mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/12/18 18:33:21

Browse source
This commit is contained in:
motikan2010-bot 2024-12-19 03:33:21 +09:00
parent bffeae9d1b
commit c7b2992b51
31 changed files with 248 additions and 100 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2016/CVE-2016-5195.json
View file

@ -272,10 +272,10 @@
"description": "A CVE-2016-5195 exploit example.",
"fork": false,
"created_at": "2016-10-23T00:16:33Z",
"updated_at": "2024-12-06T15:04:46Z",
"updated_at": "2024-12-18T13:41:48Z",
"pushed_at": "2017-03-21T16:46:38Z",
"stargazers_count": 316,
"watchers_count": 316,
"stargazers_count": 317,
"watchers_count": 317,
"has_discussions": false,
"forks_count": 120,
"allow_forking": true,
@ -288,7 +288,7 @@
],
"visibility": "public",
"forks": 120,
"watchers": 316,
"watchers": 317,
"score": 0,
"subscribers_count": 16
},

4
2019/CVE-2019-7406.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1

4
2020/CVE-2020-0041.json
View file

@ -50,13 +50,13 @@
"stargazers_count": 50,
"watchers_count": 50,
"has_discussions": false,
"forks_count": 22,
"forks_count": 23,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 22,
"forks": 23,
"watchers": 50,
"score": 0,
"subscribers_count": 4

16
2020/CVE-2020-1472.json
View file

@ -45,10 +45,10 @@
"description": "Test tool for CVE-2020-1472",
"fork": false,
"created_at": "2020-09-08T08:58:37Z",
"updated_at": "2024-12-11T03:27:53Z",
"updated_at": "2024-12-18T14:11:05Z",
"pushed_at": "2023-07-20T10:51:42Z",
"stargazers_count": 1741,
"watchers_count": 1741,
"stargazers_count": 1742,
"watchers_count": 1742,
"has_discussions": false,
"forks_count": 359,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 359,
"watchers": 1741,
"watchers": 1742,
"score": 0,
"subscribers_count": 86
},
@ -107,10 +107,10 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2024-12-12T21:54:29Z",
"updated_at": "2024-12-18T14:11:02Z",
"pushed_at": "2020-11-03T09:45:24Z",
"stargazers_count": 1199,
"watchers_count": 1199,
"stargazers_count": 1200,
"watchers_count": 1200,
"has_discussions": false,
"forks_count": 284,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 284,
"watchers": 1199,
"watchers": 1200,
"score": 0,
"subscribers_count": 34
},

4
2020/CVE-2020-2501.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1

8
2021/CVE-2021-33044.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 134,
"watchers_count": 134,
"has_discussions": false,
"forks_count": 32,
"forks_count": 33,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 32,
"forks": 33,
"watchers": 134,
"score": 0,
"subscribers_count": 7
@ -81,13 +81,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1

16
2021/CVE-2021-44228.json
View file

@ -381,10 +381,10 @@
"description": "Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).",
"fork": false,
"created_at": "2021-12-10T12:38:20Z",
"updated_at": "2024-12-16T02:53:18Z",
"updated_at": "2024-12-18T16:56:31Z",
"pushed_at": "2024-04-26T03:16:26Z",
"stargazers_count": 1108,
"watchers_count": 1108,
"stargazers_count": 1109,
"watchers_count": 1109,
"has_discussions": false,
"forks_count": 536,
"allow_forking": true,
@ -395,7 +395,7 @@
],
"visibility": "public",
"forks": 536,
"watchers": 1108,
"watchers": 1109,
"score": 0,
"subscribers_count": 23
},
@ -7454,10 +7454,10 @@
"description": "log4shell (CVE-2021-44228) scanning tool",
"fork": false,
"created_at": "2021-12-16T09:26:37Z",
"updated_at": "2024-08-12T20:18:57Z",
"updated_at": "2024-12-18T14:20:14Z",
"pushed_at": "2021-12-16T10:00:15Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -7486,7 +7486,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 2
},

