mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/07/21 13:44:06

Browse source
This commit is contained in:
motikan2010-bot 2023-07-21 22:44:06 +09:00
parent 22af6e30e1
commit c3c91be359
37 changed files with 364 additions and 157 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
2012/CVE-2012-2982.json
View file

@ -133,19 +133,19 @@
"description": "A Python replicated exploit for Webmin 1.580 \/file\/show.cgi Remote Code Execution",
"fork": false,
"created_at": "2021-09-04T04:01:56Z",
"updated_at": "2023-07-20T00:33:12Z",
"updated_at": "2023-07-21T09:27:16Z",
"pushed_at": "2021-09-28T16:14:13Z",
"stargazers_count": 31,
"watchers_count": 31,
"stargazers_count": 32,
"watchers_count": 32,
"has_discussions": false,
"forks_count": 9,
"forks_count": 10,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 31,
"forks": 10,
"watchers": 32,
"score": 0,
"subscribers_count": 2
},

8
2016/CVE-2016-5195.json
View file

@ -233,10 +233,10 @@
"description": "PoC for Dirty COW (CVE-2016-5195)",
"fork": false,
"created_at": "2016-10-22T15:25:34Z",
"updated_at": "2023-07-20T03:30:22Z",
"updated_at": "2023-07-21T06:52:11Z",
"pushed_at": "2022-03-16T12:08:54Z",
"stargazers_count": 444,
"watchers_count": 444,
"stargazers_count": 445,
"watchers_count": 445,
"has_discussions": false,
"forks_count": 150,
"allow_forking": true,
@ -245,7 +245,7 @@
"topics": [],
"visibility": "public",
"forks": 150,
"watchers": 444,
"watchers": 445,
"score": 0,
"subscribers_count": 20
},

8
2017/CVE-2017-12615.json
View file

@ -13,10 +13,10 @@
"description": "POC Exploit for Apache Tomcat 7.0.x CVE-2017-12615 PUT JSP vulnerability.",
"fork": false,
"created_at": "2017-09-23T06:15:48Z",
"updated_at": "2023-06-12T20:57:43Z",
"updated_at": "2023-07-21T12:59:58Z",
"pushed_at": "2022-10-09T12:13:03Z",
"stargazers_count": 101,
"watchers_count": 101,
"stargazers_count": 100,
"watchers_count": 100,
"has_discussions": false,
"forks_count": 24,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 24,
"watchers": 101,
"watchers": 100,
"score": 0,
"subscribers_count": 5
},

8
2018/CVE-2018-8897.json
View file

@ -73,10 +73,10 @@
"description": "Arbitrary code execution with kernel privileges using CVE-2018-8897.",
"fork": false,
"created_at": "2018-05-13T19:34:17Z",
"updated_at": "2023-06-17T23:13:44Z",
"updated_at": "2023-07-21T10:03:25Z",
"pushed_at": "2018-05-18T12:26:53Z",
"stargazers_count": 407,
"watchers_count": 407,
"stargazers_count": 408,
"watchers_count": 408,
"has_discussions": false,
"forks_count": 112,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 112,
"watchers": 407,
"watchers": 408,
"score": 0,
"subscribers_count": 16
},

16
2019/CVE-2019-0708.json
View file

@ -2944,10 +2944,10 @@
"description": "ispy V1.0 - Eternalblue(ms17-010)\/Bluekeep(CVE-2019-0708) Scanner and exploit ( Metasploit automation )",
"fork": false,
"created_at": "2019-09-30T19:46:21Z",
"updated_at": "2023-07-06T12:19:05Z",
"updated_at": "2023-07-21T06:54:12Z",
"pushed_at": "2021-02-06T00:24:21Z",
"stargazers_count": 226,
"watchers_count": 226,
"stargazers_count": 227,
"watchers_count": 227,
"has_discussions": false,
"forks_count": 77,
"allow_forking": true,
@ -2956,7 +2956,7 @@
"topics": [],
"visibility": "public",
"forks": 77,
"watchers": 226,
"watchers": 227,
"score": 0,
"subscribers_count": 22
},
@ -3154,10 +3154,10 @@
"description": "CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7",
"fork": false,
"created_at": "2020-03-15T19:33:53Z",
"updated_at": "2023-07-19T15:46:22Z",
"updated_at": "2023-07-21T10:41:56Z",
"pushed_at": "2022-03-28T04:10:20Z",
"stargazers_count": 104,
"watchers_count": 104,
"stargazers_count": 105,
"watchers_count": 105,
"has_discussions": false,
"forks_count": 18,
"allow_forking": true,
@ -3166,7 +3166,7 @@
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 104,
"watchers": 105,
"score": 0,
"subscribers_count": 3
},

