mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-16 04:42:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/11/22 18:09:20

Browse source
This commit is contained in:
motikan2010-bot 2020-11-22 18:09:20 +09:00
parent 15781ef664
commit c5e843b6c4
29 changed files with 448 additions and 70 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
2010/CVE-2010-0426.json
View file

@ -1,4 +1,27 @@
[
{
"id": 114424141,
"name": "privesc-CVE-2010-0426",
"full_name": "t0kx\/privesc-CVE-2010-0426",
"owner": {
"login": "t0kx",
"id": 24924517,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/24924517?v=4",
"html_url": "https:\/\/github.com\/t0kx"
},
"html_url": "https:\/\/github.com\/t0kx\/privesc-CVE-2010-0426",
"description": "Sudo 1.6.x <= 1.6.9p21 and 1.7.x <= 1.7.2p4 Local Privilege Escalation and vulnerable container",
"fork": false,
"created_at": "2017-12-16T01:16:44Z",
"updated_at": "2020-04-20T12:29:23Z",
"pushed_at": "2017-12-16T01:19:11Z",
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 7,
"forks": 7,
"watchers": 5,
"score": 0
},
{
"id": 164330369,
"name": "cve-2010-0426",

23
2010/CVE-2010-0738.json
View file

@ -1,4 +1,27 @@
[
{
"id": 29914821,
"name": "jboss-autopwn",
"full_name": "ChristianPapathanasiou\/jboss-autopwn",
"owner": {
"login": "ChristianPapathanasiou",
"id": 5354349,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5354349?v=4",
"html_url": "https:\/\/github.com\/ChristianPapathanasiou"
},
"html_url": "https:\/\/github.com\/ChristianPapathanasiou\/jboss-autopwn",
"description": "JBoss Autopwn as featured at BlackHat Europe 2010 - this version incorporates CVE-2010-0738 the JBoss authentication bypass VERB manipulation vulnerability as discovered by Minded Security",
"fork": false,
"created_at": "2015-01-27T13:16:45Z",
"updated_at": "2020-07-02T11:52:16Z",
"pushed_at": "2015-01-27T13:23:18Z",
"stargazers_count": 13,
"watchers_count": 13,
"forks_count": 7,
"forks": 7,
"watchers": 13,
"score": 0
},
{
"id": 62456741,
"name": "jboss-autopwn",

25
2010/CVE-2010-1205.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 911174,
"name": "CVE-2010-1205",
"full_name": "mk219533\/CVE-2010-1205",
"owner": {
"login": "mk219533",
"id": 91629,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/91629?v=4",
"html_url": "https:\/\/github.com\/mk219533"
},
"html_url": "https:\/\/github.com\/mk219533\/CVE-2010-1205",
"description": "sample exploit of buffer overflow in libpng ",
"fork": false,
"created_at": "2010-09-14T22:16:11Z",
"updated_at": "2020-05-07T01:35:39Z",
"pushed_at": "2010-10-03T14:06:12Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 0,
"forks": 0,
"watchers": 4,
"score": 0
}
]

25
2010/CVE-2010-2075.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 183259128,
"name": "UnrealIRCd-3.2.8.1-RCE",
"full_name": "M4LV0\/UnrealIRCd-3.2.8.1-RCE",
"owner": {
"login": "M4LV0",
"id": 40957476,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/40957476?v=4",
"html_url": "https:\/\/github.com\/M4LV0"
},
"html_url": "https:\/\/github.com\/M4LV0\/UnrealIRCd-3.2.8.1-RCE",
"description": "cve-2010-2075 ",
"fork": false,
"created_at": "2019-04-24T15:41:22Z",
"updated_at": "2020-05-01T17:43:33Z",
"pushed_at": "2019-04-24T15:44:50Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"forks": 1,
"watchers": 2,
"score": 0
}
]

25
2010/CVE-2010-3332.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 106621452,
"name": "MS10-070",
"full_name": "bongbongco\/MS10-070",
"owner": {
"login": "bongbongco",
"id": 3170006,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3170006?v=4",
"html_url": "https:\/\/github.com\/bongbongco"
},
"html_url": "https:\/\/github.com\/bongbongco\/MS10-070",
"description": "CVE-2010-3332 Oracle Padding Vulnerability in Microsoft ASP.NET",
"fork": false,
"created_at": "2017-10-11T23:50:33Z",
"updated_at": "2020-07-17T05:12:24Z",
"pushed_at": "2017-10-11T23:50:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
}
]

