From c29f62214cad38e25e89b9430e92e7f2b85bc920 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Tue, 7 Jan 2025 03:33:08 +0900 Subject: [PATCH] Auto Update 2025/01/06 18:33:08 --- 2007/CVE-2007-2447.json | 8 +-- 2009/CVE-2009-2265.json | 8 +-- 2012/CVE-2012-4869.json | 8 +-- 2014/CVE-2014-0160.json | 8 +-- 2014/CVE-2014-6271.json | 8 +-- 2015/CVE-2015-6967.json | 8 +-- 2016/CVE-2016-5195.json | 8 +-- 2017/CVE-2017-0199.json | 8 +-- 2017/CVE-2017-5638.json | 8 +-- 2017/CVE-2017-7494.json | 8 +-- 2018/CVE-2018-7600.json | 8 +-- 2019/CVE-2019-11447.json | 8 +-- 2019/CVE-2019-1385.json | 33 ---------- 2019/CVE-2019-16113.json | 16 ++--- 2020/CVE-2020-1472.json | 4 +- 2021/CVE-2021-1675.json | 8 +-- 2021/CVE-2021-26690.json | 2 +- 2021/CVE-2021-26828.json | 31 +++++++++ 2021/CVE-2021-40444.json | 16 ++--- 2021/CVE-2021-44228.json | 8 +-- 2021/CVE-2021-46069.json | 31 --------- 2022/CVE-2022-46689.json | 8 +-- 2023/CVE-2023-21608.json | 8 +-- 2023/CVE-2023-24871.json | 8 +-- 2023/CVE-2023-36025.json | 8 +-- 2023/CVE-2023-36884.json | 8 +-- 2024/CVE-2024-0044.json | 8 +-- 2024/CVE-2024-11320.json | 8 +-- 2024/CVE-2024-11643.json | 36 +++++++++++ 2024/CVE-2024-12172.json | 36 +++++++++++ 2024/CVE-2024-3400.json | 8 +-- 2024/CVE-2024-35250.json | 8 +-- 2024/CVE-2024-3806.json | 31 +++++++++ 2024/CVE-2024-38819.json | 8 +-- 2024/CVE-2024-42327.json | 8 +-- 2024/CVE-2024-45200.json | 8 +-- 2024/CVE-2024-47176.json | 8 +-- 2024/CVE-2024-49113.json | 12 ++-- 2024/CVE-2024-49607.json | 33 ++++++++++ 2024/CVE-2024-50379.json | 8 +-- 2024/CVE-2024-50507.json | 33 ++++++++++ 2024/CVE-2024-50508.json | 33 ++++++++++ 2024/CVE-2024-50510.json | 33 ++++++++++ 2024/CVE-2024-52940.json | 8 +-- 2024/CVE-2024-54363.json | 33 ++++++++++ 2024/CVE-2024-54374.json | 33 ++++++++++ 2024/CVE-2024-54378.json | 33 ++++++++++ 2024/CVE-2024-54385.json | 33 ++++++++++ 2024/CVE-2024-55978.json | 33 ++++++++++ 2024/CVE-2024-55980.json | 33 ++++++++++ 2024/CVE-2024-56512.json | 33 ++++++++++ 2024/CVE-2024-6330.json | 33 ++++++++++ 2024/CVE-2024-6387.json | 8 +-- 2024/CVE-2024-9822.json | 33 ++++++++++ README.md | 135 +++++++++++++++++++++++++++++++++------ 55 files changed, 825 insertions(+), 227 deletions(-) delete mode 100644 2019/CVE-2019-1385.json create mode 100644 2024/CVE-2024-11643.json create mode 100644 2024/CVE-2024-12172.json create mode 100644 2024/CVE-2024-49607.json create mode 100644 2024/CVE-2024-50507.json create mode 100644 2024/CVE-2024-50508.json create mode 100644 2024/CVE-2024-50510.json create mode 100644 2024/CVE-2024-54363.json create mode 100644 2024/CVE-2024-54374.json create mode 100644 2024/CVE-2024-54378.json create mode 100644 2024/CVE-2024-54385.json create mode 100644 2024/CVE-2024-55978.json create mode 100644 2024/CVE-2024-55980.json create mode 100644 2024/CVE-2024-56512.json create mode 100644 2024/CVE-2024-6330.json create mode 100644 2024/CVE-2024-9822.json diff --git a/2007/CVE-2007-2447.json b/2007/CVE-2007-2447.json index b410b03319..3c169372c2 100644 --- a/2007/CVE-2007-2447.json +++ b/2007/CVE-2007-2447.json @@ -529,15 +529,15 @@ { "id": 479844525, "name": "CVE-2007-2447", - "full_name": "0xConstant\/CVE-2007-2447", + "full_name": "banomaly\/CVE-2007-2447", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2007-2447", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2007-2447", "description": null, "fork": false, "created_at": "2022-04-09T21:12:11Z", diff --git a/2009/CVE-2009-2265.json b/2009/CVE-2009-2265.json index 1a85840e20..fe375fd77b 100644 --- a/2009/CVE-2009-2265.json +++ b/2009/CVE-2009-2265.json @@ -102,15 +102,15 @@ { "id": 476225528, "name": "CVE-2009-2265", - "full_name": "0xConstant\/CVE-2009-2265", + "full_name": "banomaly\/CVE-2009-2265", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2009-2265", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2009-2265", "description": "ColdFusion 8.0.1 - Arbitrary File Upload to RCE", "fork": false, "created_at": "2022-03-31T08:52:08Z", diff --git a/2012/CVE-2012-4869.json b/2012/CVE-2012-4869.json index 5d34ad17ff..a24c83b3d2 100644 --- a/2012/CVE-2012-4869.json +++ b/2012/CVE-2012-4869.json @@ -33,15 +33,15 @@ { "id": 478822980, "name": "CVE-2012-4869", - "full_name": "0xConstant\/CVE-2012-4869", + "full_name": "banomaly\/CVE-2012-4869", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2012-4869", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2012-4869", "description": null, "fork": false, "created_at": "2022-04-07T04:13:13Z", diff --git a/2014/CVE-2014-0160.json b/2014/CVE-2014-0160.json index 06ba719464..0744d9bf43 100644 --- a/2014/CVE-2014-0160.json +++ b/2014/CVE-2014-0160.json @@ -14,10 +14,10 @@ "description": "A checker (site and tool) for CVE-2014-0160", "fork": false, "created_at": "2014-04-07T23:03:09Z", - "updated_at": "2025-01-04T08:07:01Z", + "updated_at": "2025-01-06T17:00:55Z", "pushed_at": "2021-02-24T09:17:24Z", - "stargazers_count": 2305, - "watchers_count": 2305, + "stargazers_count": 2304, + "watchers_count": 2304, "has_discussions": false, "forks_count": 461, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 461, - "watchers": 2305, + "watchers": 2304, "score": 0, "subscribers_count": 117 }, diff --git a/2014/CVE-2014-6271.json b/2014/CVE-2014-6271.json index 9011665ec4..1c8266a91c 100644 --- a/2014/CVE-2014-6271.json +++ b/2014/CVE-2014-6271.json @@ -1920,15 +1920,15 @@ { "id": 479846687, "name": "CVE-2014-6271", - "full_name": "0xConstant\/CVE-2014-6271", + "full_name": "banomaly\/CVE-2014-6271", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2014-6271", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2014-6271", "description": null, "fork": false, "created_at": "2022-04-09T21:24:12Z", diff --git a/2015/CVE-2015-6967.json b/2015/CVE-2015-6967.json index b8308304e4..02cdeb8dbc 100644 --- a/2015/CVE-2015-6967.json +++ b/2015/CVE-2015-6967.json @@ -33,15 +33,15 @@ { "id": 481433279, "name": "CVE-2015-6967", - "full_name": "0xConstant\/CVE-2015-6967", + "full_name": "banomaly\/CVE-2015-6967", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2015-6967", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2015-6967", "description": null, "fork": false, "created_at": "2022-04-14T01:57:39Z", diff --git a/2016/CVE-2016-5195.json b/2016/CVE-2016-5195.json index efcc0b7f89..4e4d7b7b0f 100644 --- a/2016/CVE-2016-5195.json +++ b/2016/CVE-2016-5195.json @@ -462,10 +462,10 @@ "description": "Dirty Cow exploit - CVE-2016-5195", "fork": false, "created_at": "2016-11-25T21:08:01Z", - "updated_at": "2025-01-05T22:50:49Z", + "updated_at": "2025-01-06T12:08:44Z", "pushed_at": "2021-04-08T11:35:12Z", - "stargazers_count": 868, - "watchers_count": 868, + "stargazers_count": 869, + "watchers_count": 869, "has_discussions": false, "forks_count": 426, "allow_forking": true, @@ -478,7 +478,7 @@ ], "visibility": "public", "forks": 426, - "watchers": 868, + "watchers": 869, "score": 0, "subscribers_count": 9 }, diff --git a/2017/CVE-2017-0199.json b/2017/CVE-2017-0199.json index 81c06e7547..4801e12d12 100644 --- a/2017/CVE-2017-0199.json +++ b/2017/CVE-2017-0199.json @@ -267,10 +267,10 @@ "description": "An exploit implementation for RCE in RTF & DOCs (CVE-2017-0199)", "fork": false, "created_at": "2017-04-24T23:44:31Z", - "updated_at": "2024-08-12T19:29:22Z", + "updated_at": "2025-01-06T16:15:26Z", "pushed_at": "2017-04-24T23:45:18Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -279,7 +279,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 3, + "watchers": 2, "score": 0, "subscribers_count": 3 }, diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json index adba9f40e7..192450b8f0 100644 --- a/2017/CVE-2017-5638.json +++ b/2017/CVE-2017-5638.json @@ -2071,15 +2071,15 @@ { "id": 481444491, "name": "CVE-2017-5638", - "full_name": "0xConstant\/CVE-2017-5638", + "full_name": "banomaly\/CVE-2017-5638", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2017-5638", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2017-5638", "description": null, "fork": false, "created_at": "2022-04-14T02:48:22Z", diff --git a/2017/CVE-2017-7494.json b/2017/CVE-2017-7494.json index 8e01688ad5..b1f25932eb 100644 --- a/2017/CVE-2017-7494.json +++ b/2017/CVE-2017-7494.json @@ -76,10 +76,10 @@ "description": "SambaCry exploit and vulnerable container (CVE-2017-7494)", "fork": false, "created_at": "2017-05-26T00:58:25Z", - "updated_at": "2024-12-23T08:57:58Z", + "updated_at": "2025-01-06T13:32:31Z", "pushed_at": "2022-12-27T20:25:09Z", - "stargazers_count": 381, - "watchers_count": 381, + "stargazers_count": 382, + "watchers_count": 382, "has_discussions": false, "forks_count": 100, "allow_forking": true, @@ -94,7 +94,7 @@ ], "visibility": "public", "forks": 100, - "watchers": 381, + "watchers": 382, "score": 0, "subscribers_count": 10 }, diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json index 2f1a14575d..68ae765076 100644 --- a/2018/CVE-2018-7600.json +++ b/2018/CVE-2018-7600.json @@ -992,15 +992,15 @@ { "id": 477484512, "name": "CVE-2018-7600", - "full_name": "0xConstant\/CVE-2018-7600", + "full_name": "banomaly\/CVE-2018-7600", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2018-7600", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2018-7600", "description": null, "fork": false, "created_at": "2022-04-03T22:45:53Z", diff --git a/2019/CVE-2019-11447.json b/2019/CVE-2019-11447.json index 62cc919cdf..b1aec63fc7 100644 --- a/2019/CVE-2019-11447.json +++ b/2019/CVE-2019-11447.json @@ -174,15 +174,15 @@ { "id": 481430471, "name": "CVE-2019-11447", - "full_name": "0xConstant\/CVE-2019-11447", + "full_name": "banomaly\/CVE-2019-11447", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2019-11447", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2019-11447", "description": null, "fork": false, "created_at": "2022-04-14T01:45:04Z", diff --git a/2019/CVE-2019-1385.json b/2019/CVE-2019-1385.json deleted file mode 100644 index d68a37929a..0000000000 --- a/2019/CVE-2019-1385.json +++ /dev/null @@ -1,33 +0,0 @@ -[ - { - "id": 269204367, - "name": "CVE-2019-1385", - "full_name": "0x413x4\/CVE-2019-1385", - "owner": { - "login": "0x413x4", - "id": 11176964, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11176964?v=4", - "html_url": "https:\/\/github.com\/0x413x4", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/0x413x4\/CVE-2019-1385", - "description": "Enjoy hacking ;)", - "fork": false, - "created_at": "2020-06-03T22:06:49Z", - "updated_at": "2023-12-05T13:00:37Z", - "pushed_at": "2019-12-25T11:20:19Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - } -] \ No newline at end of file diff --git a/2019/CVE-2019-16113.json b/2019/CVE-2019-16113.json index 9fb9810377..3055d1422c 100644 --- a/2019/CVE-2019-16113.json +++ b/2019/CVE-2019-16113.json @@ -157,15 +157,15 @@ { "id": 300985470, "name": "CVE-2019-16113", - "full_name": "0xConstant\/CVE-2019-16113", + "full_name": "banomaly\/CVE-2019-16113", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2019-16113", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2019-16113", "description": "Bludit 3.9.2 - Remote command execution - CVE-2019-16113", "fork": false, "created_at": "2020-10-03T21:38:39Z", @@ -219,15 +219,15 @@ { "id": 478819535, "name": "CVE-2019-16113_", - "full_name": "0xConstant\/CVE-2019-16113_", + "full_name": "banomaly\/CVE-2019-16113_", "owner": { - "login": "0xConstant", + "login": "banomaly", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", - "html_url": "https:\/\/github.com\/0xConstant", + "html_url": "https:\/\/github.com\/banomaly", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/0xConstant\/CVE-2019-16113_", + "html_url": "https:\/\/github.com\/banomaly\/CVE-2019-16113_", "description": null, "fork": false, "created_at": "2022-04-07T03:57:15Z", diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 4369f74af0..ad50206d42 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -112,13 +112,13 @@ "stargazers_count": 1201, "watchers_count": 1201, "has_discussions": false, - "forks_count": 284, + "forks_count": 283, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 284, + "forks": 283, "watchers": 1201, "score": 0, "subscribers_count": 34 diff --git a/2021/CVE-2021-1675.json b/2021/CVE-2021-1675.json index 211e3a96be..4ce67f3782 100644 --- a/2021/CVE-2021-1675.json +++ b/2021/CVE-2021-1675.json @@ -1004,10 +1004,10 @@ "description": "Python implementation for PrintNightmare (CVE-2021-1675 \/ CVE-2021-34527)", "fork": false, "created_at": "2021-09-26T13:53:10Z", - "updated_at": "2024-12-10T13:19:49Z", + "updated_at": "2025-01-06T14:55:47Z", "pushed_at": "2021-10-17T13:29:56Z", - "stargazers_count": 183, - "watchers_count": 183, + "stargazers_count": 184, + "watchers_count": 184, "has_discussions": false, "forks_count": 30, "allow_forking": true, @@ -1019,7 +1019,7 @@ ], "visibility": "public", "forks": 30, - "watchers": 183, + "watchers": 184, "score": 0, "subscribers_count": 6 }, diff --git a/2021/CVE-2021-26690.json b/2021/CVE-2021-26690.json index 2190fbe022..d7635cf341 100644 --- a/2021/CVE-2021-26690.json +++ b/2021/CVE-2021-26690.json @@ -107,7 +107,7 @@ "description": null, "fork": false, "created_at": "2024-12-27T19:41:05Z", - "updated_at": "2024-12-28T20:10:56Z", + "updated_at": "2025-01-06T17:56:33Z", "pushed_at": "2024-12-28T20:10:53Z", "stargazers_count": 0, "watchers_count": 0, diff --git a/2021/CVE-2021-26828.json b/2021/CVE-2021-26828.json index 8762a4b887..f625e7791c 100644 --- a/2021/CVE-2021-26828.json +++ b/2021/CVE-2021-26828.json @@ -29,5 +29,36 @@ "watchers": 3, "score": 0, "subscribers_count": 2 + }, + { + "id": 912935660, + "name": "CVE-2021-26828", + "full_name": "voidvxvt\/CVE-2021-26828", + "owner": { + "login": "voidvxvt", + "id": 86536790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86536790?v=4", + "html_url": "https:\/\/github.com\/voidvxvt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/voidvxvt\/CVE-2021-26828", + "description": "python3 port of https:\/\/github.com\/hev0x\/CVE-2021-26828_ScadaBR_RCE\/blob\/main\/LinScada_RCE.py", + "fork": false, + "created_at": "2025-01-06T17:38:19Z", + "updated_at": "2025-01-06T17:40:18Z", + "pushed_at": "2025-01-06T17:40:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-40444.json b/2021/CVE-2021-40444.json index 049dc801bc..d79305d147 100644 --- a/2021/CVE-2021-40444.json +++ b/2021/CVE-2021-40444.json @@ -417,10 +417,10 @@ "description": "This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit", "fork": false, "created_at": "2021-09-12T18:05:53Z", - "updated_at": "2024-11-06T08:14:26Z", + "updated_at": "2025-01-06T14:14:46Z", "pushed_at": "2021-10-11T20:53:19Z", - "stargazers_count": 172, - "watchers_count": 172, + "stargazers_count": 171, + "watchers_count": 171, "has_discussions": false, "forks_count": 48, "allow_forking": true, @@ -429,7 +429,7 @@ "topics": [], "visibility": "public", "forks": 48, - "watchers": 172, + "watchers": 171, "score": 0, "subscribers_count": 6 }, @@ -610,10 +610,10 @@ "description": "Modified code so that we don´t need to rely on CAB archives", "fork": false, "created_at": "2021-09-19T19:46:28Z", - "updated_at": "2024-11-06T08:16:05Z", + "updated_at": "2025-01-06T17:07:26Z", "pushed_at": "2021-09-22T20:07:51Z", - "stargazers_count": 101, - "watchers_count": 101, + "stargazers_count": 100, + "watchers_count": 100, "has_discussions": false, "forks_count": 22, "allow_forking": true, @@ -622,7 +622,7 @@ "topics": [], "visibility": "public", "forks": 22, - "watchers": 101, + "watchers": 100, "score": 0, "subscribers_count": 7 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 561daa38f2..55b5ff4a57 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -5634,10 +5634,10 @@ "description": "A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.", "fork": false, "created_at": "2021-12-14T06:37:59Z", - "updated_at": "2025-01-04T20:29:45Z", + "updated_at": "2025-01-06T12:50:50Z", "pushed_at": "2024-12-11T23:04:50Z", - "stargazers_count": 391, - "watchers_count": 391, + "stargazers_count": 392, + "watchers_count": 392, "has_discussions": false, "forks_count": 53, "allow_forking": true, @@ -5652,7 +5652,7 @@ ], "visibility": "public", "forks": 53, - "watchers": 391, + "watchers": 392, "score": 0, "subscribers_count": 12 }, diff --git a/2021/CVE-2021-46069.json b/2021/CVE-2021-46069.json index 0f358f149a..ee91aca6c1 100644 --- a/2021/CVE-2021-46069.json +++ b/2021/CVE-2021-46069.json @@ -29,36 +29,5 @@ "watchers": 0, "score": 0, "subscribers_count": 1 - }, - { - "id": 448068658, - "name": "CVE-2021-46069", - "full_name": "plsanu\/CVE-2021-46069", - "owner": { - "login": "plsanu", - "id": 61007700, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", - "html_url": "https:\/\/github.com\/plsanu", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46069", - "description": "CVE-2021-46069 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.", - "fork": false, - "created_at": "2022-01-14T18:27:00Z", - "updated_at": "2023-12-30T08:24:23Z", - "pushed_at": "2022-01-14T18:27:27Z", - "stargazers_count": 1, - "watchers_count": 1, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 1, - "score": 0, - "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index 2be394995b..9ed7183fa1 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -76,10 +76,10 @@ "description": "CVE-2022-46689", "fork": false, "created_at": "2022-12-26T00:08:55Z", - "updated_at": "2024-12-13T16:41:24Z", + "updated_at": "2025-01-06T14:09:20Z", "pushed_at": "2023-10-10T16:53:48Z", - "stargazers_count": 121, - "watchers_count": 121, + "stargazers_count": 122, + "watchers_count": 122, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 121, + "watchers": 122, "score": 0, "subscribers_count": 8 }, diff --git a/2023/CVE-2023-21608.json b/2023/CVE-2023-21608.json index f5263cc052..08dcd54624 100644 --- a/2023/CVE-2023-21608.json +++ b/2023/CVE-2023-21608.json @@ -14,10 +14,10 @@ "description": "Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit", "fork": false, "created_at": "2023-01-30T12:57:48Z", - "updated_at": "2024-12-09T01:45:00Z", + "updated_at": "2025-01-06T16:14:58Z", "pushed_at": "2023-12-05T12:21:02Z", - "stargazers_count": 270, - "watchers_count": 270, + "stargazers_count": 269, + "watchers_count": 269, "has_discussions": false, "forks_count": 57, "allow_forking": true, @@ -36,7 +36,7 @@ ], "visibility": "public", "forks": 57, - "watchers": 270, + "watchers": 269, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-24871.json b/2023/CVE-2023-24871.json index 8593388115..ab7502a68e 100644 --- a/2023/CVE-2023-24871.json +++ b/2023/CVE-2023-24871.json @@ -14,10 +14,10 @@ "description": "pocs & exploit for CVE-2023-24871 (rce + lpe)", "fork": false, "created_at": "2024-06-21T15:01:15Z", - "updated_at": "2024-12-21T05:46:27Z", + "updated_at": "2025-01-06T14:33:13Z", "pushed_at": "2024-07-17T12:34:16Z", - "stargazers_count": 45, - "watchers_count": 45, + "stargazers_count": 46, + "watchers_count": 46, "has_discussions": false, "forks_count": 14, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 14, - "watchers": 45, + "watchers": 46, "score": 0, "subscribers_count": 2 } diff --git a/2023/CVE-2023-36025.json b/2023/CVE-2023-36025.json index 1c695f986b..be40d478a4 100644 --- a/2023/CVE-2023-36025.json +++ b/2023/CVE-2023-36025.json @@ -76,10 +76,10 @@ "description": "Windows SmartScreen Security Feature Bypass Vulnerability", "fork": false, "created_at": "2023-12-28T23:29:04Z", - "updated_at": "2024-01-16T19:29:15Z", + "updated_at": "2025-01-06T16:14:27Z", "pushed_at": "2023-12-29T22:11:48Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 