8
2022/CVE-2022-1292.json
View file

@ -45,10 +45,10 @@
"description": "CVE-2022-1292 OpenSSL c_rehash Vulnerability - POC",
"fork": false,
"created_at": "2022-05-30T14:45:15Z",
"updated_at": "2024-10-14T01:06:06Z",
"updated_at": "2024-12-18T14:55:02Z",
"pushed_at": "2022-07-20T14:27:49Z",
"stargazers_count": 24,
"watchers_count": 24,
"stargazers_count": 25,
"watchers_count": 25,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -63,7 +63,7 @@
],
"visibility": "public",
"forks": 7,
"watchers": 24,
"watchers": 25,
"score": 0,
"subscribers_count": 1
},

8
2022/CVE-2022-20120.json
View file

@ -14,10 +14,10 @@
"description": "Experimenting with CVE-2022-20120 (Pixel Bootloader \/ ABL) using Unicorn, derived from eShard's emulator at https:\/\/github.com\/eshard\/pixel6-boot\/blob\/main\/run_abl_public.ipynb",
"fork": false,
"created_at": "2024-12-18T10:44:34Z",
"updated_at": "2024-12-18T11:27:39Z",
"updated_at": "2024-12-18T13:22:35Z",
"pushed_at": "2024-12-18T11:00:38Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}

8
2023/CVE-2023-21742.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2023-21742 Poc",
"fork": false,
"created_at": "2023-04-07T23:46:25Z",
"updated_at": "2023-09-08T01:17:10Z",
"updated_at": "2024-12-18T14:45:34Z",
"pushed_at": "2023-04-07T23:49:58Z",
"stargazers_count": 13,
"watchers_count": 13,
"stargazers_count": 14,
"watchers_count": 14,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 13,
"watchers": 14,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-27566.json
View file

@ -14,10 +14,10 @@
"description": "MOC3ingbird Exploit for Live2D (CVE-2023-27566)",
"fork": false,
"created_at": "2023-03-03T01:57:28Z",
"updated_at": "2024-12-18T00:00:45Z",
"updated_at": "2024-12-18T12:41:54Z",
"pushed_at": "2023-09-19T01:12:41Z",
"stargazers_count": 80,
"watchers_count": 80,
"stargazers_count": 81,
"watchers_count": 81,
"has_discussions": true,
"forks_count": 6,
"allow_forking": true,
@ -33,7 +33,7 @@
],
"visibility": "public",
"forks": 6,
"watchers": 80,
"watchers": 81,
"score": 0,
"subscribers_count": 2
}

33
2023/CVE-2023-28293.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 905266412,
"name": "CVE-2023-28293",
"full_name": "Cr4zyDave\/CVE-2023-28293",
"owner": {
"login": "Cr4zyDave",
"id": 138777035,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138777035?v=4",
"html_url": "https:\/\/github.com\/Cr4zyDave",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Cr4zyDave\/CVE-2023-28293",
"description": "Kernel privilege escalation exploit based on CVE-2023-28293",
"fork": false,
"created_at": "2024-12-18T13:37:49Z",
"updated_at": "2024-12-18T13:39:02Z",
"pushed_at": "2024-12-18T13:38:59Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-29357.json
View file

@ -52,10 +52,10 @@
"description": null,
"fork": false,
"created_at": "2023-09-30T23:17:04Z",
"updated_at": "2024-10-17T20:14:09Z",
"updated_at": "2024-12-18T15:14:25Z",
"pushed_at": "2023-10-10T19:00:30Z",
"stargazers_count": 51,
"watchers_count": 51,
"stargazers_count": 52,
"watchers_count": 52,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -64,7 +64,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 51,
"watchers": 52,
"score": 0,
"subscribers_count": 2
},

4
2023/CVE-2023-40028.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 2,
"score": 0,
"subscribers_count": 1

