From d37beec31b96d48441d9a889dd83df7a1c2a38fb Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Wed, 31 Aug 2022 03:17:42 +0900 Subject: [PATCH] Auto Update 2022/08/30 18:17:41 --- 2013/CVE-2013-4362.json | 8 +- 2015/CVE-2015-2291.json | 2 +- 2017/CVE-2017-11176.json | 8 +- 2017/CVE-2017-7921.json | 16 +- 2018/CVE-2018-1042.json | 2 +- 2019/CVE-2019-0708.json | 8 +- 2019/CVE-2019-12725.json | 8 +- 2019/CVE-2019-9053.json | 8 +- 2020/CVE-2020-0606.json | 30 +++ 2020/CVE-2020-0796.json | 65 ++++++- 2020/CVE-2020-10205.json | 30 +++ 2020/CVE-2020-1206.json | 56 ++++++ 2020/CVE-2020-13640.json | 30 +++ 2020/CVE-2020-1472.json | 8 +- 2020/CVE-2020-14947.json | 30 +++ 2020/CVE-2020-1764.json | 30 +++ 2020/CVE-2020-1948.json | 56 ++++++ 2020/CVE-2020-3153.json | 8 +- 2020/CVE-2020-5509.json | 30 +++ 2020/CVE-2020-5902.json | 392 +++++++++++++++++++++++++++++++++++++++ 2020/CVE-2020-6287.json | 4 +- 2020/CVE-2020-7246.json | 28 +++ 2020/CVE-2020-8835.json | 28 +++ 2020/CVE-2020-9484.json | 28 +++ 2020/CVE-2020-9768.json | 30 +++ 2021/CVE-2021-2109.json | 4 +- 2021/CVE-2021-36749.json | 8 +- 2021/CVE-2021-41184.json | 2 +- 2021/CVE-2021-42287.json | 8 +- 2021/CVE-2021-44228.json | 8 +- 2022/CVE-2022-0540.json | 8 +- 2022/CVE-2022-1802.json | 12 +- 2022/CVE-2022-2109.json | 4 +- 2022/CVE-2022-21894.json | 28 +-- 2022/CVE-2022-22947.json | 16 +- 2022/CVE-2022-24637.json | 30 +++ 2022/CVE-2022-26809.json | 12 +- 2022/CVE-2022-27255.json | 10 +- 2022/CVE-2022-28219.json | 2 +- 2022/CVE-2022-29464.json | 2 +- 2022/CVE-2022-30525.json | 8 +- 2022/CVE-2022-32250.json | 12 +- 2022/CVE-2022-34918.json | 12 +- 2022/CVE-2022-37042.json | 4 +- README.md | 88 ++++++++- 45 files changed, 1096 insertions(+), 125 deletions(-) create mode 100644 2020/CVE-2020-0606.json create mode 100644 2020/CVE-2020-10205.json create mode 100644 2020/CVE-2020-13640.json create mode 100644 2020/CVE-2020-14947.json create mode 100644 2020/CVE-2020-1764.json create mode 100644 2020/CVE-2020-5509.json create mode 100644 2020/CVE-2020-9768.json create mode 100644 2022/CVE-2022-24637.json diff --git a/2013/CVE-2013-4362.json b/2013/CVE-2013-4362.json index dc85c223bb..4b22f09698 100644 --- a/2013/CVE-2013-4362.json +++ b/2013/CVE-2013-4362.json @@ -13,10 +13,10 @@ "description": "Automatically exploit systems with vulnerable davfs2 (CVE-2013-4362)", "fork": false, "created_at": "2020-09-10T16:06:23Z", - "updated_at": "2022-07-06T02:10:40Z", + "updated_at": "2022-08-30T14:07:29Z", "pushed_at": "2020-09-10T16:20:07Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "forks_count": 2, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 1, + "watchers": 2, "score": 0 } ] \ No newline at end of file diff --git a/2015/CVE-2015-2291.json b/2015/CVE-2015-2291.json index 08582cfd4f..f1d160be6f 100644 --- a/2015/CVE-2015-2291.json +++ b/2015/CVE-2015-2291.json @@ -41,7 +41,7 @@ "description": "(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.", "fork": false, "created_at": "2022-06-22T05:22:57Z", - "updated_at": "2022-07-08T10:02:47Z", + "updated_at": "2022-08-30T16:03:19Z", "pushed_at": "2022-06-28T03:51:52Z", "stargazers_count": 6, "watchers_count": 6, diff --git a/2017/CVE-2017-11176.json b/2017/CVE-2017-11176.json index a19b611df6..ead24da3a4 100644 --- a/2017/CVE-2017-11176.json +++ b/2017/CVE-2017-11176.