5, + "watchers": 4, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-36884.json b/2023/CVE-2023-36884.json index a74b5bb388..538a65fb75 100644 --- a/2023/CVE-2023-36884.json +++ b/2023/CVE-2023-36884.json @@ -270,10 +270,10 @@ "description": "MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit", "fork": false, "created_at": "2023-09-28T11:53:44Z", - "updated_at": "2024-09-29T08:10:25Z", + "updated_at": "2025-01-06T17:08:46Z", "pushed_at": "2023-11-02T09:08:31Z", - "stargazers_count": 36, - "watchers_count": 36, + "stargazers_count": 35, + "watchers_count": 35, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -282,7 +282,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 36, + "watchers": 35, "score": 0, "subscribers_count": 3 } diff --git a/2024/CVE-2024-0044.json b/2024/CVE-2024-0044.json index 27223d709c..35b7cd4e2a 100644 --- a/2024/CVE-2024-0044.json +++ b/2024/CVE-2024-0044.json @@ -45,10 +45,10 @@ "description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13", "fork": false, "created_at": "2024-06-18T12:30:53Z", - "updated_at": "2025-01-06T12:17:23Z", + "updated_at": "2025-01-06T13:26:15Z", "pushed_at": "2024-12-02T06:29:52Z", - "stargazers_count": 267, - "watchers_count": 267, + "stargazers_count": 269, + "watchers_count": 269, "has_discussions": false, "forks_count": 62, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 62, - "watchers": 267, + "watchers": 269, "score": 0, "subscribers_count": 7 }, diff --git a/2024/CVE-2024-11320.json b/2024/CVE-2024-11320.json index fd405fe816..8bd592cb6c 100644 --- a/2024/CVE-2024-11320.json +++ b/2024/CVE-2024-11320.json @@ -14,10 +14,10 @@ "description": "Exploit for Pandora FMS Remote Code Execution CVE-2024-11320", "fork": false, "created_at": "2024-12-01T12:39:49Z", - "updated_at": "2024-12-07T09:49:47Z", + "updated_at": "2025-01-06T14:55:16Z", "pushed_at": "2024-12-01T12:48:08Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 7, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 7, - "watchers": 6, + "watchers": 7, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-11643.json b/2024/CVE-2024-11643.json new file mode 100644 index 0000000000..5cc31f8425 --- /dev/null +++ b/2024/CVE-2024-11643.json @@ -0,0 +1,36 @@ +[ + { + "id": 898924664, + "name": "CVE-2024-11643", + "full_name": "RandomRobbieBF\/CVE-2024-11643", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-11643", + "description": "Accessibility by AllAccessible <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option Update", + "fork": false, + "created_at": "2024-12-05T09:47:31Z", + "updated_at": "2025-01-06T13:39:02Z", + "pushed_at": "2024-12-05T09:49:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-11643", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12172.json b/2024/CVE-2024-12172.json new file mode 100644 index 0000000000..8cc0e352e2 --- /dev/null +++ b/2024/CVE-2024-12172.json @@ -0,0 +1,36 @@ +[ + { + "id": 904457773, + "name": "CVE-2024-12172", + "full_name": "RandomRobbieBF\/CVE-2024-12172", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12172", + "description": "WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses <= 3.2.21 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Update", + "fork": false, + "created_at": "2024-12-16T23:39:17Z", + "updated_at": "2025-01-06T13:18:45Z", + "pushed_at": "2024-12-16T23:40:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-12172", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3400.json b/2024/CVE-2024-3400.json index b193bfb2c9..0d5104dd18 100644 --- a/2024/CVE-2024-3400.json +++ b/2024/CVE-2024-3400.json @@ -417,10 +417,10 @@ "description": "CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect", "fork": false, "created_at": "2024-04-16T21:24:15Z", - "updated_at": "2024-12-11T19:07:34Z", + "updated_at": "2025-01-06T13:52:43Z", "pushed_at": "2024-04-17T11:03:32Z", - "stargazers_count": 21, - "watchers_count": 21, + "stargazers_count": 22, + "watchers_count": 22, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -429,7 +429,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 21, + "watchers": 22, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-35250.json b/2024/CVE-2024-35250.json index 25d0c1c370..bed0dcf727 100644 --- a/2024/CVE-2024-35250.json +++ b/2024/CVE-2024-35250.json @@ -14,10 +14,10 @@ "description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver", "fork": false, "created_at": "2024-10-13T19:30:20Z", - "updated_at": "2025-01-01T09:54:09Z", + "updated_at": "2025-01-06T16:52:03Z", "pushed_at": "2024-11-29T16:56:23Z", - "stargazers_count": 253, - "watchers_count": 253, + "stargazers_count": 254, + "watchers_count": 254, "has_discussions": false, "forks_count": 56, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 56, - "watchers": 253, + "watchers": 254, "score": 0, "subscribers_count": 7 }, diff --git a/2024/CVE-2024-3806.json b/2024/CVE-2024-3806.json index 54b57c254c..d593cf340a 100644 --- a/2024/CVE-2024-3806.json +++ b/2024/CVE-2024-3806.json @@ -29,5 +29,36 @@ "watchers": 8, "score": 0, "subscribers_count": 1 + }, + { + "id": 890475222, + "name": "CVE-2024-3806", + "full_name": "RandomRobbieBF\/CVE-2024-3806", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-3806", + "description": "Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts", + "fork": false, + "created_at": "2024-11-18T16:23:07Z", + "updated_at": "2025-01-06T13:38:17Z", + "pushed_at": "2024-11-18T16:23:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2024/CVE-2024-38819.json b/2024/CVE-2024-38819.json index bfe8f5b758..4b4ec0deda 100644 --- a/2024/CVE-2024-38819.json +++ b/2024/CVE-2024-38819.