32
2019/CVE-2019-10915.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 198133475,
"name": "CVE-2019-10915",
"full_name": "jiansiting\/CVE-2019-10915",
"owner": {
"login": "jiansiting",
"id": 28823754,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4",
"html_url": "https:\/\/github.com\/jiansiting"
},
"html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-10915",
"description": "Siemens TIA administrator Tool RCE",
"fork": false,
"created_at": "2019-07-22T02:38:54Z",
"updated_at": "2022-03-17T11:43:58Z",
"pushed_at": "2019-07-22T11:48:39Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}
]

30
2019/CVE-2019-11581.json
View file

@ -1,4 +1,34 @@
[
{
"id": 197105656,
"name": "CVE-2019-11581",
"full_name": "jas502n\/CVE-2019-11581",
"owner": {
"login": "jas502n",
"id": 16593068,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4",
"html_url": "https:\/\/github.com\/jas502n"
},
"html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11581",
"description": "Atlassian JIRA Template injection vulnerability RCE",
"fork": false,
"created_at": "2019-07-16T02:27:00Z",
"updated_at": "2023-07-15T07:32:37Z",
"pushed_at": "2019-07-22T06:47:52Z",
"stargazers_count": 92,
"watchers_count": 92,
"has_discussions": false,
"forks_count": 30,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 30,
"watchers": 92,
"score": 0,
"subscribers_count": 3
},
{
"id": 198763431,
"name": "CVE-2019-11581",

8
2020/CVE-2020-0069.json
View file

@ -13,10 +13,10 @@
"description": "Root your MediaTek device with CVE-2020-0069",
"fork": false,
"created_at": "2019-09-06T12:12:48Z",
"updated_at": "2023-06-28T13:53:16Z",
"updated_at": "2023-07-21T08:59:42Z",
"pushed_at": "2023-02-06T19:18:56Z",
"stargazers_count": 116,
"watchers_count": 116,
"stargazers_count": 118,
"watchers_count": 118,
"has_discussions": false,
"forks_count": 22,
"allow_forking": true,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 22,
"watchers": 116,
"watchers": 118,
"score": 0,
"subscribers_count": 9
},

16
2020/CVE-2020-1472.json
View file

@ -43,10 +43,10 @@
"description": "Test tool for CVE-2020-1472",
"fork": false,
"created_at": "2020-09-08T08:58:37Z",
"updated_at": "2023-07-21T06:07:49Z",
"updated_at": "2023-07-21T13:22:22Z",
"pushed_at": "2023-07-20T10:51:42Z",
"stargazers_count": 1612,
"watchers_count": 1612,
"stargazers_count": 1613,
"watchers_count": 1613,
"has_discussions": false,
"forks_count": 358,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 358,
"watchers": 1612,
"watchers": 1613,
"score": 0,
"subscribers_count": 90
},
@ -170,10 +170,10 @@
"description": "Exploit for zerologon cve-2020-1472",
"fork": false,
"created_at": "2020-09-14T19:19:07Z",
"updated_at": "2023-07-21T06:04:56Z",
"updated_at": "2023-07-21T10:40:00Z",
"pushed_at": "2020-10-15T18:31:15Z",
"stargazers_count": 544,
"watchers_count": 544,
"stargazers_count": 545,
"watchers_count": 545,
"has_discussions": false,
"forks_count": 142,
"allow_forking": true,
@ -182,7 +182,7 @@
"topics": [],
"visibility": "public",
"forks": 142,
"watchers": 544,
"watchers": 545,
"score": 0,
"subscribers_count": 13
},