25
2010/CVE-2010-3437.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 222810581,
"name": "CVE-2010-3437",
"full_name": "huang-emily\/CVE-2010-3437",
"owner": {
"login": "huang-emily",
"id": 25013982,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25013982?v=4",
"html_url": "https:\/\/github.com\/huang-emily"
},
"html_url": "https:\/\/github.com\/huang-emily\/CVE-2010-3437",
"description": null,
"fork": false,
"created_at": "2019-11-19T23:35:57Z",
"updated_at": "2019-11-19T23:36:01Z",
"pushed_at": "2019-11-19T23:35:59Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2010/CVE-2010-3490.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 226908489,
"name": "CVE-2010-3490",
"full_name": "moayadalmalat\/CVE-2010-3490",
"owner": {
"login": "moayadalmalat",
"id": 42471675,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42471675?v=4",
"html_url": "https:\/\/github.com\/moayadalmalat"
},
"html_url": "https:\/\/github.com\/moayadalmalat\/CVE-2010-3490",
"description": "FreePBX exploit <= 2.8.0",
"fork": false,
"created_at": "2019-12-09T15:49:21Z",
"updated_at": "2019-12-09T15:57:52Z",
"pushed_at": "2019-12-09T15:57:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2010/CVE-2010-3971.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 11953883,
"name": "CVE-2010-3971-hotpatch",
"full_name": "nektra\/CVE-2010-3971-hotpatch",
"owner": {
"login": "nektra",
"id": 2100960,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2100960?v=4",
"html_url": "https:\/\/github.com\/nektra"
},
"html_url": "https:\/\/github.com\/nektra\/CVE-2010-3971-hotpatch",
"description": "Do you own security hotfix with Deviare hooking",
"fork": false,
"created_at": "2013-08-07T15:49:14Z",
"updated_at": "2020-11-05T08:59:09Z",
"pushed_at": "2013-08-07T18:01:38Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 2,
"forks": 2,
"watchers": 2,
"score": 0
}
]

25
2010/CVE-2010-4221.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 108682441,
"name": "cve-2010-4221",
"full_name": "M31MOTH\/cve-2010-4221",
"owner": {
"login": "M31MOTH",
"id": 10201432,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10201432?v=4",
"html_url": "https:\/\/github.com\/M31MOTH"
},
"html_url": "https:\/\/github.com\/M31MOTH\/cve-2010-4221",
"description": "This exploit was written to study some concepts, enjoy!",
"fork": false,
"created_at": "2017-10-28T20:37:26Z",
"updated_at": "2020-03-26T15:45:57Z",
"pushed_at": "2017-10-22T19:46:37Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 11,
"forks": 11,
"watchers": 1,
"score": 0
}
]

25
2010/CVE-2010-4258.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 30897048,
"name": "CVE-2010-4258",
"full_name": "johnreginald\/CVE-2010-4258",
"owner": {
"login": "johnreginald",
"id": 8102802,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8102802?v=4",
"html_url": "https:\/\/github.com\/johnreginald"
},
"html_url": "https:\/\/github.com\/johnreginald\/CVE-2010-4258",
"description": "Exploit based on a faulty clone(2) implementation in Linux < 2.6.36.2 that allows overwrite of arbitrary kernel word with NULL. Research and personal-security use only. Not malicious.",
"fork": false,
"created_at": "2015-02-17T01:12:55Z",
"updated_at": "2016-09-04T16:50:03Z",
"pushed_at": "2012-07-12T18:58:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2010/CVE-2010-4804.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 16589706,
"name": "android-cve-2010-4804",
"full_name": "thomascannon\/android-cve-2010-4804",
"owner": {
"login": "thomascannon",
"id": 1297160,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1297160?v=4",
"html_url": "https:\/\/github.com\/thomascannon"
},
"html_url": "https:\/\/github.com\/thomascannon\/android-cve-2010-4804",
"description": "Android Data Stealing Vulnerability",
"fork": false,
"created_at": "2014-02-06T18:53:31Z",
"updated_at": "2020-09-26T10:56:29Z",
"pushed_at": "2014-02-06T19:06:01Z",
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 5,
"forks": 5,
"watchers": 6,
"score": 0
}
]

8
2014/CVE-2014-4210.json
View file

@ -36,13 +36,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-11-21T21:32:33Z",
"updated_at": "2020-11-22T06:36:18Z",
"pushed_at": "2020-09-02T16:21:12Z",
"stargazers_count": 776,
"watchers_count": 776,
"stargazers_count": 777,
"watchers_count": 777,
"forks_count": 187,
"forks": 187,
"watchers": 776,
"watchers": 777,
"score": 0
},
{