4
2023/CVE-2023-44487.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 225,
"watchers_count": 225,
"has_discussions": false,
"forks_count": 49,
"forks_count": 50,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 49,
"forks": 50,
"watchers": 225,
"score": 0,
"subscribers_count": 6

8
2024/CVE-2024-0044.json
View file

@ -297,10 +297,10 @@
"description": "PoC and writeup for bypassing the initial patch of CVE-2024-0044, Android run-as any app vulnerability allowing privilege escalation from adb to installed app",
"fork": false,
"created_at": "2024-09-27T09:02:08Z",
"updated_at": "2024-12-18T11:05:52Z",
"updated_at": "2024-12-18T14:01:26Z",
"pushed_at": "2024-09-30T12:48:08Z",
"stargazers_count": 124,
"watchers_count": 124,
"stargazers_count": 125,
"watchers_count": 125,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -309,7 +309,7 @@
"topics": [],
"visibility": "public",
"forks": 17,
"watchers": 124,
"watchers": 125,
"score": 0,
"subscribers_count": 3
},

4
2024/CVE-2024-1086.json
View file

@ -19,7 +19,7 @@
"stargazers_count": 2301,
"watchers_count": 2301,
"has_discussions": false,
"forks_count": 298,
"forks_count": 299,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -31,7 +31,7 @@
"poc"
],
"visibility": "public",
"forks": 298,
"forks": 299,
"watchers": 2301,
"score": 0,
"subscribers_count": 26

12
2024/CVE-2024-20656.json
View file

@ -14,19 +14,19 @@
"description": null,
"fork": false,
"created_at": "2024-01-12T15:08:01Z",
"updated_at": "2024-12-17T18:17:49Z",
"updated_at": "2024-12-18T18:29:42Z",
"pushed_at": "2024-01-14T07:14:33Z",
"stargazers_count": 135,
"watchers_count": 135,
"stargazers_count": 136,
"watchers_count": 136,
"has_discussions": false,
"forks_count": 29,
"forks_count": 30,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 29,
"watchers": 135,
"forks": 30,
"watchers": 136,
"score": 0,
"subscribers_count": 4
}

33
2024/CVE-2024-23298.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 905388354,
"name": "CVE-2024-23298.app",
"full_name": "p1tsi\/CVE-2024-23298.app",
"owner": {
"login": "p1tsi",
"id": 87305534,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87305534?v=4",
"html_url": "https:\/\/github.com\/p1tsi",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/p1tsi\/CVE-2024-23298.app",
"description": "PoC for CVE-2024-23298",
"fork": false,
"created_at": "2024-12-18T18:12:10Z",
"updated_at": "2024-12-18T18:15:31Z",
"pushed_at": "2024-12-18T18:15:28Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2024/CVE-2024-23653.json
View file

@ -14,8 +14,8 @@
"description": null,
"fork": false,
"created_at": "2024-12-13T18:27:39Z",
"updated_at": "2024-12-16T06:14:15Z",
"pushed_at": "2024-12-13T18:54:57Z",
"updated_at": "2024-12-18T17:32:00Z",
"pushed_at": "2024-12-18T17:31:56Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,

8
2024/CVE-2024-35250.json
View file

@ -14,10 +14,10 @@
"description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver",
"fork": false,
"created_at": "2024-10-13T19:30:20Z",
"updated_at": "2024-12-18T11:10:58Z",
"updated_at": "2024-12-18T17:50:26Z",
"pushed_at": "2024-11-29T16:56:23Z",
"stargazers_count": 236,
"watchers_count": 236,
"stargazers_count": 238,
"watchers_count": 238,
"has_discussions": false,
"forks_count": 50,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 50,
"watchers": 236,
"watchers": 238,
"score": 0,
"subscribers_count": 6
},

