mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-27 01:54:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2025/01/16 12:32:56

Browse source
This commit is contained in:
motikan2010-bot 2025-01-16 21:32:56 +09:00
parent a185622577
commit cb967ee197
49 changed files with 401 additions and 195 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2014/CVE-2014-4210.json
View file

@ -45,10 +45,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2025-01-15T12:04:17Z",
"updated_at": "2025-01-16T10:10:29Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 2019,
"watchers_count": 2019,
"stargazers_count": 2020,
"watchers_count": 2020,
"has_discussions": true,
"forks_count": 339,
"allow_forking": true,
@ -78,7 +78,7 @@
],
"visibility": "public",
"forks": 339,
"watchers": 2019,
"watchers": 2020,
"score": 0,
"subscribers_count": 38
},

8
2016/CVE-2016-0638.json
View file

@ -14,10 +14,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2025-01-15T12:04:17Z",
"updated_at": "2025-01-16T10:10:29Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 2019,
"watchers_count": 2019,
"stargazers_count": 2020,
"watchers_count": 2020,
"has_discussions": true,
"forks_count": 339,
"allow_forking": true,
@ -47,7 +47,7 @@
],
"visibility": "public",
"forks": 339,
"watchers": 2019,
"watchers": 2020,
"score": 0,
"subscribers_count": 38
},

8
2017/CVE-2017-3248.json
View file

@ -45,10 +45,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2025-01-15T12:04:17Z",
"updated_at": "2025-01-16T10:10:29Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 2019,
"watchers_count": 2019,
"stargazers_count": 2020,
"watchers_count": 2020,
"has_discussions": true,
"forks_count": 339,
"allow_forking": true,
@ -78,7 +78,7 @@
],
"visibility": "public",
"forks": 339,
"watchers": 2019,
"watchers": 2020,
"score": 0,
"subscribers_count": 38
},

8
2018/CVE-2018-17240.json
View file

@ -82,10 +82,10 @@
"description": "Bash exploit for the CVE-2018-17240 (Netwave Cameras Memory Leak)",
"fork": false,
"created_at": "2025-01-07T15:10:26Z",
"updated_at": "2025-01-07T15:25:59Z",
"updated_at": "2025-01-16T11:50:46Z",
"pushed_at": "2025-01-07T15:25:02Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -94,7 +94,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

8
2018/CVE-2018-2628.json
View file

@ -576,10 +576,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2025-01-15T12:04:17Z",
"updated_at": "2025-01-16T10:10:29Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 2019,
"watchers_count": 2019,
"stargazers_count": 2020,
"watchers_count": 2020,
"has_discussions": true,
"forks_count": 339,
"allow_forking": true,
@ -609,7 +609,7 @@
],
"visibility": "public",
"forks": 339,
"watchers": 2019,
"watchers": 2020,
"score": 0,
"subscribers_count": 38
},

8
2019/CVE-2019-0708.json
View file

@ -3086,10 +3086,10 @@
"description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell",
"fork": false,
"created_at": "2020-01-21T02:22:29Z",
"updated_at": "2025-01-13T10:01:48Z",
"updated_at": "2025-01-16T11:33:03Z",
"pushed_at": "2020-01-21T03:15:41Z",
"stargazers_count": 324,
"watchers_count": 324,
"stargazers_count": 323,
"watchers_count": 323,
"has_discussions": false,
"forks_count": 71,
"allow_forking": true,
@ -3098,7 +3098,7 @@
"topics": [],
"visibility": "public",
"forks": 71,
"watchers": 324,
"watchers": 323,
"score": 0,
"subscribers_count": 6
},

8
2019/CVE-2019-11358.json
View file

File diff suppressed because one or more lines are too long

8
2019/CVE-2019-16098.json
View file

@ -14,10 +14,10 @@
"description": "Local privilege escalation PoC exploit for CVE-2019-16098",
"fork": false,
"created_at": "2019-09-10T15:57:36Z",
"updated_at": "2025-01-12T16:16:06Z",
"updated_at": "2025-01-16T11:04:06Z",
"pushed_at": "2019-09-13T20:05:43Z",
"stargazers_count": 193,
"watchers_count": 193,
"stargazers_count": 194,
"watchers_count": 194,
"has_discussions": false,
"forks_count": 61,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 61,
"watchers": 193,
"watchers": 194,
"score": 0,
"subscribers_count": 5
},

2
2019/CVE-2019-17558.json
View file

@ -45,7 +45,7 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2025-01-16T03:11:19Z",
"updated_at": "2025-01-16T10:30:17Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 4155,
"watchers_count": 4155,