8
2015/CVE-2015-6639.json
View file

@ -36,13 +36,13 @@
"description": "Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431",
"fork": false,
"created_at": "2016-06-30T11:56:44Z",
"updated_at": "2020-10-27T18:50:10Z",
"updated_at": "2020-11-22T05:29:02Z",
"pushed_at": "2016-06-30T15:32:42Z",
"stargazers_count": 282,
"watchers_count": 282,
"stargazers_count": 281,
"watchers_count": 281,
"forks_count": 88,
"forks": 88,
"watchers": 282,
"watchers": 281,
"score": 0
}
]

8
2016/CVE-2016-0638.json
View file

@ -13,13 +13,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-11-21T21:32:33Z",
"updated_at": "2020-11-22T06:36:18Z",
"pushed_at": "2020-09-02T16:21:12Z",
"stargazers_count": 776,
"watchers_count": 776,
"stargazers_count": 777,
"watchers_count": 777,
"forks_count": 187,
"forks": 187,
"watchers": 776,
"watchers": 777,
"score": 0
},
{

8
2016/CVE-2016-2431.json
View file

@ -36,13 +36,13 @@
"description": "Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431",
"fork": false,
"created_at": "2016-06-30T11:56:44Z",
"updated_at": "2020-10-27T18:50:10Z",
"updated_at": "2020-11-22T05:29:02Z",
"pushed_at": "2016-06-30T15:32:42Z",
"stargazers_count": 282,
"watchers_count": 282,
"stargazers_count": 281,
"watchers_count": 281,
"forks_count": 88,
"forks": 88,
"watchers": 282,
"watchers": 281,
"score": 0
}
]

8
2017/CVE-2017-3248.json
View file

@ -36,13 +36,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-11-21T21:32:33Z",
"updated_at": "2020-11-22T06:36:18Z",
"pushed_at": "2020-09-02T16:21:12Z",
"stargazers_count": 776,
"watchers_count": 776,
"stargazers_count": 777,
"watchers_count": 777,
"forks_count": 187,
"forks": 187,
"watchers": 776,
"watchers": 777,
"score": 0
}
]

8
2018/CVE-2018-2628.json
View file

@ -450,13 +450,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-11-21T21:32:33Z",
"updated_at": "2020-11-22T06:36:18Z",
"pushed_at": "2020-09-02T16:21:12Z",
"stargazers_count": 776,
"watchers_count": 776,
"stargazers_count": 777,
"watchers_count": 777,
"forks_count": 187,
"forks": 187,
"watchers": 776,
"watchers": 777,
"score": 0
},
{

12
2019/CVE-2019-17558.json
View file

@ -36,13 +36,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-11-22T00:45:15Z",
"updated_at": "2020-11-22T07:39:01Z",
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2075,
"watchers_count": 2075,
"forks_count": 566,
"forks": 566,
"watchers": 2075,
"stargazers_count": 2076,
"watchers_count": 2076,
"forks_count": 567,
"forks": 567,
"watchers": 2076,
"score": 0
},
{

4
2019/CVE-2019-2215.json
View file

@ -63,8 +63,8 @@
"pushed_at": "2019-10-15T01:04:08Z",
"stargazers_count": 55,
"watchers_count": 55,
"forks_count": 40,
"forks": 40,
"forks_count": 41,
"forks": 41,
"watchers": 55,
"score": 0
},

8
2019/CVE-2019-2618.json
View file

@ -151,13 +151,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-11-21T21:32:33Z",
"updated_at": "2020-11-22T06:36:18Z",
"pushed_at": "2020-09-02T16:21:12Z",
"stargazers_count": 776,
"watchers_count": 776,
"stargazers_count": 777,
"watchers_count": 777,
"forks_count": 187,
"forks": 187,
"watchers": 776,
"watchers": 777,
"score": 0
}
]

8
2019/CVE-2019-7192.json
View file

@ -36,13 +36,13 @@
"description": "QNAP pre-auth root RCE Exploit (CVE-2019-7192 ~ CVE-2019-7195)",
"fork": false,
"created_at": "2020-05-24T15:44:29Z",
"updated_at": "2020-09-21T07:47:12Z",
"updated_at": "2020-11-22T03:12:11Z",
"pushed_at": "2020-05-24T16:28:46Z",
"stargazers_count": 44,
"watchers_count": 44,
"stargazers_count": 45,
"watchers_count": 45,
"forks_count": 19,
"forks": 19,
"watchers": 44,
"watchers": 45,
"score": 0
}
]