8
2024/CVE-2024-36401.json
View file

@ -107,10 +107,10 @@
"description": "Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit",
"fork": false,
"created_at": "2024-07-06T01:10:28Z",
"updated_at": "2024-10-08T10:14:01Z",
"updated_at": "2024-12-18T15:53:25Z",
"pushed_at": "2024-07-06T01:57:58Z",
"stargazers_count": 43,
"watchers_count": 43,
"stargazers_count": 44,
"watchers_count": 44,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -126,7 +126,7 @@
],
"visibility": "public",
"forks": 6,
"watchers": 43,
"watchers": 44,
"score": 0,
"subscribers_count": 1
},

31
2024/CVE-2024-40725.json
View file

@ -60,5 +60,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 905309278,
"name": "CVE-2024-40725",
"full_name": "soltanali0\/CVE-2024-40725",
"owner": {
"login": "soltanali0",
"id": 87374678,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4",
"html_url": "https:\/\/github.com\/soltanali0",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/soltanali0\/CVE-2024-40725",
"description": "exploit CVE-2024-40725 (Apache httpd) with ",
"fork": false,
"created_at": "2024-12-18T15:09:38Z",
"updated_at": "2024-12-18T18:06:43Z",
"pushed_at": "2024-12-18T15:12:31Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

4
2024/CVE-2024-45409.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 74,
"watchers_count": 74,
"has_discussions": false,
"forks_count": 12,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 12,
"forks": 13,
"watchers": 74,
"score": 0,
"subscribers_count": 1

33
2024/CVE-2024-48762.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 866653207,
"name": "CVE-2024-48762",
"full_name": "YZS17\/CVE-2024-48762",
"owner": {
"login": "YZS17",
"id": 153406185,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153406185?v=4",
"html_url": "https:\/\/github.com\/YZS17",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/YZS17\/CVE-2024-48762",
"description": "Command injection vulnerability in FLIR AX8 up to 1.46.16",
"fork": false,
"created_at": "2024-10-02T16:32:08Z",
"updated_at": "2024-12-18T13:37:21Z",
"pushed_at": "2024-12-18T13:37:17Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

4
2024/CVE-2024-48990.json
View file

@ -262,8 +262,8 @@
"description": null,
"fork": false,
"created_at": "2024-12-18T03:39:57Z",
"updated_at": "2024-12-18T12:25:18Z",
"pushed_at": "2024-12-18T12:25:14Z",
"updated_at": "2024-12-18T16:56:42Z",
"pushed_at": "2024-12-18T16:56:38Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

2
2024/CVE-2024-49112.json
View file

@ -45,7 +45,7 @@
"description": "CVE-2024-49112 LDAP RCE PoC and Metasploit Module",
"fork": false,
"created_at": "2024-12-18T01:06:54Z",
"updated_at": "2024-12-18T10:14:23Z",
"updated_at": "2024-12-18T13:25:59Z",
"pushed_at": "2024-12-18T01:17:11Z",
"stargazers_count": 3,
"watchers_count": 3,

20
2024/CVE-2024-53677.json
View file

@ -14,10 +14,10 @@
"description": "s2-067(CVE-2024-53677)",
"fork": false,
"created_at": "2024-12-12T08:30:14Z",
"updated_at": "2024-12-17T10:38:27Z",
"updated_at": "2024-12-18T16:26:24Z",
"pushed_at": "2024-12-17T10:37:17Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 4
},
@ -45,19 +45,19 @@
"description": "A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.",
"fork": false,
"created_at": "2024-12-13T17:42:55Z",
"updated_at": "2024-12-18T08:01:02Z",
"updated_at": "2024-12-18T18:10:57Z",
"pushed_at": "2024-12-18T03:54:48Z",
"stargazers_count": 49,
"watchers_count": 49,
"stargazers_count": 52,
"watchers_count": 52,
"has_discussions": false,
"forks_count": 20,
"forks_count": 21,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 49,
"forks": 21,
"watchers": 52,
"score": 0,
"subscribers_count": 3
},