8
2019/CVE-2019-2618.json
View file

@ -200,10 +200,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2025-01-15T12:04:17Z",
"updated_at": "2025-01-16T10:10:29Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 2019,
"watchers_count": 2019,
"stargazers_count": 2020,
"watchers_count": 2020,
"has_discussions": true,
"forks_count": 339,
"allow_forking": true,
@ -233,7 +233,7 @@
],
"visibility": "public",
"forks": 339,
"watchers": 2019,
"watchers": 2020,
"score": 0,
"subscribers_count": 38
}

31
2019/CVE-2019-5029.json
View file

@ -29,5 +29,36 @@
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 917568707,
"name": "CVE-2019-5029",
"full_name": "yZ1337\/CVE-2019-5029",
"owner": {
"login": "yZ1337",
"id": 32521997,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32521997?v=4",
"html_url": "https:\/\/github.com\/yZ1337",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/yZ1337\/CVE-2019-5029",
"description": "This is a Python script PoC for CVE-2019-5029",
"fork": false,
"created_at": "2025-01-16T08:34:58Z",
"updated_at": "2025-01-16T08:39:51Z",
"pushed_at": "2025-01-16T08:39:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2020/CVE-2020-0683.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege",
"fork": false,
"created_at": "2020-02-11T16:42:34Z",
"updated_at": "2024-11-08T14:50:48Z",
"updated_at": "2025-01-16T06:15:26Z",
"pushed_at": "2021-12-23T16:28:28Z",
"stargazers_count": 339,
"watchers_count": 339,
"stargazers_count": 340,
"watchers_count": 340,
"has_discussions": false,
"forks_count": 58,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 58,
"watchers": 339,
"watchers": 340,
"score": 0,
"subscribers_count": 9
}

2
2020/CVE-2020-14882.json
View file

@ -14,7 +14,7 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2025-01-16T03:11:19Z",
"updated_at": "2025-01-16T10:30:17Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 4155,
"watchers_count": 4155,

8
2020/CVE-2020-2551.json
View file

@ -14,10 +14,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2025-01-15T12:04:17Z",
"updated_at": "2025-01-16T10:10:29Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 2019,
"watchers_count": 2019,
"stargazers_count": 2020,
"watchers_count": 2020,
"has_discussions": true,
"forks_count": 339,
"allow_forking": true,
@ -47,7 +47,7 @@
],
"visibility": "public",
"forks": 339,
"watchers": 2019,
"watchers": 2020,
"score": 0,
"subscribers_count": 38
},

16
2021/CVE-2021-1675.json
View file

@ -45,10 +45,10 @@
"description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527",
"fork": false,
"created_at": "2021-06-29T17:24:14Z",
"updated_at": "2025-01-13T17:20:01Z",
"updated_at": "2025-01-16T06:34:05Z",
"pushed_at": "2021-07-20T15:28:13Z",
"stargazers_count": 1855,
"watchers_count": 1855,
"stargazers_count": 1856,
"watchers_count": 1856,
"has_discussions": false,
"forks_count": 585,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 585,
"watchers": 1855,
"watchers": 1856,
"score": 0,
"subscribers_count": 43
},
@ -311,10 +311,10 @@
"description": "Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)",
"fork": false,
"created_at": "2021-07-01T23:45:58Z",
"updated_at": "2025-01-16T06:11:29Z",
"updated_at": "2025-01-16T06:33:22Z",
"pushed_at": "2021-07-05T08:54:06Z",
"stargazers_count": 1027,
"watchers_count": 1027,
"stargazers_count": 1028,
"watchers_count": 1028,
"has_discussions": false,
"forks_count": 231,
"allow_forking": true,
@ -323,7 +323,7 @@
"topics": [],
"visibility": "public",
"forks": 231,
"watchers": 1027,
"watchers": 1028,
"score": 0,
"subscribers_count": 26
},

2
2021/CVE-2021-21972.json
View file

@ -848,7 +848,7 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2025-01-15T02:36:10Z",
"updated_at": "2025-01-16T10:30:47Z",
"pushed_at": "2024-04-25T06:09:38Z",
"stargazers_count": 1367,
"watchers_count": 1367,

4
2021/CVE-2021-22205.json
View file

@ -143,7 +143,7 @@
"stargazers_count": 267,
"watchers_count": 267,
"has_discussions": false,
"forks_count": 99,
"forks_count": 100,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -151,7 +151,7 @@
"cve-2021-22205"
],
"visibility": "public",
"forks": 99,
"forks": 100,
"watchers": 267,
"score": 0,
"subscribers_count": 2