8
2020/CVE-2020-14883.json
View file

@ -133,10 +133,10 @@
"description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE",
"fork": false,
"created_at": "2021-03-11T22:49:17Z",
"updated_at": "2023-07-19T14:45:41Z",
"updated_at": "2023-07-21T06:46:24Z",
"pushed_at": "2023-05-11T14:36:58Z",
"stargazers_count": 1054,
"watchers_count": 1054,
"stargazers_count": 1055,
"watchers_count": 1055,
"has_discussions": false,
"forks_count": 327,
"allow_forking": true,
@ -149,7 +149,7 @@
],
"visibility": "public",
"forks": 327,
"watchers": 1054,
"watchers": 1055,
"score": 0,
"subscribers_count": 37
}

8
2021/CVE-2021-1675.json
View file

@ -301,10 +301,10 @@
"description": "Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)",
"fork": false,
"created_at": "2021-07-01T23:45:58Z",
"updated_at": "2023-07-20T02:59:46Z",
"updated_at": "2023-07-21T07:44:00Z",
"pushed_at": "2021-07-05T08:54:06Z",
"stargazers_count": 924,
"watchers_count": 924,
"stargazers_count": 925,
"watchers_count": 925,
"has_discussions": false,
"forks_count": 228,
"allow_forking": true,
@ -313,7 +313,7 @@
"topics": [],
"visibility": "public",
"forks": 228,
"watchers": 924,
"watchers": 925,
"score": 0,
"subscribers_count": 25
},

8
2021/CVE-2021-25646.json
View file

@ -133,10 +133,10 @@
"description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE",
"fork": false,
"created_at": "2021-03-11T22:49:17Z",
"updated_at": "2023-07-19T14:45:41Z",
"updated_at": "2023-07-21T06:46:24Z",
"pushed_at": "2023-05-11T14:36:58Z",
"stargazers_count": 1054,
"watchers_count": 1054,
"stargazers_count": 1055,
"watchers_count": 1055,
"has_discussions": false,
"forks_count": 327,
"allow_forking": true,
@ -149,7 +149,7 @@
],
"visibility": "public",
"forks": 327,
"watchers": 1054,
"watchers": 1055,
"score": 0,
"subscribers_count": 37
},

8
2021/CVE-2021-31805.json
View file

@ -13,10 +13,10 @@
"description": "远程代码执行S2-062 CVE-2021-31805验证POC",
"fork": false,
"created_at": "2022-04-15T01:50:14Z",
"updated_at": "2023-06-02T15:24:53Z",
"updated_at": "2023-07-21T10:35:09Z",
"pushed_at": "2022-04-17T08:19:59Z",
"stargazers_count": 129,
"watchers_count": 129,
"stargazers_count": 128,
"watchers_count": 128,
"has_discussions": false,
"forks_count": 57,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 57,
"watchers": 129,
"watchers": 128,
"score": 0,
"subscribers_count": 4
},

8
2021/CVE-2021-3560.json
View file

@ -202,10 +202,10 @@
"description": "Privilege escalation with polkit - CVE-2021-3560",
"fork": false,
"created_at": "2021-06-19T08:15:17Z",
"updated_at": "2023-07-20T11:44:36Z",
"updated_at": "2023-07-21T08:49:35Z",
"pushed_at": "2021-06-20T07:38:13Z",
"stargazers_count": 110,
"watchers_count": 110,
"stargazers_count": 111,
"watchers_count": 111,
"has_discussions": false,
"forks_count": 58,
"allow_forking": true,
@ -214,7 +214,7 @@
"topics": [],
"visibility": "public",
"forks": 58,
"watchers": 110,
"watchers": 111,
"score": 0,
"subscribers_count": 3
},

8
2021/CVE-2021-4034.json
View file

@ -1982,10 +1982,10 @@
"description": "Proof of concept for pwnkit vulnerability",
"fork": false,
"created_at": "2022-01-27T14:43:57Z",
"updated_at": "2023-06-02T15:24:48Z",
"updated_at": "2023-07-21T08:33:28Z",
"pushed_at": "2023-01-12T19:23:29Z",
"stargazers_count": 331,
"watchers_count": 331,
"stargazers_count": 330,
"watchers_count": 330,
"has_discussions": false,
"forks_count": 41,
"allow_forking": true,
@ -1994,7 +1994,7 @@
"topics": [],
"visibility": "public",
"forks": 41,
"watchers": 331,
"watchers": 330,
"score": 0,
"subscribers_count": 6
},