8
2024/CVE-2024-55099.json
View file

@ -2,15 +2,15 @@
{
"id": 901509181,
"name": "CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-",
"full_name": "kuzgunaka\/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-",
"full_name": "ugurkarakoc1\/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-",
"owner": {
"login": "kuzgunaka",
"login": "ugurkarakoc1",
"id": 171127980,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171127980?v=4",
"html_url": "https:\/\/github.com\/kuzgunaka",
"html_url": "https:\/\/github.com\/ugurkarakoc1",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/kuzgunaka\/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-",
"html_url": "https:\/\/github.com\/ugurkarakoc1\/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-",
"description": null,
"fork": false,
"created_at": "2024-12-10T19:40:26Z",

8
2024/CVE-2024-6387.json
View file

@ -1355,10 +1355,10 @@
"description": "PoC - Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (Scanner and Exploit) ",
"fork": false,
"created_at": "2024-07-02T18:32:46Z",
"updated_at": "2024-12-18T11:21:29Z",
"updated_at": "2024-12-18T15:57:27Z",
"pushed_at": "2024-07-05T15:19:28Z",
"stargazers_count": 67,
"watchers_count": 67,
"stargazers_count": 69,
"watchers_count": 69,
"has_discussions": false,
"forks_count": 27,
"allow_forking": true,
@ -1376,7 +1376,7 @@
],
"visibility": "public",
"forks": 27,
"watchers": 67,
"watchers": 69,
"score": 0,
"subscribers_count": 2
},

20
README.md
View file

@ -2997,6 +2997,13 @@
- [hrtowii/CVE-2024-23208-test](https://github.com/hrtowii/CVE-2024-23208-test)
### CVE-2024-23298 (2024-03-15)
<code>A logic issue was addressed with improved state management.
</code>
- [p1tsi/CVE-2024-23298.app](https://github.com/p1tsi/CVE-2024-23298.app)
### CVE-2024-23334 (2024-01-29)
<code>aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue.
@ -6076,6 +6083,7 @@
- [TAM-K592/CVE-2024-40725-CVE-2024-40898](https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898)
- [whiterose7777/CVE-2024-40725-CVE-2024-40898](https://github.com/whiterose7777/CVE-2024-40725-CVE-2024-40898)
- [soltanali0/CVE-2024-40725](https://github.com/soltanali0/CVE-2024-40725)
### CVE-2024-40892 (2024-08-12)
@ -6917,6 +6925,9 @@
### CVE-2024-48705
- [L41KAA/CVE-2024-48705](https://github.com/L41KAA/CVE-2024-48705)
### CVE-2024-48762
- [YZS17/CVE-2024-48762](https://github.com/YZS17/CVE-2024-48762)
### CVE-2024-48914 (2024-10-15)
<code>Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the server. In the same code path is an additional vector for crashing the server via a malformed URI. Patches are available in versions 3.0.5 and 2.3.3. Some workarounds are also available. One may use object storage rather than the local file system, e.g. MinIO or S3, or define middleware which detects and blocks requests with urls containing `/../`.
@ -7515,7 +7526,7 @@
<code>A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter.
</code>
- [kuzgunaka/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-](https://github.com/kuzgunaka/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-)
- [ugurkarakoc1/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-](https://github.com/ugurkarakoc1/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-)
### CVE-2024-55557 (2024-12-16)
@ -10800,6 +10811,13 @@
- [byt3n33dl3/CLFS](https://github.com/byt3n33dl3/CLFS)
- [Vulmatch/CVE-2023-28252](https://github.com/Vulmatch/CVE-2023-28252)
### CVE-2023-28293 (2023-04-11)
<code>Windows Kernel Elevation of Privilege Vulnerability
</code>
- [Cr4zyDave/CVE-2023-28293](https://github.com/Cr4zyDave/CVE-2023-28293)
### CVE-2023-28324 (2023-06-30)
<code>A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution.