mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/05/24 18:07:47

Browse source
This commit is contained in:
motikan2010-bot 2020-05-24 18:07:47 +09:00
parent 0db82d83e6
commit c7e76ab21f
13 changed files with 77 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2017/CVE-2017-5754.json
View file

@ -59,13 +59,13 @@
"description": "This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https:\/\/support.microsoft.com\/en-us\/help\/4073119\/protect-against-speculative-execution-side-channel-vulnerabilities-in ",
"fork": false,
"created_at": "2018-01-05T09:43:04Z",
"updated_at": "2020-03-31T12:07:37Z",
"updated_at": "2020-05-24T08:53:20Z",
"pushed_at": "2018-02-19T03:04:07Z",
"stargazers_count": 84,
"watchers_count": 84,
"stargazers_count": 85,
"watchers_count": 85,
"forks_count": 42,
"forks": 42,
"watchers": 84,
"watchers": 85,
"score": 0
},
{

4
2018/CVE-2018-15982.json
View file

@ -109,8 +109,8 @@
"pushed_at": "2018-12-12T02:54:01Z",
"stargazers_count": 12,
"watchers_count": 12,
"forks_count": 9,
"forks": 9,
"forks_count": 8,
"forks": 8,
"watchers": 12,
"score": 0
},

8
2018/CVE-2018-2628.json
View file

@ -36,13 +36,13 @@
"description": "CVE-2018-2628 & CVE-2018-2893",
"fork": false,
"created_at": "2018-04-18T05:41:23Z",
"updated_at": "2020-05-22T11:30:31Z",
"updated_at": "2020-05-24T08:46:14Z",
"pushed_at": "2018-07-20T01:24:36Z",
"stargazers_count": 68,
"watchers_count": 68,
"stargazers_count": 69,
"watchers_count": 69,
"forks_count": 46,
"forks": 46,
"watchers": 68,
"watchers": 69,
"score": 0
},
{

8
2019/CVE-2019-0604.json
View file

@ -105,13 +105,13 @@
"description": "详解 k8gege的SharePoint RCE exploit cve-2019-0604-exp.py的代码动手制作自己的payload",
"fork": false,
"created_at": "2019-12-10T02:39:57Z",
"updated_at": "2020-04-18T10:15:35Z",
"updated_at": "2020-05-24T03:25:54Z",
"pushed_at": "2019-12-11T09:33:31Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 17,
"watchers_count": 17,
"forks_count": 3,
"forks": 3,
"watchers": 16,
"watchers": 17,
"score": 0
}
]

25
2019/CVE-2019-12814.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 266469917,
"name": "CVE-2019-12814",
"full_name": "Al1ex\/CVE-2019-12814",
"owner": {
"login": "Al1ex",
"id": 38161463,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/38161463?v=4",
"html_url": "https:\/\/github.com\/Al1ex"
},
"html_url": "https:\/\/github.com\/Al1ex\/CVE-2019-12814",
"description": "CVE-2019-12814:Jackson JDOM XSLTransformer Gadget",
"fork": false,
"created_at": "2020-05-24T04:33:55Z",
"updated_at": "2020-05-24T04:35:06Z",
"pushed_at": "2020-05-24T04:35:26Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
}
]

8
2019/CVE-2019-5736.json
View file

@ -36,13 +36,13 @@
"description": "PoC for CVE-2019-5736",
"fork": false,
"created_at": "2019-02-13T05:26:32Z",
"updated_at": "2020-05-21T08:43:18Z",
"updated_at": "2020-05-24T03:36:31Z",
"pushed_at": "2019-02-19T11:45:13Z",
"stargazers_count": 385,
"watchers_count": 385,
"stargazers_count": 386,
"watchers_count": 386,
"forks_count": 98,
"forks": 98,
"watchers": 385,
"watchers": 386,
"score": 0
},
{

4
2019/CVE-2019-7238.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2019-08-19T17:33:56Z",
"stargazers_count": 50,
"watchers_count": 50,
"forks_count": 18,
"forks": 18,
"forks_count": 17,
"forks": 17,
"watchers": 50,
"score": 0
},