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-12-14T09:22:33Z", - "updated_at": "2025-01-03T14:51:17Z", + "updated_at": "2025-01-06T16:52:02Z", "pushed_at": "2024-12-14T10:13:45Z", - "stargazers_count": 34, - "watchers_count": 34, + "stargazers_count": 33, + "watchers_count": 33, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 34, + "watchers": 33, "score": 0, "subscribers_count": 3 }, diff --git a/2024/CVE-2024-42327.json b/2024/CVE-2024-42327.json index 84eea8a10d..6629834091 100644 --- a/2024/CVE-2024-42327.json +++ b/2024/CVE-2024-42327.json @@ -200,10 +200,10 @@ "description": "Zabbix CVE-2024-42327 PoC", "fork": false, "created_at": "2025-01-01T18:25:44Z", - "updated_at": "2025-01-06T11:53:22Z", + "updated_at": "2025-01-06T12:48:46Z", "pushed_at": "2025-01-03T13:49:03Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 21, + "watchers_count": 21, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -212,7 +212,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 19, + "watchers": 21, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-45200.json b/2024/CVE-2024-45200.json index 148bc781af..4c85334938 100644 --- a/2024/CVE-2024-45200.json +++ b/2024/CVE-2024-45200.json @@ -14,10 +14,10 @@ "description": "Information & PoC for CVE-2024-45200, Mario Kart 8 Deluxe's \"KartLANPwn\" buffer overflow vulnerability", "fork": false, "created_at": "2024-09-13T00:41:32Z", - "updated_at": "2025-01-05T15:43:39Z", + "updated_at": "2025-01-06T13:20:49Z", "pushed_at": "2024-10-01T00:57:03Z", - "stargazers_count": 55, - "watchers_count": 55, + "stargazers_count": 56, + "watchers_count": 56, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 1, - "watchers": 55, + "watchers": 56, "score": 0, "subscribers_count": 2 } diff --git a/2024/CVE-2024-47176.json b/2024/CVE-2024-47176.json index 8b4a8fcc9b..ce6ce14b71 100644 --- a/2024/CVE-2024-47176.json +++ b/2024/CVE-2024-47176.json @@ -307,10 +307,10 @@ "description": "A simple scanner for identifying vulnerable cups-browsed instances on your network", "fork": false, "created_at": "2024-10-07T07:25:18Z", - "updated_at": "2024-11-21T08:57:56Z", + "updated_at": "2025-01-06T15:46:35Z", "pushed_at": "2024-10-07T16:59:47Z", - "stargazers_count": 58, - "watchers_count": 58, + "stargazers_count": 59, + "watchers_count": 59, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -319,7 +319,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 58, + "watchers": 59, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-49113.json b/2024/CVE-2024-49113.json index b4ef46bd75..19acf38248 100644 --- a/2024/CVE-2024-49113.json +++ b/2024/CVE-2024-49113.json @@ -14,19 +14,19 @@ "description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113", "fork": false, "created_at": "2025-01-01T15:48:38Z", - "updated_at": "2025-01-06T11:58:13Z", + "updated_at": "2025-01-06T17:18:21Z", "pushed_at": "2025-01-02T16:07:23Z", - "stargazers_count": 361, - "watchers_count": 361, + "stargazers_count": 364, + "watchers_count": 364, "has_discussions": false, - "forks_count": 83, + "forks_count": 85, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 83, - "watchers": 361, + "forks": 85, + "watchers": 364, "score": 0, "subscribers_count": 3 }, diff --git a/2024/CVE-2024-49607.json b/2024/CVE-2024-49607.json new file mode 100644 index 0000000000..6618c509b8 --- /dev/null +++ b/2024/CVE-2024-49607.json @@ -0,0 +1,33 @@ +[ + { + "id": 885865765, + "name": "CVE-2024-49607", + "full_name": "RandomRobbieBF\/CVE-2024-49607", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-49607", + "description": "WP Dropbox Dropins <= 1.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-09T15:46:58Z", + "updated_at": "2025-01-06T13:37:21Z", + "pushed_at": "2024-11-09T15:48:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50379.json b/2024/CVE-2024-50379.json index 737911ed90..83c9a29d4f 100644 --- a/2024/CVE-2024-50379.json +++ b/2024/CVE-2024-50379.json @@ -169,10 +169,10 @@ "description": "RCE through a race condition in Apache Tomcat", "fork": false, "created_at": "2024-12-21T05:54:29Z", - "updated_at": "2025-01-01T11:45:33Z", + "updated_at": "2025-01-06T16:53:23Z", "pushed_at": "2024-12-21T08:56:44Z", - "stargazers_count": 48, - "watchers_count": 48, + "stargazers_count": 47, + "watchers_count": 47, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -181,7 +181,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 48, + "watchers": 47, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-50507.json b/2024/CVE-2024-50507.json new file mode 100644 index 0000000000..95fb80ca89 --- /dev/null +++ b/2024/CVE-2024-50507.json @@ -0,0 +1,33 @@ +[ + { + "id": 904385732, + "name": "CVE-2024-50507", + "full_name": "RandomRobbieBF\/CVE-2024-50507", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50507", + "description": "DS.DownloadList <= 1.3 - Unauthenticated PHP Object Injection", + "fork": false, + "created_at": "2024-12-16T19:36:26Z", + "updated_at": "2025-01-06T13:39:56Z", + "pushed_at": "2024-12-16T19:36:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50508.json b/2024/CVE-2024-50508.json new file mode 100644 index 0000000000..af51d4c7ca --- /dev/null +++ b/2024/CVE-2024-50508.json @@ -0,0 +1,33 @@ +[ + { + "id": 904394229, + "name": "CVE-2024-50508", + "full_name": "RandomRobbieBF\/CVE-2024-50508", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50508", + "description": "Woocommerce Product Design <= 1.0.0 - Unauthenticated Arbitrary File Download", + "fork": false, + "created_at": "2024-12-16T20:00:24Z", + "updated_at": "2025-01-06T13:20:46Z", + "pushed_at": "2024-12-16T20:00:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50510.json b/2024/CVE-2024-50510.json new file mode 100644 index 0000000000..90307c549d --- /dev/null +++ b/2024/CVE-2024-50510.json @@ -0,0 +1,33 @@ +[ + { + "id": 904399683, + "name": "CVE-2024-50510", + "full_name": "RandomRobbieBF\/CVE-2024-50510", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50510", + "description": "AR For Woocommerce <= 6.2 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-12-16T20:15:56Z", + "updated_at": "2025-01-06T13:19:35Z", + "pushed_at": "2024-12-16T21:28:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52940.json b/2024/CVE-2024-52940.json index 7f95cc3ac4..29513c6e0d 100644 --- a/2024/CVE-2024-52940.json +++ b/2024/CVE-2024-52940.json @@ -14,10 +14,10 @@ "description": "CVE-2024-52940 - A zero-day vulnerability in AnyDesk's \"Allow Direct Connections\" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.", "fork": false, "created_at": "2024-10-27T15:29:56Z", - "updated_at": "2025-01-06T07:29:26Z", + "updated_at": "2025-01-06T15:22:09Z", "pushed_at": "2024-11-18T15:09:32Z", - "stargazers_count": 30, - "watchers_count": 30, + "stargazers_count": 31, + "watchers_count": 31, "has_discussions": true, "forks_count": 9, "allow_forking": true, @@ -38,7 +38,7 @@ ], "visibility": "public", "forks": 9, - "watchers": 30, + "watchers": 31, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-54363.json b/2024/CVE-2024-54363.json new file mode 100644 index 0000000000..0a3dc282d7 --- /dev/null +++ b/2024/CVE-2024-54363.json @@ -0,0 +1,33 @@ +[ + { + "id": 911232019, + "name": "CVE-2024-54363", + "full_name": "RandomRobbieBF\/CVE-2024-54363", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54363", + "description": "Wp NssUser Register <= 1.0.0 - Unauthenticated Privilege Escalation", + "fork": false, + "created_at": "2025-01-02T14:41:52Z", + "updated_at": "2025-01-06T13:24:39Z", + "pushed_at": "2025-01-02T14:42:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54374.json b/2024/CVE-2024-54374.json new file mode 100644 index 0000000000..70ed348ec5 --- /dev/null +++ b/2024/CVE-2024-54374.json @@ -0,0 +1,33 @@ +[ + { + "id": 911563924, + "name": "CVE-2024-54374", + "full_name": "RandomRobbieBF\/CVE-2024-54374", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54374", + "description": "Sogrid <= 1.5.6 - Unauthenticated Local File Inclusion", + "fork": false, + "created_at": "2025-01-03T10:08:54Z", + "updated_at": "2025-01-06T13:24:00Z", + "pushed_at": "2025-01-03T10:09:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54378.json b/2024/CVE-2024-54378.json new file mode 100644 index 0000000000..e192930db5 --- /dev/null +++ b/2024/CVE-2024-54378.json @@ -0,0 +1,33 @@ +[ + { + "id": 905865153, + "name": "CVE-2024-54378", + "full_name": "RandomRobbieBF\/CVE-2024-54378", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54378", + "description": "Quietly Insights <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update", + "fork": false, + "created_at": "2024-12-19T17:15:17Z", + "updated_at": "2025-01-06T13:17:55Z", + "pushed_at": "2024-12-19T17:16:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54385.json b/2024/CVE-2024-54385.json new file mode 100644 index 0000000000..12b36cfeba --- /dev/null +++ b/2024/CVE-2024-54385.json @@ -0,0 +1,33 @@ +[ + { + "id": 911208038, + "name": "CVE-2024-54385", + "full_name": "RandomRobbieBF\/CVE-2024-54385", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54385", + "description": "Radio Player <= 2.0.82 - Blind Unauthenticated Server-Side Request Forgery", + "fork": false, + "created_at": "2025-01-02T13:40:14Z", + "updated_at": "2025-01-06T13:25:23Z", + "pushed_at": "2025-01-02T13:40:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55978.json b/2024/CVE-2024-55978.json new file mode 100644 index 0000000000..4c831fbbca --- /dev/null +++ b/2024/CVE-2024-55978.json @@ -0,0 +1,33 @@ +[ + { + "id": 911200848, + "name": "CVE-2024-55978", + "full_name": "RandomRobbieBF\/CVE-2024-55978", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55978", + "description": "Code Generator Pro <= 1.2 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-02T13:21:36Z", + "updated_at": "2025-01-06T13:26:00Z", + "pushed_at": "2025-01-02T13:25:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55980.json b/2024/CVE-2024-55980.json new file mode 100644 index 0000000000..67b7764815 --- /dev/null +++ b/2024/CVE-2024-55980.json @@ -0,0 +1,33 @@ +[ + { + "id": 911153744, + "name": "CVE-2024-55980", + "full_name": "RandomRobbieBF\/CVE-2024-55980", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55980", + "description": "Wr Age Verification <= 2.0.0 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-02T11:11:48Z", + "updated_at": "2025-01-06T13:26:50Z", + "pushed_at": "2025-01-02T11:15:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56512.json b/2024/CVE-2024-56512.json new file mode 100644 index 0000000000..9abbe5a810 --- /dev/null +++ b/2024/CVE-2024-56512.json @@ -0,0 +1,33 @@ +[ + { + "id": 912934520, + "name": "CVE-2024-56512-Apache-NiFi-Exploit", + "full_name": "absholi7ly\/CVE-2024-56512-Apache-NiFi-Exploit", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/CVE-2024-56512-Apache-NiFi-Exploit", + "description": "A tool to exploit the CVE-2024-56512 vulnerability in Apache NiFi, which allows unauthorized access to sensitive data through improperly secured APIs.", + "fork": false, + "created_at": "2025-01-06T17:35:33Z", + "updated_at": "2025-01-06T17:51:41Z", + "pushed_at": "2025-01-06T17:51:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6330.json b/2024/CVE-2024-6330.json new file mode 100644 index 0000000000..8c046edea4 --- /dev/null +++ b/2024/CVE-2024-6330.json @@ -0,0 +1,33 @@ +[ + { + "id": 891325737, + "name": "CVE-2024-6330", + "full_name": "RandomRobbieBF\/CVE-2024-6330", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-6330", + "description": "GEO my WordPress < 4.5.0.2 - Unauthenticated LFI to RCE\/PHAR Deserialization", + "fork": false, + "created_at": "2024-11-20T06:08:32Z", + "updated_at": "2025-01-06T13:22:43Z", + "pushed_at": "2024-12-13T14:00:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index f2c4a171ac..94d0e8beed 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -1360,7 +1360,7 @@ "stargazers_count": 72, "watchers_count": 72, "has_discussions": false, - "forks_count": 28, + "forks_count": 29, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -1375,7 +1375,7 @@ "rce" ], "visibility": "public", - "forks": 28, + "forks": 29, "watchers": 72, "score": 0, "subscribers_count": 3 @@ -2185,13 +2185,13 @@ "stargazers_count": 63, "watchers_count": 63, "has_discussions": false, - "forks_count": 27, + "forks_count": 29, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 27, + "forks": 29, "watchers": 63, "score": 0, "subscribers_count": 3 diff --git a/2024/CVE-2024-9822.json b/2024/CVE-2024-9822.json new file mode 100644 index 0000000000..15d3eb90e7 --- /dev/null +++ b/2024/CVE-2024-9822.json @@ -0,0 +1,33 @@ +[ + { + "id": 871710418, + "name": "CVE-2024-9822", + "full_name": "RandomRobbieBF\/CVE-2024-9822", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9822", + "description": "Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator", + "fork": false, + "created_at": "2024-10-12T18:11:16Z", + "updated_at": "2025-01-06T13:36:12Z", + "pushed_at": "2024-10-12T18:13:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 3a18574044..b7457ef529 100644 --- a/README.md +++ b/README.md @@ -854,6 +854,7 @@ - [truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc](https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc) +- [RandomRobbieBF/CVE-2024-3806](https://github.com/RandomRobbieBF/CVE-2024-3806) ### CVE-2024-3867 (2024-04-16) @@ -1345,6 +1346,13 @@ - [Florian-Hoth/CVE-2024-6222](https://github.com/Florian-Hoth/CVE-2024-6222) +### CVE-2024-6330 (2024-08-19) + +The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution. + + +- [RandomRobbieBF/CVE-2024-6330](https://github.com/RandomRobbieBF/CVE-2024-6330) + ### CVE-2024-6366 (2024-07-29) The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP. @@ -1988,6 +1996,13 @@ - [RandomRobbieBF/CVE-2024-9821](https://github.com/RandomRobbieBF/CVE-2024-9821) +### CVE-2024-9822 (2024-10-11) + +The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'login_admin_user' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the administrator, or if it does not exist, then to the first administrator. + + +- [RandomRobbieBF/CVE-2024-9822](https://github.com/RandomRobbieBF/CVE-2024-9822) + ### CVE-2024-9890 (2024-10-26) The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3. This is due to an improper capability check in the 'switchUser' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator. @@ -2374,6 +2389,13 @@ - [inb1ts/CVE-2024-11616](https://github.com/inb1ts/CVE-2024-11616) +### CVE-2024-11643 (2024-12-04) + +The Accessibility by AllAccessible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'AllAccessible_save_settings' function in all versions up to, and including, 1.