8
2021/CVE-2021-3156.json
View file

@ -831,10 +831,10 @@
"description": "Root shell PoC for CVE-2021-3156",
"fork": false,
"created_at": "2021-02-03T19:57:56Z",
"updated_at": "2024-12-28T17:58:56Z",
"updated_at": "2025-01-16T10:44:22Z",
"pushed_at": "2022-02-13T12:21:53Z",
"stargazers_count": 147,
"watchers_count": 147,
"stargazers_count": 148,
"watchers_count": 148,
"has_discussions": false,
"forks_count": 60,
"allow_forking": true,
@ -843,7 +843,7 @@
"topics": [],
"visibility": "public",
"forks": 60,
"watchers": 147,
"watchers": 148,
"score": 0,
"subscribers_count": 1
},

8
2021/CVE-2021-4034.json
View file

@ -967,10 +967,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2025-01-15T20:03:57Z",
"updated_at": "2025-01-16T07:49:11Z",
"pushed_at": "2022-06-21T14:52:05Z",
"stargazers_count": 1106,
"watchers_count": 1106,
"stargazers_count": 1107,
"watchers_count": 1107,
"has_discussions": false,
"forks_count": 194,
"allow_forking": true,
@ -981,7 +981,7 @@
],
"visibility": "public",
"forks": 194,
"watchers": 1106,
"watchers": 1107,
"score": 0,
"subscribers_count": 14
},

4
2022/CVE-2022-1471.json
View file

@ -50,13 +50,13 @@
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 2,
"score": 0,
"subscribers_count": 1

8
2022/CVE-2022-22947.json
View file

@ -696,10 +696,10 @@
"description": "CVE-2022-22947_EXP,CVE-2022-22947_RCE,CVE-2022-22947反弹shell,CVE-2022-22947 getshell",
"fork": false,
"created_at": "2022-03-08T09:32:36Z",
"updated_at": "2024-08-12T20:21:22Z",
"updated_at": "2025-01-16T06:46:39Z",
"pushed_at": "2022-03-08T09:36:31Z",
"stargazers_count": 34,
"watchers_count": 34,
"stargazers_count": 35,
"watchers_count": 35,
"has_discussions": false,
"forks_count": 14,
"allow_forking": true,
@ -708,7 +708,7 @@
"topics": [],
"visibility": "public",
"forks": 14,
"watchers": 34,
"watchers": 35,
"score": 0,
"subscribers_count": 2
},

2
2022/CVE-2022-22954.json
View file

@ -792,7 +792,7 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2025-01-15T02:36:10Z",
"updated_at": "2025-01-16T10:30:47Z",
"pushed_at": "2024-04-25T06:09:38Z",
"stargazers_count": 1367,
"watchers_count": 1367,

4
2022/CVE-2022-24112.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 44,
"watchers_count": 44,
"has_discussions": false,
"forks_count": 10,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 10,
"forks": 7,
"watchers": 44,
"score": 0,
"subscribers_count": 4

8
2022/CVE-2022-3590.json
View file

@ -2,15 +2,15 @@
{
"id": 652624585,
"name": "CVE-2022-3590-WordPress-Vulnerability-Scanner",
"full_name": "hxlxmjxbbxs\/CVE-2022-3590-WordPress-Vulnerability-Scanner",
"full_name": "hxlxmj\/CVE-2022-3590-WordPress-Vulnerability-Scanner",
"owner": {
"login": "hxlxmjxbbxs",
"login": "hxlxmj",
"id": 96540322,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96540322?v=4",
"html_url": "https:\/\/github.com\/hxlxmjxbbxs",
"html_url": "https:\/\/github.com\/hxlxmj",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/hxlxmjxbbxs\/CVE-2022-3590-WordPress-Vulnerability-Scanner",
"html_url": "https:\/\/github.com\/hxlxmj\/CVE-2022-3590-WordPress-Vulnerability-Scanner",
"description": " This repository contains a Python script that checks WordPress websites for the CVE-2022-3590 vulnerability, which exploits an unauthenticated blind Server-Side Request Forgery (SSRF) in the WordPress pingback feature.",
"fork": false,
"created_at": "2023-06-12T13:06:54Z",

35
2022/CVE-2022-40684.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 341,
"watchers_count": 341,
"has_discussions": false,
"forks_count": 89,
"forks_count": 90,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 89,
"forks": 90,
"watchers": 341,
"score": 0,
"subscribers_count": 7
@ -727,5 +727,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 917530506,
"name": "fortigate-belsen-leak",
"full_name": "arsolutioner\/fortigate-belsen-leak",
"owner": {
"login": "arsolutioner",
"id": 83581293,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83581293?v=4",
"html_url": "https:\/\/github.com\/arsolutioner",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/arsolutioner\/fortigate-belsen-leak",
"description": "Research repository tracking affected IPs from the Fortigate CVE-2022-40684 configuration leak by Belsen Group",
"fork": false,
"created_at": "2025-01-16T06:54:15Z",
"updated_at": "2025-01-16T12:17:09Z",
"pushed_at": "2025-01-16T09:56:36Z",
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 12,
"score": 0,
"subscribers_count": 0
}
]

12
2022/CVE-2022-46689.json
View file

@ -107,19 +107,19 @@
"description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.",
"fork": false,
"created_at": "2022-12-26T06:56:35Z",
"updated_at": "2025-01-08T04:25:49Z",
"updated_at": "2025-01-16T09:57:53Z",
"pushed_at": "2023-08-02T09:35:14Z",
"stargazers_count": 884,
"watchers_count": 884,
"stargazers_count": 885,
"watchers_count": 885,
"has_discussions": false,
"forks_count": 73,
"forks_count": 74,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 73,
"watchers": 884,
"forks": 74,
"watchers": 885,
"score": 0,
"subscribers_count": 25
},

8
2023/CVE-2023-38709.json
View file

@ -14,10 +14,10 @@
"description": "Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709",
"fork": false,
"created_at": "2024-10-05T20:32:45Z",
"updated_at": "2025-01-09T13:41:00Z",
"updated_at": "2025-01-16T10:00:25Z",
"pushed_at": "2024-10-05T20:37:02Z",
"stargazers_count": 65,
"watchers_count": 65,
"stargazers_count": 66,
"watchers_count": 66,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
@ -37,7 +37,7 @@
],
"visibility": "public",
"forks": 13,
"watchers": 65,
"watchers": 66,
"score": 0,
"subscribers_count": 1
}

4
2023/CVE-2023-38831.json
View file

@ -1589,8 +1589,8 @@
"description": "CVE-2023-38831 is a Zero-day WinRAR vulnerability that lets attackers disguise malicious files in archives, tricking users into executing harmful content.",
"fork": false,
"created_at": "2024-11-11T14:25:41Z",
"updated_at": "2024-11-25T09:54:03Z",
"pushed_at": "2024-11-19T14:07:27Z",
"updated_at": "2025-01-16T10:21:39Z",
"pushed_at": "2025-01-16T10:21:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2023/CVE-2023-41425.json
View file

@ -306,10 +306,10 @@
"description": "Xss injection, WonderCMS 3.2.0 -3.4.2 ",
"fork": false,
"created_at": "2024-11-24T17:39:45Z",
"updated_at": "2025-01-12T19:40:07Z",
"updated_at": "2025-01-16T10:31:26Z",
"pushed_at": "2024-11-24T18:08:01Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -318,7 +318,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-44487.json
View file

@ -14,10 +14,10 @@
"description": "Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487",
"fork": false,
"created_at": "2023-10-10T14:20:42Z",
"updated_at": "2025-01-16T04:14:14Z",
"updated_at": "2025-01-16T07:38:47Z",
"pushed_at": "2024-01-08T11:12:08Z",
"stargazers_count": 227,
"watchers_count": 227,
"stargazers_count": 226,
"watchers_count": 226,
"has_discussions": false,
"forks_count": 48,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 48,
"watchers": 227,
"watchers": 226,
"score": 0,
"subscribers_count": 6
},

2
2023/CVE-2023-46805.json
View file

@ -272,7 +272,7 @@
"fork": false,
"created_at": "2025-01-14T12:54:19Z",
"updated_at": "2025-01-14T22:44:39Z",
"pushed_at": "2025-01-15T19:28:03Z",
"pushed_at": "2025-01-16T12:15:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

4
2023/CVE-2023-6000.json
View file

@ -14,8 +14,8 @@
"description": "This vulnerability displays an XSS flaw in a WordPress popup plugin, allowing attackers to inject malicious JavaScript through a stored XSS",
"fork": false,
"created_at": "2024-10-14T14:11:02Z",
"updated_at": "2024-11-25T09:53:43Z",
"pushed_at": "2024-10-15T13:55:17Z",
"updated_at": "2025-01-16T10:26:34Z",
"pushed_at": "2025-01-16T10:26:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2024/CVE-2024-1086.json
View file

