,
        "watchers_count": 0,
        "forks_count": 0,
--- a/2021/CVE-2021-31166.json
+++ b/2021/CVE-2021-31166.json
@ -13,13 +13,13 @@
        "description": "Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.",
        "fork": false,
        "created_at": "2021-05-16T16:15:56Z",
-        "updated_at": "2021-05-20T09:08:50Z",
+        "updated_at": "2021-05-20T14:59:52Z",
        "pushed_at": "2021-05-20T04:58:29Z",
-        "stargazers_count": 554,
-        "watchers_count": 554,
-        "forks_count": 87,
-        "forks": 87,
-        "watchers": 554,
+        "stargazers_count": 570,
+        "watchers_count": 570,
+        "forks_count": 88,
+        "forks": 88,
+        "watchers": 570,
        "score": 0
    },
    {
@ -36,13 +36,13 @@
        "description": "PoC for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. Although it was defined as remote command execution, it can only cause the system to crash.",
        "fork": false,
        "created_at": "2021-05-17T11:12:45Z",
-        "updated_at": "2021-05-18T02:55:01Z",
+        "updated_at": "2021-05-20T10:57:49Z",
        "pushed_at": "2021-05-17T11:30:26Z",
-        "stargazers_count": 2,
-        "watchers_count": 2,
+        "stargazers_count": 1,
+        "watchers_count": 1,
        "forks_count": 0,
        "forks": 0,
-        "watchers": 2,
+        "watchers": 1,
        "score": 0
    },
    {
--- a/2021/CVE-2021-3129.json
+++ b/2021/CVE-2021-3129.json
@ -17,8 +17,8 @@
        "pushed_at": "2021-01-29T13:59:07Z",
        "stargazers_count": 108,
        "watchers_count": 108,
-        "forks_count": 24,
-        "forks": 24,
+        "forks_count": 25,
+        "forks": 25,
        "watchers": 108,
        "score": 0
    },
--- a/2021/CVE-2021-3156.json
+++ b/2021/CVE-2021-3156.json
@ -381,13 +381,13 @@
        "description": null,
        "fork": false,
        "created_at": "2021-01-30T20:39:58Z",
-        "updated_at": "2021-05-20T08:59:48Z",
+        "updated_at": "2021-05-20T11:24:29Z",
        "pushed_at": "2021-02-02T17:07:09Z",
-        "stargazers_count": 717,
-        "watchers_count": 717,
+        "stargazers_count": 718,
+        "watchers_count": 718,
        "forks_count": 202,
        "forks": 202,
-        "watchers": 717,
+        "watchers": 718,
        "score": 0
    },
    {
--- a/README.md
+++ b/README.md
@ -6584,6 +6584,7 @@ Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.
 - [jas502n/CVE-2019-7238](https://github.com/jas502n/CVE-2019-7238)
 - [verctor/nexus_rce_CVE-2019-7238](https://github.com/verctor/nexus_rce_CVE-2019-7238)
 - [magicming200/CVE-2019-7238_Nexus_RCE_Tool](https://github.com/magicming200/CVE-2019-7238_Nexus_RCE_Tool)
+- [smallpiggy/CVE-2019-7238](https://github.com/smallpiggy/CVE-2019-7238)

 ### CVE-2019-7304 (2019-04-23)

@ -8015,6 +8016,7 @@ In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can
 - [janod313/-CVE-2019-14287-SUDO-bypass-vulnerability](https://github.com/janod313/-CVE-2019-14287-SUDO-bypass-vulnerability)
 - [DewmiApsara/CVE-2019-14287](https://github.com/DewmiApsara/CVE-2019-14287)
 - [M108Falcon/Sudo-CVE-2019-14287](https://github.com/M108Falcon/Sudo-CVE-2019-14287)
+- [DularaAnushka/Linux-Privilege-Escalation-using-Sudo-Rights](https://github.com/DularaAnushka/Linux-Privilege-Escalation-using-Sudo-Rights)

 ### CVE-2019-14314 (2019-08-27)