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. + + +- [RandomRobbieBF/CVE-2024-11643](https://github.com/RandomRobbieBF/CVE-2024-11643) + ### CVE-2024-11680 (2024-11-26) ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript. @@ -2409,6 +2431,13 @@ - [McTavishSue/CVE-2024-12155](https://github.com/McTavishSue/CVE-2024-12155) +### CVE-2024-12172 (2024-12-12) + +The WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpc_update_user_meta_option() function in all versions up to, and including, 3.2.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary user's metadata which can be levereged to block an administrator from accessing their site when wp_capabilities is set to 0. + + +- [RandomRobbieBF/CVE-2024-12172](https://github.com/RandomRobbieBF/CVE-2024-12172) + ### CVE-2024-12209 (2024-12-08) The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. @@ -7214,6 +7243,13 @@ - [OHDUDEOKNICE/CVE-2024-49379](https://github.com/OHDUDEOKNICE/CVE-2024-49379) +### CVE-2024-49607 (2024-10-20) + +Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0. + + +- [RandomRobbieBF/CVE-2024-49607](https://github.com/RandomRobbieBF/CVE-2024-49607) + ### CVE-2024-49681 (2024-10-24) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SWIT WP Sessions Time Monitoring Full Automatic allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through 1.0.9. @@ -7366,6 +7402,20 @@ - [p0et08/CVE-2024-50498](https://github.com/p0et08/CVE-2024-50498) - [Nxploited/CVE-2024-50498](https://github.com/Nxploited/CVE-2024-50498) +### CVE-2024-50507 (2024-10-30) + +Deserialization of Untrusted Data vulnerability in Daniel Schmitzer DS.DownloadList allows Object Injection.This issue affects DS.DownloadList: from n/a through 1.3. + + +- [RandomRobbieBF/CVE-2024-50507](https://github.com/RandomRobbieBF/CVE-2024-50507) + +### CVE-2024-50508 (2024-10-30) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-50508](https://github.com/RandomRobbieBF/CVE-2024-50508) + ### CVE-2024-50509 (2024-10-30) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through 1.0.0. @@ -7373,6 +7423,13 @@ - [RandomRobbieBF/CVE-2024-50509](https://github.com/RandomRobbieBF/CVE-2024-50509) +### CVE-2024-50510 (2024-10-30) + +Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through 6.2. + + +- [RandomRobbieBF/CVE-2024-50510](https://github.com/RandomRobbieBF/CVE-2024-50510) + ### CVE-2024-50623 (2024-10-27) In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. @@ -7782,6 +7839,13 @@ - [RandomRobbieBF/CVE-2024-54330](https://github.com/RandomRobbieBF/CVE-2024-54330) +### CVE-2024-54363 (2024-12-16) + +Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-54363](https://github.com/RandomRobbieBF/CVE-2024-54363) + ### CVE-2024-54369 (2024-12-16) Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through 1.0.2. @@ -7789,6 +7853,27 @@ - [RandomRobbieBF/CVE-2024-54369](https://github.com/RandomRobbieBF/CVE-2024-54369) +### CVE-2024-54374 (2024-12-16) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sabri Taieb Sogrid allows PHP Local File Inclusion.This issue affects Sogrid: from n/a through 1.5.6. + + +- [RandomRobbieBF/CVE-2024-54374](https://github.com/RandomRobbieBF/CVE-2024-54374) + +### CVE-2024-54378 (2024-12-16) + +Missing Authorization vulnerability in Quietly Quietly Insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through 1.2.2. + + +- [RandomRobbieBF/CVE-2024-54378](https://github.com/RandomRobbieBF/CVE-2024-54378) + +### CVE-2024-54385 (2024-12-16) + +Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through 2.0.82. + + +- [RandomRobbieBF/CVE-2024-54385](https://github.com/RandomRobbieBF/CVE-2024-54385) + ### CVE-2024-54679 (2024-12-05) CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions. @@ -7848,6 +7933,20 @@ - [RandomRobbieBF/CVE-2024-55976](https://github.com/RandomRobbieBF/CVE-2024-55976) +### CVE-2024-55978 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WalletStation.com Code Generator Pro allows SQL Injection.This issue affects Code Generator Pro: from n/a through 1.2. + + +- [RandomRobbieBF/CVE-2024-55978](https://github.com/RandomRobbieBF/CVE-2024-55978) + +### CVE-2024-55980 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webriderz Wr Age Verification allows SQL Injection.This issue affects Wr Age Verification: from n/a through 2.0.0. + + +- [RandomRobbieBF/CVE-2024-55980](https://github.com/RandomRobbieBF/CVE-2024-55980) + ### CVE-2024-55981 (2024-12-16) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nabajit Roy Nabz Image Gallery allows SQL Injection.This issue affects Nabz Image Gallery: from n/a through v1.00. @@ -7912,6 +8011,13 @@ - [JonnyWhatshisface/CVE-2024-56433](https://github.com/JonnyWhatshisface/CVE-2024-56433) +### CVE-2024-56512 (2024-12-28) + +Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups.\n\nCreating a new Process Group can include binding to a Parameter Context, but in cases where the Process Group did not reference any Parameter values, the framework did not check user authorization for the bound Parameter Context. Missing authorization for a bound Parameter Context enabled clients to download non-sensitive Parameter values after creating the Process Group.\n\nCreating a new Process Group can also include referencing existing Controller Services or Parameter Providers. The framework did not check user authorization for referenced Controller Services or Parameter Providers, enabling clients to create Process Groups and use these components that were otherwise unauthorized.