@ -14,10 +14,10 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2025-01-15T09:32:39Z",
"updated_at": "2025-01-16T09:39:37Z",
"pushed_at": "2024-04-17T16:09:54Z",
"stargazers_count": 2325,
"watchers_count": 2325,
"stargazers_count": 2326,
"watchers_count": 2326,
"has_discussions": false,
"forks_count": 302,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 302,
"watchers": 2325,
"watchers": 2326,
"score": 0,
"subscribers_count": 27
},

31
2024/CVE-2024-11972.json
View file

@ -29,5 +29,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 916175168,
"name": "CVE-2024-11972-POC",
"full_name": "RonF98\/CVE-2024-11972-POC",
"owner": {
"login": "RonF98",
"id": 181740430,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181740430?v=4",
"html_url": "https:\/\/github.com\/RonF98",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/RonF98\/CVE-2024-11972-POC",
"description": "CVE-2024-11972 in Hunk Companion <1.9.0 allows unauthenticated attackers to exploit insecure REST API endpoints and install vulnerable plugins, risking RCE, SQLi, XSS, and backdoors.",
"fork": false,
"created_at": "2025-01-13T15:44:08Z",
"updated_at": "2025-01-16T10:21:47Z",
"pushed_at": "2025-01-16T10:21:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

10
2024/CVE-2024-21887.json
View file

@ -76,10 +76,10 @@
"description": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.",
"fork": false,
"created_at": "2024-01-16T20:59:38Z",
"updated_at": "2025-01-15T02:48:02Z",
"updated_at": "2025-01-16T11:40:44Z",
"pushed_at": "2024-01-17T00:38:28Z",
"stargazers_count": 54,
"watchers_count": 54,
"stargazers_count": 55,
"watchers_count": 55,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 54,
"watchers": 55,
"score": 0,
"subscribers_count": 2
},
@ -232,7 +232,7 @@
"fork": false,
"created_at": "2025-01-14T12:54:19Z",
"updated_at": "2025-01-14T22:44:39Z",
"pushed_at": "2025-01-15T19:28:03Z",
"pushed_at": "2025-01-16T12:15:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2024/CVE-2024-22939.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-22939",
"fork": false,
"created_at": "2024-01-25T07:00:38Z",
"updated_at": "2025-01-16T01:31:13Z",
"updated_at": "2025-01-16T10:23:53Z",
"pushed_at": "2024-01-25T07:30:38Z",
"stargazers_count": 27,
"watchers_count": 27,
"stargazers_count": 26,
"watchers_count": 26,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 27,
"watchers": 26,
"score": 0,
"subscribers_count": 3
}

31
2024/CVE-2024-38063.json
View file

@ -916,5 +916,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 917618652,
"name": "CVE-2024-38063-scanner",
"full_name": "jip-0-0-0-0-0\/CVE-2024-38063-scanner",
"owner": {
"login": "jip-0-0-0-0-0",
"id": 192677467,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192677467?v=4",
"html_url": "https:\/\/github.com\/jip-0-0-0-0-0",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/jip-0-0-0-0-0\/CVE-2024-38063-scanner",
"description": "A Python tool leveraging Shodan and Scapy to identify and exploit Windows systems vulnerable to CVE-2024-38063, enabling targeted Denial of Service attacks",
"fork": false,
"created_at": "2025-01-16T10:31:43Z",
"updated_at": "2025-01-16T10:43:40Z",
"pushed_at": "2025-01-16T10:43:39Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-38193.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2024-12-03T08:56:59Z",
"updated_at": "2025-01-13T10:22:54Z",
"updated_at": "2025-01-16T07:52:10Z",
"pushed_at": "2024-11-18T23:48:31Z",
"stargazers_count": 49,
"watchers_count": 49,
"stargazers_count": 50,
"watchers_count": 50,
"has_discussions": false,
"forks_count": 24,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 24,
"watchers": 49,
"watchers": 50,
"score": 0,
"subscribers_count": 0
}

8
2024/CVE-2024-38472.json
View file

@ -45,10 +45,10 @@
"description": "Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709",
"fork": false,
"created_at": "2024-10-05T20:32:45Z",
"updated_at": "2025-01-09T13:41:00Z",
"updated_at": "2025-01-16T10:00:25Z",
"pushed_at": "2024-10-05T20:37:02Z",
"stargazers_count": 65,
"watchers_count": 65,
"stargazers_count": 66,
"watchers_count": 66,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
@ -68,7 +68,7 @@
],
"visibility": "public",
"forks": 13,
"watchers": 65,
"watchers": 66,
"score": 0,
"subscribers_count": 1
}