16
2021/CVE-2021-44228.json
View file

@ -103,10 +103,10 @@
"description": "Remote Code Injection In Log4j",
"fork": false,
"created_at": "2021-12-10T05:23:44Z",
"updated_at": "2023-07-07T19:11:15Z",
"updated_at": "2023-07-21T11:39:16Z",
"pushed_at": "2022-01-18T12:01:52Z",
"stargazers_count": 440,
"watchers_count": 440,
"stargazers_count": 441,
"watchers_count": 441,
"has_discussions": false,
"forks_count": 127,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 127,
"watchers": 440,
"watchers": 441,
"score": 0,
"subscribers_count": 7
},
@ -3703,10 +3703,10 @@
"description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ",
"fork": false,
"created_at": "2021-12-13T03:57:50Z",
"updated_at": "2023-07-19T08:48:59Z",
"updated_at": "2023-07-21T10:49:07Z",
"pushed_at": "2022-11-23T18:23:24Z",
"stargazers_count": 3274,
"watchers_count": 3274,
"stargazers_count": 3273,
"watchers_count": 3273,
"has_discussions": true,
"forks_count": 745,
"allow_forking": true,
@ -3715,7 +3715,7 @@
"topics": [],
"visibility": "public",
"forks": 745,
"watchers": 3274,
"watchers": 3273,
"score": 0,
"subscribers_count": 60
},

8
2022/CVE-2022-0540.json
View file

@ -13,10 +13,10 @@
"description": "Atlassian Jira Seraph Authentication Bypass RCECVE-2022-0540",
"fork": false,
"created_at": "2022-05-25T10:47:04Z",
"updated_at": "2023-07-15T23:31:45Z",
"updated_at": "2023-07-21T08:20:33Z",
"pushed_at": "2022-05-25T13:43:16Z",
"stargazers_count": 64,
"watchers_count": 64,
"stargazers_count": 65,
"watchers_count": 65,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 16,
"watchers": 64,
"watchers": 65,
"score": 0,
"subscribers_count": 1
}

8
2022/CVE-2022-0847.json
View file

@ -133,10 +133,10 @@
"description": "A root exploit for CVE-2022-0847 (Dirty Pipe)",
"fork": false,
"created_at": "2022-03-07T18:55:20Z",
"updated_at": "2023-07-19T13:09:57Z",
"updated_at": "2023-07-21T08:33:50Z",
"pushed_at": "2022-03-08T06:20:05Z",
"stargazers_count": 1044,
"watchers_count": 1044,
"stargazers_count": 1043,
"watchers_count": 1043,
"has_discussions": false,
"forks_count": 220,
"allow_forking": true,
@ -145,7 +145,7 @@
"topics": [],
"visibility": "public",
"forks": 220,
"watchers": 1044,
"watchers": 1043,
"score": 0,
"subscribers_count": 17
},

8
2022/CVE-2022-28368.json
View file

@ -13,10 +13,10 @@
"description": "Dompdf RCE PoC Exploit - CVE-2022-28368",
"fork": false,
"created_at": "2023-02-13T08:10:00Z",
"updated_at": "2023-07-17T12:36:06Z",
"updated_at": "2023-07-21T10:16:06Z",
"pushed_at": "2023-06-03T10:00:01Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 11,
"watchers": 10,
"score": 0,
"subscribers_count": 1
},