\n\nThis vulnerability is limited in scope to authenticated users authorized to create Process Groups. The scope is further limited to deployments with component-based authorization policies. Upgrading to Apache NiFi 2.1.0 is the recommended mitigation, which includes authorization checking for Parameter and Controller Service references on Process Group creation. + + +- [absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit](https://github.com/absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit) + ### CVE-2024-1642470 - [Symbolexe/CVE-2024-1642470](https://github.com/Symbolexe/CVE-2024-1642470) @@ -25781,6 +25887,7 @@ - [hev0x/CVE-2021-26828_ScadaBR_RCE](https://github.com/hev0x/CVE-2021-26828_ScadaBR_RCE) +- [voidvxvt/CVE-2021-26828](https://github.com/voidvxvt/CVE-2021-26828) ### CVE-2021-26832 (2021-04-14) @@ -29750,7 +29857,6 @@ - [plsanu/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS) -- [plsanu/CVE-2021-46069](https://github.com/plsanu/CVE-2021-46069) ### CVE-2021-46070 (2022-01-06) @@ -35753,13 +35859,6 @@ - [mandarenmanman/CVE-2019-1367](https://github.com/mandarenmanman/CVE-2019-1367) -### CVE-2019-1385 (2019-11-12) - -An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. - - -- [0x413x4/CVE-2019-1385](https://github.com/0x413x4/CVE-2019-1385) - ### CVE-2019-1388 (2019-11-12) An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'. @@ -37343,7 +37442,7 @@ - [dinesh876/CVE-2019-11447-POC](https://github.com/dinesh876/CVE-2019-11447-POC) - [ColdFusionX/CVE-2019-11447_CuteNews-AvatarUploadRCE](https://github.com/ColdFusionX/CVE-2019-11447_CuteNews-AvatarUploadRCE) - [thewhiteh4t/cve-2019-11447](https://github.com/thewhiteh4t/cve-2019-11447) -- [0xConstant/CVE-2019-11447](https://github.com/0xConstant/CVE-2019-11447) +- [banomaly/CVE-2019-11447](https://github.com/banomaly/CVE-2019-11447) - [substing/CVE-2019-11447_reverse_shell_upload](https://github.com/substing/CVE-2019-11447_reverse_shell_upload) - [CRFSlick/CVE-2019-11447-POC](https://github.com/CRFSlick/CVE-2019-11447-POC) - [ojo5/CVE-2019-11447.c](https://github.com/ojo5/CVE-2019-11447.c) @@ -38414,9 +38513,9 @@ - [hg8/CVE-2019-16113-PoC](https://github.com/hg8/CVE-2019-16113-PoC) - [Kenun99/CVE-2019-16113-Dockerfile](https://github.com/Kenun99/CVE-2019-16113-Dockerfile) - [dldygnl/CVE-2019-16113](https://github.com/dldygnl/CVE-2019-16113) -- [0xConstant/CVE-2019-16113](https://github.com/0xConstant/CVE-2019-16113) +- [banomaly/CVE-2019-16113](https://github.com/banomaly/CVE-2019-16113) - [DXY0411/CVE-2019-16113](https://github.com/DXY0411/CVE-2019-16113) -- [0xConstant/CVE-2019-16113_](https://github.com/0xConstant/CVE-2019-16113_) +- [banomaly/CVE-2019-16113_](https://github.com/banomaly/CVE-2019-16113_) - [mind2hex/CVE-2019-16113](https://github.com/mind2hex/CVE-2019-16113) - [tronghoang89/cve-2019-16113](https://github.com/tronghoang89/cve-2019-16113) @@ -40589,7 +40688,7 @@ - [0xAJ2K/CVE-2018-7600](https://github.com/0xAJ2K/CVE-2018-7600) - [rafaelcaria/drupalgeddon2-CVE-2018-7600](https://github.com/rafaelcaria/drupalgeddon2-CVE-2018-7600) - [vphnguyen/ANM_CVE-2018-7600](https://github.com/vphnguyen/ANM_CVE-2018-7600) -- [0xConstant/CVE-2018-7600](https://github.com/0xConstant/CVE-2018-7600) +- [banomaly/CVE-2018-7600](https://github.com/banomaly/CVE-2018-7600) - [anldori/CVE-2018-7600](https://github.com/anldori/CVE-2018-7600) - [r0lh/CVE-2018-7600](https://github.com/r0lh/CVE-2018-7600) - [killeveee/CVE-2018-7600](https://github.com/killeveee/CVE-2018-7600) @@ -43444,7 +43543,7 @@ - [testpilot031/vulnerability_struts-2.3.31](https://github.com/testpilot031/vulnerability_struts-2.3.31) - [readloud/CVE-2017-5638](https://github.com/readloud/CVE-2017-5638) - [Tankirat/CVE-2017-5638](https://github.com/Tankirat/CVE-2017-5638) -- [0xConstant/CVE-2017-5638](https://github.com/0xConstant/CVE-2017-5638) +- [banomaly/CVE-2017-5638](https://github.com/banomaly/CVE-2017-5638) - [mfdev-solution/Exploit-CVE-2017-5638](https://github.com/mfdev-solution/Exploit-CVE-2017-5638) - [mritunjay-k/CVE-2017-5638](https://github.com/mritunjay-k/CVE-2017-5638) - [FredBrave/CVE-2017-5638-ApacheStruts2.3.5](https://github.com/FredBrave/CVE-2017-5638-ApacheStruts2.3.5) @@ -47269,7 +47368,7 @@ - [dix0nym/CVE-2015-6967](https://github.com/dix0nym/CVE-2015-6967) -- [0xConstant/CVE-2015-6967](https://github.com/0xConstant/CVE-2015-6967) +- [banomaly/CVE-2015-6967](https://github.com/banomaly/CVE-2015-6967) - [FredBrave/CVE-2015-6967](https://github.com/FredBrave/CVE-2015-6967) - [3mpir3Albert/HTB_Nibbles](https://github.com/3mpir3Albert/HTB_Nibbles) @@ -48100,7 +48199,7 @@ - [b4keSn4ke/CVE-2014-6271](https://github.com/b4keSn4ke/CVE-2014-6271) - [hadrian3689/shellshock](https://github.com/hadrian3689/shellshock) - [akr3ch/CVE-2014-6271](https://github.com/akr3ch/CVE-2014-6271) -- [0xConstant/CVE-2014-6271](https://github.com/0xConstant/CVE-2014-6271) +- [banomaly/CVE-2014-6271](https://github.com/banomaly/CVE-2014-6271) - [Gurguii/cgi-bin-shellshock](https://github.com/Gurguii/cgi-bin-shellshock) - [anujbhan/shellshock-victim-host](https://github.com/anujbhan/shellshock-victim-host) - [FilipStudeny/-CVE-2014-6271-Shellshock-Remote-Command-Injection-](https://github.com/FilipStudeny/-CVE-2014-6271-Shellshock-Remote-Command-Injection-) @@ -48975,7 +49074,7 @@ - [bitc0de/Elastix-Remote-Code-Execution](https://github.com/bitc0de/Elastix-Remote-Code-Execution) -- [0xConstant/CVE-2012-4869](https://github.com/0xConstant/CVE-2012-4869) +- [banomaly/CVE-2012-4869](https://github.com/banomaly/CVE-2012-4869) ### CVE-2012-4929 (2012-09-15) @@ -49547,7 +49646,7 @@ - [zaphoxx/zaphoxx-coldfusion](https://github.com/zaphoxx/zaphoxx-coldfusion) - [n3rdh4x0r/CVE-2009-2265](https://github.com/n3rdh4x0r/CVE-2009-2265) - [p1ckzi/CVE-2009-2265](https://github.com/p1ckzi/CVE-2009-2265) -- [0xConstant/CVE-2009-2265](https://github.com/0xConstant/CVE-2009-2265) +- [banomaly/CVE-2009-2265](https://github.com/banomaly/CVE-2009-2265) - [0xDTC/Adobe-ColdFusion-8-RCE-CVE-2009-2265](https://github.com/0xDTC/Adobe-ColdFusion-8-RCE-CVE-2009-2265) ### CVE-2009-2692 (2009-08-14) @@ -49832,7 +49931,7 @@ - [3t4n/samba-3.0.24-CVE-2007-2447-vunerable-](https://github.com/3t4n/samba-3.0.24-CVE-2007-2447-vunerable-) - [xbufu/CVE-2007-2447](https://github.com/xbufu/CVE-2007-2447) - [s4msec/CVE-2007-2447](https://github.com/s4msec/CVE-2007-2447) -- [0xConstant/CVE-2007-2447](https://github.com/0xConstant/CVE-2007-2447) +- [banomaly/CVE-2007-2447](https://github.com/banomaly/CVE-2007-2447) - [Nosferatuvjr/Samba-Usermap-exploit](https://github.com/Nosferatuvjr/Samba-Usermap-exploit) - [testaross4/CVE-2007-2447](https://github.com/testaross4/CVE-2007-2447) - [mr-l0n3lly/CVE-2007-2447](https://github.com/mr-l0n3lly/CVE-2007-2447)