35
2024/CVE-2024-41453.json Normal file
View file

@ -0,0 +1,35 @@
[
{
"id": 826194909,
"name": "CVE-2024-41453_CVE-2024-41454",
"full_name": "php-lover-boy\/CVE-2024-41453_CVE-2024-41454",
"owner": {
"login": "php-lover-boy",
"id": 111951701,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111951701?v=4",
"html_url": "https:\/\/github.com\/php-lover-boy",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/php-lover-boy\/CVE-2024-41453_CVE-2024-41454",
"description": "CVE-2024-41454, CVE-2024-41453",
"fork": false,
"created_at": "2024-07-09T08:48:59Z",
"updated_at": "2025-01-16T08:58:23Z",
"pushed_at": "2025-01-16T08:57:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"processmaker-vulnerabilites"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-49113.json
View file

@ -14,10 +14,10 @@
"description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113",
"fork": false,
"created_at": "2025-01-01T15:48:38Z",
"updated_at": "2025-01-15T13:53:29Z",
"updated_at": "2025-01-16T07:01:01Z",
"pushed_at": "2025-01-02T16:07:23Z",
"stargazers_count": 444,
"watchers_count": 444,
"stargazers_count": 445,
"watchers_count": 445,
"has_discussions": false,
"forks_count": 105,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 105,
"watchers": 444,
"watchers": 445,
"score": 0,
"subscribers_count": 3
},

12
2024/CVE-2024-49138.json
View file

@ -14,12 +14,12 @@
"description": "POC exploit for CVE-2024-49138",
"fork": false,
"created_at": "2025-01-15T00:43:37Z",
"updated_at": "2025-01-16T04:38:38Z",
"updated_at": "2025-01-16T12:10:35Z",
"pushed_at": "2025-01-15T01:01:21Z",
"stargazers_count": 94,
"watchers_count": 94,
"stargazers_count": 119,
"watchers_count": 119,
"has_discussions": false,
"forks_count": 16,
"forks_count": 21,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -30,8 +30,8 @@
"windows"
],
"visibility": "public",
"forks": 16,
"watchers": 94,
"forks": 21,
"watchers": 119,
"score": 0,
"subscribers_count": 2
}

24
2024/CVE-2024-41018.json → 2024/CVE-2024-50633.json
View file

@ -1,21 +1,21 @@
[
{
"id": 917314342,
"name": "CVE-2024-41018",
"full_name": "LLfam\/CVE-2024-41018",
"id": 917565406,
"name": "CVE-2024-50633",
"full_name": "cetinpy\/CVE-2024-50633",
"owner": {
"login": "LLfam",
"id": 43279891,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43279891?v=4",
"html_url": "https:\/\/github.com\/LLfam",
"login": "cetinpy",
"id": 175089248,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/175089248?v=4",
"html_url": "https:\/\/github.com\/cetinpy",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/LLfam\/CVE-2024-41018",
"html_url": "https:\/\/github.com\/cetinpy\/CVE-2024-50633",
"description": null,
"fork": false,
"created_at": "2025-01-15T18:49:24Z",
"updated_at": "2025-01-15T18:49:25Z",
"pushed_at": "2025-01-15T18:49:25Z",
"created_at": "2025-01-16T08:26:39Z",
"updated_at": "2025-01-16T08:27:09Z",
"pushed_at": "2025-01-16T08:27:08Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
"subscribers_count": 0
}
]

31
2024/CVE-2024-54363.json
View file

@ -29,5 +29,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 917613033,
"name": "CVE-2024-54363-Exploit",
"full_name": "Nxploited\/CVE-2024-54363-Exploit",
"owner": {
"login": "Nxploited",
"id": 188819918,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4",
"html_url": "https:\/\/github.com\/Nxploited",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-54363-Exploit",
"description": "Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege Escalation.This issue affects Wp NssUser Register: from n\/a through 1.0.0.",
"fork": false,
"created_at": "2025-01-16T10:18:02Z",
"updated_at": "2025-01-16T10:51:32Z",
"pushed_at": "2025-01-16T10:51:31Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

33
2024/CVE-2024-55591.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 917542108,
"name": "fortios-auth-bypass-check-CVE-2024-55591",
"full_name": "watchtowrlabs\/fortios-auth-bypass-check-CVE-2024-55591",
"owner": {
"login": "watchtowrlabs",
"id": 99977116,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4",
"html_url": "https:\/\/github.com\/watchtowrlabs",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/watchtowrlabs\/fortios-auth-bypass-check-CVE-2024-55591",
"description": null,
"fork": false,
"created_at": "2025-01-16T07:26:15Z",
"updated_at": "2025-01-16T12:29:03Z",
"pushed_at": "2025-01-16T08:58:49Z",
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 15,
"score": 0,
"subscribers_count": 0
}
]