30
2022/CVE-2022-40127.json
View file

@ -33,5 +33,35 @@
"watchers": 38,
"score": 0,
"subscribers_count": 3
},
{
"id": 669143228,
"name": "CVE-2022-40127",
"full_name": "jakabakos\/CVE-2022-40127",
"owner": {
"login": "jakabakos",
"id": 42498816,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4",
"html_url": "https:\/\/github.com\/jakabakos"
},
"html_url": "https:\/\/github.com\/jakabakos\/CVE-2022-40127",
"description": "CVE-2022-40127 PoC and exploit",
"fork": false,
"created_at": "2023-07-21T12:55:16Z",
"updated_at": "2023-07-21T12:55:16Z",
"pushed_at": "2023-07-21T12:55:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2022/CVE-2022-42046.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM",
"fork": false,
"created_at": "2022-08-17T16:45:13Z",
"updated_at": "2023-06-28T23:25:14Z",
"updated_at": "2023-07-21T10:23:42Z",
"pushed_at": "2022-12-24T10:29:08Z",
"stargazers_count": 156,
"watchers_count": 156,
"stargazers_count": 157,
"watchers_count": 157,
"has_discussions": true,
"forks_count": 22,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 22,
"watchers": 156,
"watchers": 157,
"score": 0,
"subscribers_count": 5
}

8
2022/CVE-2022-44875.json
View file

@ -13,10 +13,10 @@
"description": "Testing CVE-2022-44875",
"fork": false,
"created_at": "2023-07-20T14:30:58Z",
"updated_at": "2023-07-20T14:30:59Z",
"updated_at": "2023-07-21T13:22:12Z",
"pushed_at": "2023-07-20T14:37:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

8
2022/CVE-2022-46689.json
View file

@ -73,10 +73,10 @@
"description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.",
"fork": false,
"created_at": "2022-12-26T06:56:35Z",
"updated_at": "2023-07-15T05:16:56Z",
"updated_at": "2023-07-21T11:08:56Z",
"pushed_at": "2023-02-21T04:16:19Z",
"stargazers_count": 814,
"watchers_count": 814,
"stargazers_count": 815,
"watchers_count": 815,
"has_discussions": false,
"forks_count": 55,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 55,
"watchers": 814,
"watchers": 815,
"score": 0,
"subscribers_count": 25
},

16
2023/CVE-2023-0386.json
View file

@ -73,10 +73,10 @@
"description": "CVE-2023-0386在ubuntu22.04上的提权",
"fork": false,
"created_at": "2023-05-05T03:02:13Z",
"updated_at": "2023-07-21T01:57:11Z",
"updated_at": "2023-07-21T09:40:56Z",
"pushed_at": "2023-06-13T08:58:53Z",
"stargazers_count": 346,
"watchers_count": 346,
"stargazers_count": 348,
"watchers_count": 348,
"has_discussions": false,
"forks_count": 60,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 60,
"watchers": 346,
"watchers": 348,
"score": 0,
"subscribers_count": 4
},
@ -193,10 +193,10 @@
"description": "Vulnerabilities Exploitation On Ubuntu 22.04",
"fork": false,
"created_at": "2023-05-16T10:26:10Z",
"updated_at": "2023-07-13T14:35:33Z",
"updated_at": "2023-07-21T09:15:40Z",
"pushed_at": "2023-05-16T10:49:19Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -207,7 +207,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
},

32
2023/CVE-2023-20126.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 641832121,
"name": "RancidCrisco",
"full_name": "fullspectrumdev\/RancidCrisco",
"owner": {
"login": "fullspectrumdev",
"id": 132891614,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132891614?v=4",
"html_url": "https:\/\/github.com\/fullspectrumdev"
},
"html_url": "https:\/\/github.com\/fullspectrumdev\/RancidCrisco",
"description": "PoC for CVE-2023-20126",
"fork": false,
"created_at": "2023-05-17T08:59:40Z",
"updated_at": "2023-07-21T13:24:20Z",
"pushed_at": "2023-06-20T12:45:45Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-23397.json
View file

@ -173,10 +173,10 @@
"description": null,
"fork": false,
"created_at": "2023-03-16T19:43:39Z",
"updated_at": "2023-07-17T23:46:40Z",
"updated_at": "2023-07-21T13:31:37Z",
"pushed_at": "2023-03-17T07:47:40Z",
"stargazers_count": 334,
"watchers_count": 334,
"stargazers_count": 333,
"watchers_count": 333,
"has_discussions": false,
"forks_count": 62,
"allow_forking": true,
@ -185,7 +185,7 @@
"topics": [],
"visibility": "public",
"forks": 62,
"watchers": 334,
"watchers": 333,
"score": 0,
"subscribers_count": 6
},