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2018-10-02T08:06:04Z", - "updated_at": "2022-08-09T11:28:49Z", + "updated_at": "2022-08-30T15:00:53Z", "pushed_at": "2018-10-02T10:27:06Z", - "stargazers_count": 26, - "watchers_count": 26, + "stargazers_count": 25, + "watchers_count": 25, "forks_count": 10, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 26, + "watchers": 25, "score": 0 }, { diff --git a/2017/CVE-2017-7921.json b/2017/CVE-2017-7921.json index 8da18eff91..6c79b7bb8d 100644 --- a/2017/CVE-2017-7921.json +++ b/2017/CVE-2017-7921.json @@ -13,10 +13,10 @@ "description": "Hikvision camera CVE-2017-7921-EXP", "fork": false, "created_at": "2020-04-27T11:49:40Z", - "updated_at": "2022-08-29T18:34:00Z", + "updated_at": "2022-08-30T17:07:29Z", "pushed_at": "2020-08-09T15:35:16Z", - "stargazers_count": 55, - "watchers_count": 55, + "stargazers_count": 56, + "watchers_count": 56, "forks_count": 10, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 55, + "watchers": 56, "score": 0 }, { @@ -97,10 +97,10 @@ "description": "This python file will decrypt the configurationFile used by hikvision cameras vulnerable to CVE-2017-7921.", "fork": false, "created_at": "2021-01-29T16:08:35Z", - "updated_at": "2022-08-22T08:00:21Z", + "updated_at": "2022-08-30T17:17:39Z", "pushed_at": "2021-01-29T16:22:39Z", - "stargazers_count": 40, - "watchers_count": 40, + "stargazers_count": 41, + "watchers_count": 41, "forks_count": 13, "allow_forking": true, "is_template": false, @@ -108,7 +108,7 @@ "topics": [], "visibility": "public", "forks": 13, - "watchers": 40, + "watchers": 41, "score": 0 }, { diff --git a/2018/CVE-2018-1042.json b/2018/CVE-2018-1042.json index c4ec6bffeb..731c4dcd07 100644 --- a/2018/CVE-2018-1042.json +++ b/2018/CVE-2018-1042.json @@ -14,7 +14,7 @@ "fork": false, "created_at": "2022-07-30T17:06:57Z", "updated_at": "2022-07-30T17:07:20Z", - "pushed_at": "2022-07-30T17:07:17Z", + "pushed_at": "2022-08-30T16:40:05Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index 8aa16d3939..6c5ddd3b86 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -382,10 +382,10 @@ "description": "3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)", "fork": false, "created_at": "2019-05-15T15:01:38Z", - "updated_at": "2022-08-28T21:28:28Z", + "updated_at": "2022-08-30T14:06:03Z", "pushed_at": "2019-06-13T13:07:03Z", - "stargazers_count": 374, - "watchers_count": 374, + "stargazers_count": 375, + "watchers_count": 375, "forks_count": 195, "allow_forking": true, "is_template": false, @@ -404,7 +404,7 @@ ], "visibility": "public", "forks": 195, - "watchers": 374, + "watchers": 375, "score": 0 }, { diff --git a/2019/CVE-2019-12725.json b/2019/CVE-2019-12725.json index 480d0893d0..59c414296f 100644 --- a/2019/CVE-2019-12725.json +++ b/2019/CVE-2019-12725.json @@ -41,10 +41,10 @@ "description": "漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露", "fork": false, "created_at": "2021-05-22T05:06:33Z", - "updated_at": "2022-08-29T07:46:53Z", + "updated_at": "2022-08-30T14:14:23Z", "pushed_at": "2021-11-21T10:34:06Z", - "stargazers_count": 106, - "watchers_count": 106, + "stargazers_count": 107, + "watchers_count": 107, "forks_count": 28, "allow_forking": true, "is_template": false, @@ -56,7 +56,7 @@ ], "visibility": "public", "forks": 28, - "watchers": 106, + "watchers": 107, "score": 0 }, { diff --git a/2019/CVE-2019-9053.json b/2019/CVE-2019-9053.json index 8cba212185..34602b88b8 100644 --- a/2019/CVE-2019-9053.json +++ b/2019/CVE-2019-9053.json @@ -86,14 +86,14 @@ { "id": 436706794, "name": "46635.py", - "full_name": "Marbocatcat\/46635.py", + "full_name": "maraspiras\/46635.py", "owner": { - "login": "Marbocatcat", + "login": "maraspiras", "id": 