31
2024/CVE-2024-6387.json
View file

@ -772,37 +772,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 823030467,
"name": "CVE-2024-6387",
"full_name": "SecWithMoh\/CVE-2024-6387",
"owner": {
"login": "SecWithMoh",
"id": 92855054,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92855054?v=4",
"html_url": "https:\/\/github.com\/SecWithMoh",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/SecWithMoh\/CVE-2024-6387",
"description": "This Go program scans targets for CVE-2024-6387 in OpenSSH, categorizing servers by vulnerability status and port availability.",
"fork": false,
"created_at": "2024-07-02T09:41:40Z",
"updated_at": "2024-07-16T07:51:21Z",
"pushed_at": "2024-07-02T10:05:02Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 823031972,
"name": "CVE-2024-6387-Updated-x64bit",

8
2024/CVE-2024-7479.json
View file

@ -14,10 +14,10 @@
"description": "TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.",
"fork": false,
"created_at": "2024-09-29T10:58:15Z",
"updated_at": "2024-12-26T02:57:19Z",
"updated_at": "2025-01-16T07:35:47Z",
"pushed_at": "2024-12-22T21:34:26Z",
"stargazers_count": 132,
"watchers_count": 132,
"stargazers_count": 133,
"watchers_count": 133,
"has_discussions": false,
"forks_count": 21,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 21,
"watchers": 132,
"watchers": 133,
"score": 0,
"subscribers_count": 2
}

10
2025/CVE-2025-0282.json
View file

@ -45,10 +45,10 @@
"description": "CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit.",
"fork": false,
"created_at": "2025-01-11T02:06:51Z",
"updated_at": "2025-01-16T05:29:14Z",
"updated_at": "2025-01-16T11:51:34Z",
"pushed_at": "2025-01-11T23:54:06Z",
"stargazers_count": 29,
"watchers_count": 29,
"stargazers_count": 30,
"watchers_count": 30,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 29,
"watchers": 30,
"score": 0,
"subscribers_count": 0
},
@ -108,7 +108,7 @@
"fork": false,
"created_at": "2025-01-14T12:54:19Z",
"updated_at": "2025-01-14T22:44:39Z",
"pushed_at": "2025-01-15T19:28:03Z",
"pushed_at": "2025-01-16T12:15:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