4
2023/CVE-2023-23752.json
View file

@ -381,7 +381,7 @@
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 6,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -391,7 +391,7 @@
"joomla"
],
"visibility": "public",
"forks": 6,
"forks": 7,
"watchers": 7,
"score": 0,
"subscribers_count": 1

8
2023/CVE-2023-28121.json
View file

@ -13,10 +13,10 @@
"description": "WooCommerce Payments: Unauthorized Admin Access Exploit",
"fork": false,
"created_at": "2023-03-30T23:50:39Z",
"updated_at": "2023-07-20T13:58:02Z",
"updated_at": "2023-07-21T10:07:06Z",
"pushed_at": "2023-05-31T13:21:43Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-28252.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-06-27T12:22:05Z",
"updated_at": "2023-07-21T01:34:50Z",
"updated_at": "2023-07-21T09:30:57Z",
"pushed_at": "2023-07-10T16:57:44Z",
"stargazers_count": 104,
"watchers_count": 104,
"stargazers_count": 105,
"watchers_count": 105,
"has_discussions": false,
"forks_count": 28,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 28,
"watchers": 104,
"watchers": 105,
"score": 0,
"subscribers_count": 2
},

8
2023/CVE-2023-28771.json
View file

@ -13,10 +13,10 @@
"description": "PoC for CVE-2023-28771 based on Rapid7's excellent writeup",
"fork": false,
"created_at": "2023-05-23T02:37:39Z",
"updated_at": "2023-07-16T16:00:37Z",
"updated_at": "2023-07-21T09:19:27Z",
"pushed_at": "2023-05-23T02:49:05Z",
"stargazers_count": 21,
"watchers_count": 21,
"stargazers_count": 22,
"watchers_count": 22,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -27,7 +27,7 @@
],
"visibility": "public",
"forks": 3,
"watchers": 21,
"watchers": 22,
"score": 0,
"subscribers_count": 1
},

10
2023/CVE-2023-30367.json
View file

@ -13,10 +13,10 @@
"description": "Original PoC for CVE-2023-30367",
"fork": false,
"created_at": "2023-07-08T18:16:39Z",
"updated_at": "2023-07-21T06:43:55Z",
"pushed_at": "2023-07-11T19:41:34Z",
"stargazers_count": 0,
"watchers_count": 0,
"updated_at": "2023-07-21T09:06:43Z",
"pushed_at": "2023-07-21T08:56:31Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

16
2023/CVE-2023-32233.json
View file

@ -43,10 +43,10 @@
"description": "CVE-2023-32233: Linux内核中的安全漏洞",
"fork": false,
"created_at": "2023-05-16T03:06:40Z",
"updated_at": "2023-07-21T05:43:43Z",
"updated_at": "2023-07-21T10:20:22Z",
"pushed_at": "2023-05-16T04:34:16Z",
"stargazers_count": 262,
"watchers_count": 262,
"stargazers_count": 264,
"watchers_count": 264,
"has_discussions": false,
"forks_count": 63,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 63,
"watchers": 262,
"watchers": 264,
"score": 0,
"subscribers_count": 3
},
@ -73,10 +73,10 @@
"description": "Use-After-Free in Netfilter nf_tables when processing batch requests CVE-2023-32233",
"fork": false,
"created_at": "2023-05-16T05:58:03Z",
"updated_at": "2023-07-19T15:59:21Z",
"updated_at": "2023-07-21T07:03:05Z",
"pushed_at": "2023-06-20T06:58:04Z",
"stargazers_count": 32,
"watchers_count": 32,
"stargazers_count": 33,
"watchers_count": 33,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 32,
"watchers": 33,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-3269.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-3269: Linux kernel privilege escalation vulnerability",
"fork": false,
"created_at": "2023-06-28T13:22:26Z",
"updated_at": "2023-07-20T22:56:43Z",
"updated_at": "2023-07-21T07:08:09Z",
"pushed_at": "2023-07-08T09:27:10Z",
"stargazers_count": 294,
"watchers_count": 294,
"stargazers_count": 295,
"watchers_count": 295,
"has_discussions": false,
"forks_count": 26,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 26,
"watchers": 294,
"watchers": 295,
"score": 0,
"subscribers_count": 19
}