13720244, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13720244?v=4", - "html_url": "https:\/\/github.com\/Marbocatcat" + "html_url": "https:\/\/github.com\/maraspiras" }, - "html_url": "https:\/\/github.com\/Marbocatcat\/46635.py", + "html_url": "https:\/\/github.com\/maraspiras\/46635.py", "description": "update to Daniele Scanu's SQL Injection Exploit - CVE-2019-9053", "fork": false, "created_at": "2021-12-09T17:39:15Z", diff --git a/2020/CVE-2020-0606.json b/2020/CVE-2020-0606.json new file mode 100644 index 0000000000..4fec294a62 --- /dev/null +++ b/2020/CVE-2020-0606.json @@ -0,0 +1,30 @@ +[ + { + "id": 435271919, + "name": "CVE-2020-0606", + "full_name": "5l1v3r1\/CVE-2020-0606", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-0606", + "description": null, + "fork": false, + "created_at": "2021-12-05T20:30:43Z", + "updated_at": "2022-07-25T15:22:50Z", + "pushed_at": "2020-01-16T18:03:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index dfee6cc1ee..0b3f14a22c 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -1058,7 +1058,7 @@ "pushed_at": "2020-12-07T20:04:27Z", "stargazers_count": 1212, "watchers_count": 1212, - "forks_count": 373, + "forks_count": 374, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -1070,7 +1070,7 @@ "smbghost" ], "visibility": "public", - "forks": 373, + "forks": 374, "watchers": 1212, "score": 0 }, @@ -1708,6 +1708,39 @@ "watchers": 20, "score": 0 }, + { + "id": 277568818, + "name": "SMBGhost-SMBleed-scanner", + "full_name": "ZecOps\/SMBGhost-SMBleed-scanner", + "owner": { + "login": "ZecOps", + "id": 31035096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31035096?v=4", + "html_url": "https:\/\/github.com\/ZecOps" + }, + "html_url": "https:\/\/github.com\/ZecOps\/SMBGhost-SMBleed-scanner", + "description": "SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner", + "fork": false, + "created_at": "2020-07-06T14:45:07Z", + "updated_at": "2022-08-03T08:54:39Z", + "pushed_at": "2020-07-06T19:00:06Z", + "stargazers_count": 45, + "watchers_count": 45, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796", + "cve-2020-1206", + "smbghost", + "smbleed" + ], + "visibility": "public", + "forks": 14, + "watchers": 45, + "score": 0 + }, { "id": 279475059, "name": "smbghost-5", @@ -2109,6 +2142,34 @@ "watchers": 0, "score": 0 }, + { + "id": 435273567, + "name": "CVE-2020-0796-PoC-3", + "full_name": "5l1v3r1\/CVE-2020-0796-PoC-3", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-0796-PoC-3", + "description": " CVE-2020-0796 - a wormable SMBv3 vulnerability. ", + "fork": false, + "created_at": "2021-12-05T20:38:58Z", + "updated_at": "2021-12-15T13:13:03Z", + "pushed_at": "2020-03-12T13:12:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 474851127, "name": "ECE9069_SMBGhost_Exploit_CVE-2020-0796-", diff --git a/2020/CVE-2020-10205.json b/2020/CVE-2020-10205.json new file mode 100644 index 0000000000..1d5c77b97f --- /dev/null +++ b/2020/CVE-2020-10205.json @@ -0,0 +1,30 @@ +[ + { + "id": 300210711, + "name": "CVE-2020-10205", + "full_name": "5l1v3r1\/CVE-2020-10205", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-10205", + "description": null, + "fork": false, + "created_at": "2020-10-01T08:49:47Z", + "updated_at": "2021-01-30T16:15:20Z", + "pushed_at": "2020-04-17T04:00:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1206.json b/2020/CVE-2020-1206.json index ac85acf2ea..7dcb994249 100644 --- a/2020/CVE-2020-1206.json +++ b/2020/CVE-2020-1206.json @@ -31,6 +31,62 @@ "watchers": 144, "score": 0 }, + { + "id": 277048370, + "name": "CVE-2020-1206-Exploit", + "full_name": "Info-Security-Solution-Kolkata\/CVE-2020-1206-Exploit", + "owner": { + "login": "Info-Security-Solution-Kolkata", + "id": 67817658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67817658?v=4", + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata" + }, + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata\/CVE-2020-1206-Exploit", + "description": null, + "fork": false, + "created_at": "2020-07-04T05:54:58Z", + "updated_at": "2020-07-04T05:54:58Z", + "pushed_at": "2020-07-04T05:54:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277049855, + "name": "Smbleed-CVE-2020-1206-Exploit", + "full_name": "Info-Security-Solution-Kolkata\/Smbleed-CVE-2020-1206-Exploit", + "owner": { + "login": "Info-Security-Solution-Kolkata", + "id": 67817658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67817658?v=4", + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata" + }, + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata\/Smbleed-CVE-2020-1206-Exploit", + "description": null, + "fork": false, + "created_at": "2020-07-04T06:06:52Z", + "updated_at": "2020-07-04T06:06:52Z", + "pushed_at": "2020-07-04T06:06:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 327546936, "name": "CVE-2020-1206", diff --git a/2020/CVE-2020-13640.json b/2020/CVE-2020-13640.json new file mode 100644 index 0000000000..ba1ba28003 --- /dev/null +++ b/2020/CVE-2020-13640.json @@ -0,0 +1,30 @@ +[ + { + "id": 277377386, + "name": "CVE-2020-13640", + "full_name": "asterite3\/CVE-2020-13640", + "owner": { + "login": "asterite3", + "id": 5569241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5569241?v=4", + "html_url": "https:\/\/github.com\/asterite3" + }, + "html_url": "https:\/\/github.com\/asterite3\/CVE-2020-13640", + "description": "CVE-2020-13640 - SQL injection in wpDiscuz WordPress plugin <= 5.3.5", + "fork": false, + "created_at": "2020-07-05T20:22:16Z", + "updated_at": "2020-07-29T06:32:34Z", + "pushed_at": "2020-07-05T20:24:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 565ac26232..788b31be5b 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -160,10 +160,10 @@ "description": "Exploit for zerologon cve-2020-1472", "fork": false, "created_at": "2020-09-14T19:19:07Z", - "updated_at": "2022-08-30T11:55:03Z", + "updated_at": "2022-08-30T14:41:04Z", "pushed_at": "2020-10-15T18:31:15Z", - "stargazers_count": 464, - "watchers_count": 464, + "stargazers_count": 465, + "watchers_count": 465, "forks_count": 131, "allow_forking": true, "is_template": false, @@ -171,7 +171,7 @@ "topics": [], "visibility": "public", "forks": 131, - "watchers": 464, + "watchers": 465, "score": 0 }, { diff --git a/2020/CVE-2020-14947.json b/2020/CVE-2020-14947.json new file mode 100644 index 0000000000..208c1ec26d --- /dev/null +++ b/2020/CVE-2020-14947.json @@ -0,0 +1,30 @@ +[ + { + "id": 276697965, + "name": "CVE-2020-14947", + "full_name": "mhaskar\/CVE-2020-14947", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2020-14947", + "description": "The official exploit for OCS Inventory NG v2.7 Remote Command Execution CVE-2020-14947", + "fork": false, + "created_at": "2020-07-02T16:40:52Z", + "updated_at": "2021-12-22T06:41:55Z", + "pushed_at": "2020-07-02T16:46:10Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 18, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1764.json b/2020/CVE-2020-1764.json new file mode 100644 index 0000000000..446abc0e1a --- /dev/null +++ b/2020/CVE-2020-1764.json @@ -0,0 +1,30 @@ +[ + { + "id": 277557089, + "name": "cve-2020-1764-poc", + "full_name": "jpts\/cve-2020-1764-poc", + "owner": { + "login": "jpts", + "id": 5352661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5352661?v=4", + "html_url": "https:\/\/github.com\/jpts" + }, + "html_url": "https:\/\/github.com\/jpts\/cve-2020-1764-poc", + "description": "Auth Bypass PoC for Kiali", + "fork": false, + "created_at": "2020-07-06T13:59:52Z", + "updated_at": "2020-09-21T13:51:22Z", + "pushed_at": "2020-07-06T14:02:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1948.json b/2020/CVE-2020-1948.json index edf6f045fa..3bcffe2ffb 100644 --- a/2020/CVE-2020-1948.json +++ b/2020/CVE-2020-1948.json @@ -27,6 +27,62 @@ "watchers": 15, "score": 0 }, + { + "id": 277021315, + "name": "Dubbo-CVE-2020-1948", + "full_name": "txrw\/Dubbo-CVE-2020-1948", + "owner": { + "login": "txrw", + "id": 32354358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32354358?v=4", + "html_url": "https:\/\/github.com\/txrw" + }, + "html_url": "https:\/\/github.com\/txrw\/Dubbo-CVE-2020-1948", + "description": "Apache Dubbo CVE-2020-1948 漏洞测试环境,亲测可用。", + "fork": false, + "created_at": "2020-07-04T02:06:28Z", + "updated_at": "2021-01-10T06:10:22Z", + "pushed_at": "2020-07-03T02:46:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 278242568, + "name": "cve-2020-1948-poc", + "full_name": "M3g4Byt3\/cve-2020-1948-poc", + "owner": { + "login": "M3g4Byt3", + "id": 25048908, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25048908?v=4", + "html_url": "https:\/\/github.com\/M3g4Byt3" + }, + "html_url": "https:\/\/github.com\/M3g4Byt3\/cve-2020-1948-poc", + "description": null, + "fork": false, + "created_at": "2020-07-09T02:27:54Z", + "updated_at": "2022-01-06T08:36:41Z", + "pushed_at": "2020-07-02T10:03:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0 + }, { "id": 279463521, "name": "Dubbo-deserialization", diff --git a/2020/CVE-2020-3153.json b/2020/CVE-2020-3153.json index cc2bc24d22..770520d457 100644 --- a/2020/CVE-2020-3153.json +++ b/2020/CVE-2020-3153.json @@ -74,10 +74,10 @@ "description": "Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal", "fork": false, "created_at": "2020-05-19T18:59:26Z", - "updated_at": "2022-08-11T13:47:51Z", + "updated_at": "2022-08-30T13:01:32Z", "pushed_at": "2020-05-25T08:33:24Z", - "stargazers_count": 95, - "watchers_count": 95, + "stargazers_count": 96, + "watchers_count": 96, "forks_count": 20, "allow_forking": true, "is_template": false, @@ -85,7 +85,7 @@ "topics": [], "visibility": "public", "forks": 20, - "watchers": 95, + "watchers": 96, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-5509.json b/2020/CVE-2020-5509.json new file mode 100644 index 0000000000..d54b920563 --- /dev/null +++ b/2020/CVE-2020-5509.json @@ -0,0 +1,30 @@ +[ + { + "id": 319340829, + "name": "CVE-2020-5509", + "full_name": "5l1v3r1\/CVE-2020-5509", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-5509", + "description": "Car Rental Project v.1.0 Remote Code Execution", + "fork": false, + "created_at": "2020-12-07T14:13:15Z", + "updated_at": "2021-08-06T01:59:53Z", + "pushed_at": "2020-01-05T22:23:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index ade82164a5..f609c5f324 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -1,4 +1,32 @@ [ + { + "id": 