4
2019/CVE-2019-8641.json
View file

@ -13,8 +13,8 @@
"description": "The reproduction code for CVE-2019-8641.",
"fork": false,
"created_at": "2020-05-20T07:29:01Z",
"updated_at": "2020-05-20T08:23:28Z",
"pushed_at": "2020-05-20T08:23:26Z",
"updated_at": "2020-05-24T07:24:55Z",
"pushed_at": "2020-05-24T07:24:52Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2020/CVE-2020-11651.json
View file

@ -59,13 +59,13 @@
"description": null,
"fork": false,
"created_at": "2020-05-04T08:01:37Z",
"updated_at": "2020-05-21T08:36:19Z",
"updated_at": "2020-05-24T05:59:36Z",
"pushed_at": "2020-05-04T08:11:21Z",
"stargazers_count": 88,
"watchers_count": 88,
"stargazers_count": 89,
"watchers_count": 89,
"forks_count": 29,
"forks": 29,
"watchers": 88,
"watchers": 89,
"score": 0
},
{

4
2020/CVE-2020-2551.json
View file

@ -197,8 +197,8 @@
"description": "CVE-2020-2551 POC to use in Internet",
"fork": false,
"created_at": "2020-05-24T02:56:12Z",
"updated_at": "2020-05-24T02:56:16Z",
"pushed_at": "2020-05-24T02:56:14Z",
"updated_at": "2020-05-24T03:43:41Z",
"pushed_at": "2020-05-24T03:43:39Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2020/CVE-2020-8617.json
View file

@ -13,13 +13,13 @@
"description": "PoC for CVE-2020-8617 (BIND)",
"fork": false,
"created_at": "2020-05-20T12:26:45Z",
"updated_at": "2020-05-23T13:04:38Z",
"updated_at": "2020-05-24T05:44:48Z",
"pushed_at": "2020-05-20T13:03:50Z",
"stargazers_count": 26,
"watchers_count": 26,
"stargazers_count": 27,
"watchers_count": 27,
"forks_count": 2,
"forks": 2,
"watchers": 26,
"watchers": 27,
"score": 0
},
{

24
2020/CVE-2020-9484.json
View file

@ -13,13 +13,13 @@
"description": "tomcat使用了自带session同步功能时不安全的配置没有使用EncryptInterceptor导致存在的反序列化漏洞通过精心构造的数据包 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-94849484是session持久化的洞这个是session集群同步的洞",
"fork": false,
"created_at": "2020-05-19T05:12:53Z",
"updated_at": "2020-05-23T13:57:03Z",
"updated_at": "2020-05-24T08:35:55Z",
"pushed_at": "2020-05-19T05:13:19Z",
"stargazers_count": 162,
"watchers_count": 162,
"forks_count": 29,
"forks": 29,
"watchers": 162,
"stargazers_count": 163,
"watchers_count": 163,
"forks_count": 30,
"forks": 30,
"watchers": 163,
"score": 0
},
{
@ -36,13 +36,13 @@
"description": null,
"fork": false,
"created_at": "2020-05-21T00:41:06Z",
"updated_at": "2020-05-23T03:06:25Z",
"updated_at": "2020-05-24T04:07:54Z",
"pushed_at": "2020-05-21T10:15:35Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 12,
"watchers_count": 12,
"forks_count": 0,
"forks": 0,
"watchers": 11,
"watchers": 12,
"score": 0
},
{
@ -86,8 +86,8 @@
"pushed_at": "2020-05-21T15:13:22Z",
"stargazers_count": 14,
"watchers_count": 14,
"forks_count": 6,
"forks": 6,
"forks_count": 7,
"forks": 7,
"watchers": 14,
"score": 0
}

8
README.md
View file

@ -2090,6 +2090,14 @@ Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec
### CVE-2019-12796
- [PeterUpfold/CVE-2019-12796](https://github.com/PeterUpfold/CVE-2019-12796)
### CVE-2019-12814
<code>
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.
</code>
- [Al1ex/CVE-2019-12814](https://github.com/Al1ex/CVE-2019-12814)
### CVE-2019-12815
<code>