8
2020/CVE-2020-1350.json
View file

@ -13,13 +13,13 @@
"description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST",
"fork": false,
"created_at": "2020-03-11T17:51:29Z",
"updated_at": "2020-11-04T17:33:17Z",
"updated_at": "2020-11-22T04:33:14Z",
"pushed_at": "2020-11-04T17:33:15Z",
"stargazers_count": 35,
"watchers_count": 35,
"stargazers_count": 36,
"watchers_count": 36,
"forks_count": 11,
"forks": 11,
"watchers": 35,
"watchers": 36,
"score": 0
},
{

12
2020/CVE-2020-13942.json
View file

@ -59,13 +59,13 @@
"description": "CVE-2020-13942 POC + Automation Script",
"fork": false,
"created_at": "2020-11-20T23:25:44Z",
"updated_at": "2020-11-21T06:04:00Z",
"updated_at": "2020-11-22T08:58:13Z",
"pushed_at": "2020-11-21T01:23:50Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 3,
"forks": 3,
"watchers": 2,
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 4,
"forks": 4,
"watchers": 3,
"score": 0
},
{

25
2020/CVE-2020-13957.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 314516329,
"name": "xray-poc-cve-2020-13957",
"full_name": "MagicPiperSec\/xray-poc-cve-2020-13957",
"owner": {
"login": "MagicPiperSec",
"id": 69208919,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/69208919?v=4",
"html_url": "https:\/\/github.com\/MagicPiperSec"
},
"html_url": "https:\/\/github.com\/MagicPiperSec\/xray-poc-cve-2020-13957",
"description": null,
"fork": false,
"created_at": "2020-11-20T10:11:00Z",
"updated_at": "2020-11-22T09:07:18Z",
"pushed_at": "2020-11-22T09:06:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

20
2020/CVE-2020-14882.json
View file

@ -13,13 +13,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-11-22T00:45:15Z",
"updated_at": "2020-11-22T07:39:01Z",
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2075,
"watchers_count": 2075,
"forks_count": 566,
"forks": 566,
"watchers": 2075,
"stargazers_count": 2076,
"watchers_count": 2076,
"forks_count": 567,
"forks": 567,
"watchers": 2076,
"score": 0
},
{
@ -36,13 +36,13 @@
"description": "Vulmap - Web漏洞扫描和验证工具可对Web容器、Web服务器、Web中间件以及CMS等Web程序进行漏洞扫描并且具备漏洞利用功能。 相关测试人员可以使用vulmap检测目标是否存在特定漏洞并且可以使用漏洞利用功能验证漏洞是否真实存在。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883",
"fork": false,
"created_at": "2020-10-09T06:34:36Z",
"updated_at": "2020-11-21T18:11:09Z",
"updated_at": "2020-11-22T07:37:45Z",
"pushed_at": "2020-11-10T02:58:25Z",
"stargazers_count": 362,
"watchers_count": 362,
"stargazers_count": 363,
"watchers_count": 363,
"forks_count": 67,
"forks": 67,
"watchers": 362,
"watchers": 363,
"score": 0
},
{

8
2020/CVE-2020-2551.json
View file

@ -13,13 +13,13 @@
"description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2020-11-21T21:32:33Z",
"updated_at": "2020-11-22T06:36:18Z",
"pushed_at": "2020-09-02T16:21:12Z",
"stargazers_count": 776,
"watchers_count": 776,
"stargazers_count": 777,
"watchers_count": 777,
"forks_count": 187,
"forks": 187,
"watchers": 776,
"watchers": 777,
"score": 0
},
{

4
2020/CVE-2020-27955.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-11-04T19:09:14Z",
"stargazers_count": 19,
"watchers_count": 19,
"forks_count": 5,
"forks": 5,
"forks_count": 6,
"forks": 6,
"watchers": 19,
"score": 0
},

8
2020/CVE-2020-5902.json
View file

@ -197,13 +197,13 @@
"description": "exploit code for F5-Big-IP (CVE-2020-5902)",
"fork": false,
"created_at": "2020-07-06T01:12:23Z",
"updated_at": "2020-10-21T16:02:49Z",
"updated_at": "2020-11-22T08:29:01Z",
"pushed_at": "2020-07-06T01:36:32Z",
"stargazers_count": 18,
"watchers_count": 18,
"stargazers_count": 19,
"watchers_count": 19,
"forks_count": 10,
"forks": 10,
"watchers": 18,
"watchers": 19,
"score": 0
},
{

82
README.md
View file

@ -2186,6 +2186,14 @@ The payload length in a WebSocket frame was not correctly validated in Apache To
- [shifa123/CVE-2020-13942-POC-](https://github.com/shifa123/CVE-2020-13942-POC-)
- [blackmarketer/CVE-2020-13942](https://github.com/blackmarketer/CVE-2020-13942)
### CVE-2020-13957 (2020-10-13)
<code>
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions.
</code>
- [MagicPiperSec/xray-poc-cve-2020-13957](https://github.com/MagicPiperSec/xray-poc-cve-2020-13957)
### CVE-2020-13996 (2020-06-09)
<code>
@ -15478,6 +15486,7 @@ mpack 1.6 has information disclosure via eavesdropping on mails sent by other us
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory.
</code>
- [t0kx/privesc-CVE-2010-0426](https://github.com/t0kx/privesc-CVE-2010-0426)
- [cved-sources/cve-2010-0426](https://github.com/cved-sources/cve-2010-0426)
### CVE-2010-0738 (2010-04-28)
@ -15486,8 +15495,17 @@ sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is en
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
</code>
- [ChristianPapathanasiou/jboss-autopwn](https://github.com/ChristianPapathanasiou/jboss-autopwn)
- [gitcollect/jboss-autopwn](https://github.com/gitcollect/jboss-autopwn)
### CVE-2010-1205 (2010-06-30)
<code>
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
</code>
- [mk219533/CVE-2010-1205](https://github.com/mk219533/CVE-2010-1205)
### CVE-2010-1411 (2010-06-17)
<code>
@ -15496,6 +15514,22 @@ Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the F
- [MAVProxyUser/httpfuzz-robomiller](https://github.com/MAVProxyUser/httpfuzz-robomiller)
### CVE-2010-2075 (2010-06-14)
<code>
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.
</code>
- [M4LV0/UnrealIRCd-3.2.8.1-RCE](https://github.com/M4LV0/UnrealIRCd-3.2.8.1-RCE)
### CVE-2010-3332 (2010-09-22)
<code>
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka &quot;ASP.NET Padding Oracle Vulnerability.&quot;
</code>
- [bongbongco/MS10-070](https://github.com/bongbongco/MS10-070)
### CVE-2010-3333 (2010-11-09)
<code>
@ -15504,6 +15538,22 @@ Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office
- [whiteHat001/cve-2010-3333](https://github.com/whiteHat001/cve-2010-3333)
### CVE-2010-3437 (2010-10-04)
<code>
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
</code>
- [huang-emily/CVE-2010-3437](https://github.com/huang-emily/CVE-2010-3437)
### CVE-2010-3490 (2010-09-28)
<code>
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to admin/config.php, as demonstrated by creating a .php file under the web root.
</code>
- [moayadalmalat/CVE-2010-3490](https://github.com/moayadalmalat/CVE-2010-3490)
### CVE-2010-3600 (2011-01-19)
<code>
@ -15528,6 +15578,30 @@ The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Socke
- [redhatkaty/-cve-2010-3904-report](https://github.com/redhatkaty/-cve-2010-3904-report)
### CVE-2010-3971 (2010-12-22)
<code>
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka &quot;CSS Memory Corruption Vulnerability.&quot;
</code>
- [nektra/CVE-2010-3971-hotpatch](https://github.com/nektra/CVE-2010-3971-hotpatch)
### CVE-2010-4221 (2010-11-09)
<code>
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.
</code>
- [M31MOTH/cve-2010-4221](https://github.com/M31MOTH/cve-2010-4221)
### CVE-2010-4258 (2010-12-30)
<code>
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call.
</code>
- [johnreginald/CVE-2010-4258](https://github.com/johnreginald/CVE-2010-4258)
### CVE-2010-4476 (2011-02-17)
<code>
@ -15544,6 +15618,14 @@ The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microso
- [quinn-samuel-perry/CVE-2010-4669](https://github.com/quinn-samuel-perry/CVE-2010-4669)
### CVE-2010-4804 (2011-06-09)
<code>
The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/.
</code>
- [thomascannon/android-cve-2010-4804](https://github.com/thomascannon/android-cve-2010-4804)
### CVE-2010-5327 (2017-01-13)
<code>