2
2023/CVE-2023-34600.json
View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2023-06-16T08:30:10Z",
"updated_at": "2023-06-16T08:30:10Z",
"pushed_at": "2023-06-28T06:35:50Z",
"pushed_at": "2023-07-21T08:35:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

93
2023/CVE-2023-3519.json
View file

@ -13,12 +13,12 @@
"description": "Citrix Scanner for CVE-2023-3519",
"fork": false,
"created_at": "2023-07-20T13:16:38Z",
"updated_at": "2023-07-21T06:40:35Z",
"pushed_at": "2023-07-20T19:34:08Z",
"stargazers_count": 15,
"watchers_count": 15,
"updated_at": "2023-07-21T13:40:46Z",
"pushed_at": "2023-07-21T09:43:23Z",
"stargazers_count": 22,
"watchers_count": 22,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -28,8 +28,8 @@
"patch"
],
"visibility": "public",
"forks": 2,
"watchers": 15,
"forks": 3,
"watchers": 22,
"score": 0,
"subscribers_count": 4
},
@ -44,13 +44,48 @@
"html_url": "https:\/\/github.com\/securekomodo"
},
"html_url": "https:\/\/github.com\/securekomodo\/citrixInspector",
"description": "Accurately fingerprint and detect vulnerable versions of Netscaler \/ Citrix ADC to CVE-2023-3519",
"description": "Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler \/ Citrix ADC to CVE-2023-3519",
"fork": false,
"created_at": "2023-07-20T16:05:07Z",
"updated_at": "2023-07-21T06:24:04Z",
"pushed_at": "2023-07-20T16:25:39Z",
"stargazers_count": 2,
"watchers_count": 2,
"updated_at": "2023-07-21T12:47:55Z",
"pushed_at": "2023-07-21T12:42:38Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"citrix",
"citrix-netscaler",
"cve-2023-3519",
"vulnerability-scanners"
],
"visibility": "public",
"forks": 1,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 669063469,
"name": "CVE-2023-3519",
"full_name": "mr-r3b00t\/CVE-2023-3519",
"owner": {
"login": "mr-r3b00t",
"id": 14963690,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4",
"html_url": "https:\/\/github.com\/mr-r3b00t"
},
"html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2023-3519",
"description": null,
"fork": false,
"created_at": "2023-07-21T08:55:28Z",
"updated_at": "2023-07-21T13:38:56Z",
"pushed_at": "2023-07-21T09:02:23Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -59,8 +94,38 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"watchers": 4,
"score": 0,
"subscribers_count": 1
"subscribers_count": 0
},
{
"id": 669106772,
"name": "CVE-2023-3519",
"full_name": "d0rb\/CVE-2023-3519",
"owner": {
"login": "d0rb",
"id": 10403781,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4",
"html_url": "https:\/\/github.com\/d0rb"
},
"html_url": "https:\/\/github.com\/d0rb\/CVE-2023-3519",
"description": "CVE-2023-3519",
"fork": false,
"created_at": "2023-07-21T11:02:21Z",
"updated_at": "2023-07-21T11:03:29Z",
"pushed_at": "2023-07-21T13:17:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-38408.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-38408 Remote Code Execution in OpenSSH's forwarded ssh-agent",
"fork": false,
"created_at": "2023-07-21T01:53:10Z",
"updated_at": "2023-07-21T05:50:24Z",
"updated_at": "2023-07-21T12:46:21Z",
"pushed_at": "2023-07-21T01:56:59Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 3,
"watchers": 6,
"score": 0,
"subscribers_count": 0
}