32
README.md
View file

@ -1475,7 +1475,6 @@
- [CiderAndWhisky/regression-scanner](https://github.com/CiderAndWhisky/regression-scanner)
- [shamo0/CVE-2024-6387_PoC](https://github.com/shamo0/CVE-2024-6387_PoC)
- [paradessia/CVE-2024-6387-nmap](https://github.com/paradessia/CVE-2024-6387-nmap)
- [SecWithMoh/CVE-2024-6387](https://github.com/SecWithMoh/CVE-2024-6387)
- [PrincipalAnthony/CVE-2024-6387-Updated-x64bit](https://github.com/PrincipalAnthony/CVE-2024-6387-Updated-x64bit)
- [skyalliance/CVE-2024-6387-POC](https://github.com/skyalliance/CVE-2024-6387-POC)
- [daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook](https://github.com/daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook)
@ -2542,6 +2541,7 @@
</code>
- [JunTakemura/exploit-CVE-2024-11972](https://github.com/JunTakemura/exploit-CVE-2024-11972)
- [RonF98/CVE-2024-11972-POC](https://github.com/RonF98/CVE-2024-11972-POC)
### CVE-2024-12025 (2024-12-18)
@ -5987,6 +5987,7 @@
- [selenagomez25/CVE-2024-38063](https://github.com/selenagomez25/CVE-2024-38063)
- [Laukage/Windows-CVE-2024-38063](https://github.com/Laukage/Windows-CVE-2024-38063)
- [jamesbishop785/CVE-2024-38063](https://github.com/jamesbishop785/CVE-2024-38063)
- [jip-0-0-0-0-0/CVE-2024-38063-scanner](https://github.com/jip-0-0-0-0-0/CVE-2024-38063-scanner)
### CVE-2024-38077 (2024-07-09)
@ -6515,13 +6516,6 @@
- [xen0bit/fwbt](https://github.com/xen0bit/fwbt)
### CVE-2024-41018 (2024-07-29)
<code>In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Add a check for attr_names and oatbl\n\nAdded out-of-bound checking for *ane (ATTR_NAME_ENTRY).
</code>
- [LLfam/CVE-2024-41018](https://github.com/LLfam/CVE-2024-41018)
### CVE-2024-41107 (2024-07-19)
<code>The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response with no signature and known or guessed username and other user details of a SAML-enabled CloudStack user-account. In such environments, this can result in a complete compromise of the resources owned and/or accessible by a SAML enabled user-account.\n\nAffected users are recommended to disable the SAML authentication plugin by setting the &quot;saml2.enabled&quot; global setting to &quot;false&quot;, or upgrade to version 4.18.2.2, 4.19.1.0 or later, which addresses this issue.\n\n
@ -6567,6 +6561,13 @@
- [NingXin2002/TOTOLINK_poc](https://github.com/NingXin2002/TOTOLINK_poc)
### CVE-2024-41453 (2025-01-15)
<code>A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.
</code>
- [php-lover-boy/CVE-2024-41453_CVE-2024-41454](https://github.com/php-lover-boy/CVE-2024-41453_CVE-2024-41454)
### CVE-2024-41570 (2024-08-09)
<code>An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server.
@ -7752,6 +7753,9 @@
- [verylazytech/CVE-2024-50623](https://github.com/verylazytech/CVE-2024-50623)
- [iSee857/Cleo-CVE-2024-50623-PoC](https://github.com/iSee857/Cleo-CVE-2024-50623-PoC)
### CVE-2024-50633
- [cetinpy/CVE-2024-50633](https://github.com/cetinpy/CVE-2024-50633)
### CVE-2024-50657 (2024-11-22)
<code>An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate privileges via the PassCodeViewModel class, specifically in the checkPassCodeIsValid method
@ -8190,6 +8194,7 @@
</code>
- [RandomRobbieBF/CVE-2024-54363](https://github.com/RandomRobbieBF/CVE-2024-54363)
- [Nxploited/CVE-2024-54363-Exploit](https://github.com/Nxploited/CVE-2024-54363-Exploit)
### CVE-2024-54369 (2024-12-16)
@ -8292,6 +8297,13 @@
- [CSIRTTrizna/CVE-2024-55587](https://github.com/CSIRTTrizna/CVE-2024-55587)
### CVE-2024-55591 (2025-01-14)
<code>An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
</code>
- [watchtowrlabs/fortios-auth-bypass-check-CVE-2024-55591](https://github.com/watchtowrlabs/fortios-auth-bypass-check-CVE-2024-55591)
### CVE-2024-55875 (2024-12-12)
<code>http4k is a functional toolkit for Kotlin HTTP applications. Prior to version 5.41.0.0, there is a potential XXE (XML External Entity Injection) vulnerability when http4k handling malicious XML contents within requests, which might allow attackers to read local sensitive information on server, trigger Server-side Request Forgery and even execute code under some circumstances. Version 5.41.0.0 contains a patch for the issue.
@ -17872,7 +17884,7 @@
<code>WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.
</code>
- [hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner](https://github.com/hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner)
- [hxlxmj/CVE-2022-3590-WordPress-Vulnerability-Scanner](https://github.com/hxlxmj/CVE-2022-3590-WordPress-Vulnerability-Scanner)
- [huynhvanphuc/CVE-2022-3590-WordPress-Vulnerability-Scanner](https://github.com/huynhvanphuc/CVE-2022-3590-WordPress-Vulnerability-Scanner)
### CVE-2022-3602 (2022-11-01)
@ -22490,6 +22502,7 @@
- [notareaperbutDR34P3r/CVE-2022-40684-Rust](https://github.com/notareaperbutDR34P3r/CVE-2022-40684-Rust)
- [z-bool/CVE-2022-40684](https://github.com/z-bool/CVE-2022-40684)
- [Anthony1500/CVE-2022-40684](https://github.com/Anthony1500/CVE-2022-40684)
- [arsolutioner/fortigate-belsen-leak](https://github.com/arsolutioner/fortigate-belsen-leak)
### CVE-2022-40687 (2022-11-18)
@ -36738,6 +36751,7 @@
</code>
- [thehunt1s0n/Exihibitor-RCE](https://github.com/thehunt1s0n/Exihibitor-RCE)
- [yZ1337/CVE-2019-5029](https://github.com/yZ1337/CVE-2019-5029)
### CVE-2019-5096 (2019-12-03)