20
README.md
View file

@ -394,6 +394,8 @@
- [telekom-security/cve-2023-3519-citrix-scanner](https://github.com/telekom-security/cve-2023-3519-citrix-scanner)
- [securekomodo/citrixInspector](https://github.com/securekomodo/citrixInspector)
- [mr-r3b00t/CVE-2023-3519](https://github.com/mr-r3b00t/CVE-2023-3519)
- [d0rb/CVE-2023-3519](https://github.com/d0rb/CVE-2023-3519)
### CVE-2023-3640
- [pray77/CVE-2023-3640](https://github.com/pray77/CVE-2023-3640)
@ -415,6 +417,13 @@
- [redfr0g/CVE-2023-20110](https://github.com/redfr0g/CVE-2023-20110)
### CVE-2023-20126 (2023-05-04)
<code>A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges. Cisco has not released firmware updates to address this vulnerability.
</code>
- [fullspectrumdev/RancidCrisco](https://github.com/fullspectrumdev/RancidCrisco)
### CVE-2023-20178 (2023-06-28)
<code>A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.\r\n\r This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.
@ -927,7 +936,7 @@
### CVE-2023-25194 (2023-02-07)
<code>A possible security vulnerability has been identified in Apache Kafka Connect.\nThis requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config\nand a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka 2.3.0.\nWhen configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`\nproperty for any of the connector's Kafka clients to &quot;com.sun.security.auth.module.JndiLoginModule&quot;, which can be done via the\n`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.\nThis will allow the server to connect to the attacker's LDAP server\nand deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.\nAttacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.\n\nSince Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box\nconfigurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector\nclient override policy that permits them.\n\nSince Apache Kafka 3.4.0, we have added a system property (&quot;-Dorg.apache.kafka.disallowed.login.modules&quot;) to disable the problematic login modules usage\nin SASL JAAS configuration. Also by default &quot;com.sun.security.auth.module.JndiLoginModule&quot; is disabled in Apache Kafka 3.4.0. \n\nWe advise the Kafka Connect users to validate connector configurations and only allow trusted JNDI configurations. Also examine connector dependencies for \nvulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,\nin addition to leveraging the &quot;org.apache.kafka.disallowed.login.modules&quot; system property, Kafka Connect users can also implement their own connector\nclient config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.\n
<code>A possible security vulnerability has been identified in Apache Kafka Connect API.\nThis requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config\nand a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka Connect 2.3.0.\nWhen configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`\nproperty for any of the connector's Kafka clients to &quot;com.sun.security.auth.module.JndiLoginModule&quot;, which can be done via the\n`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.\nThis will allow the server to connect to the attacker's LDAP server\nand deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.\nAttacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.\n\nSince Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box\nconfigurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector\nclient override policy that permits them.\n\nSince Apache Kafka 3.4.0, we have added a system property (&quot;-Dorg.apache.kafka.disallowed.login.modules&quot;) to disable the problematic login modules usage\nin SASL JAAS configuration. Also by default &quot;com.sun.security.auth.module.JndiLoginModule&quot; is disabled in Apache Kafka Connect 3.4.0. \n\nWe advise the Kafka Connect users to validate connector configurations and only allow trusted JNDI configurations. Also examine connector dependencies for \nvulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,\nin addition to leveraging the &quot;org.apache.kafka.disallowed.login.modules&quot; system property, Kafka Connect users can also implement their own connector\nclient config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.\n
</code>
- [ohnonoyesyes/CVE-2023-25194](https://github.com/ohnonoyesyes/CVE-2023-25194)
@ -7100,6 +7109,7 @@
</code>
- [Mr-xn/CVE-2022-40127](https://github.com/Mr-xn/CVE-2022-40127)
- [jakabakos/CVE-2022-40127](https://github.com/jakabakos/CVE-2022-40127)
### CVE-2022-40140 (2022-09-19)
@ -21486,6 +21496,13 @@
- [KTN1990/CVE-2019-10869](https://github.com/KTN1990/CVE-2019-10869)
### CVE-2019-10915 (2019-07-11)
<code>A vulnerability has been identified in TIA Administrator (All versions &lt; V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
</code>
- [jiansiting/CVE-2019-10915](https://github.com/jiansiting/CVE-2019-10915)
### CVE-2019-10945 (2019-04-10)
<code>An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.
@ -21640,6 +21657,7 @@
<code>There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability.
</code>
- [jas502n/CVE-2019-11581](https://github.com/jas502n/CVE-2019-11581)
- [kobs0N/CVE-2019-11581](https://github.com/kobs0N/CVE-2019-11581)
- [PetrusViet/CVE-2019-11581](https://github.com/PetrusViet/CVE-2019-11581)