277122836, + "name": "CVE-2020-5902", + "full_name": "dwisiswant0\/CVE-2020-5902", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2020-5902", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-07-04T14:12:57Z", + "updated_at": "2021-05-10T22:58:02Z", + "pushed_at": "2020-07-04T14:21:27Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0 + }, { "id": 277243283, "name": "CVE-2020-5902-Scanner", @@ -61,6 +89,90 @@ "watchers": 370, "score": 0 }, + { + "id": 277342677, + "name": "CVE-2020-5902", + "full_name": "ar0dd\/CVE-2020-5902", + "owner": { + "login": "ar0dd", + "id": 42455358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42455358?v=4", + "html_url": "https:\/\/github.com\/ar0dd" + }, + "html_url": "https:\/\/github.com\/ar0dd\/CVE-2020-5902", + "description": "POC code for checking for this vulnerability. Since the code has been released, I decided to release this one as well. Patch Immediately!", + "fork": false, + "created_at": "2020-07-05T16:38:36Z", + "updated_at": "2021-03-05T14:05:58Z", + "pushed_at": "2020-07-05T16:44:03Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0 + }, + { + "id": 277346592, + "name": "CVE-2020-5902", + "full_name": "yassineaboukir\/CVE-2020-5902", + "owner": { + "login": "yassineaboukir", + "id": 9937267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9937267?v=4", + "html_url": "https:\/\/github.com\/yassineaboukir" + }, + "html_url": "https:\/\/github.com\/yassineaboukir\/CVE-2020-5902", + "description": "Proof of concept for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-05T17:01:27Z", + "updated_at": "2022-02-19T13:35:53Z", + "pushed_at": "2020-07-06T17:47:17Z", + "stargazers_count": 71, + "watchers_count": 71, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 71, + "score": 0 + }, + { + "id": 277354676, + "name": "CVE-2020-5902-NSE", + "full_name": "rwincey\/CVE-2020-5902-NSE", + "owner": { + "login": "rwincey", + "id": 5438659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5438659?v=4", + "html_url": "https:\/\/github.com\/rwincey" + }, + "html_url": "https:\/\/github.com\/rwincey\/CVE-2020-5902-NSE", + "description": null, + "fork": false, + "created_at": "2020-07-05T17:51:38Z", + "updated_at": "2021-09-30T13:33:15Z", + "pushed_at": "2020-07-06T17:10:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0 + }, { "id": 277360749, "name": "CVE-2020-5902", @@ -89,6 +201,34 @@ "watchers": 2, "score": 0 }, + { + "id": 277376523, + "name": "CVE-2020-5902", + "full_name": "nsflabs\/CVE-2020-5902", + "owner": { + "login": "nsflabs", + "id": 64648766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64648766?v=4", + "html_url": "https:\/\/github.com\/nsflabs" + }, + "html_url": "https:\/\/github.com\/nsflabs\/CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-05T20:16:07Z", + "updated_at": "2021-12-15T14:39:45Z", + "pushed_at": "2020-07-05T20:32:18Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 11, + "score": 0 + }, { "id": 277412358, "name": "CVE-2020-5902", @@ -124,6 +264,34 @@ "watchers": 37, "score": 0 }, + { + "id": 277422712, + "name": "RCE-CVE-2020-5902", + "full_name": "JSec1337\/RCE-CVE-2020-5902", + "owner": { + "login": "JSec1337", + "id": 62246378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62246378?v=4", + "html_url": "https:\/\/github.com\/JSec1337" + }, + "html_url": "https:\/\/github.com\/JSec1337\/RCE-CVE-2020-5902", + "description": "BIG-IP F5 Remote Code Execution", + "fork": false, + "created_at": "2020-07-06T02:21:18Z", + "updated_at": "2021-12-01T00:39:47Z", + "pushed_at": "2020-07-06T02:53:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 277438754, "name": "CVE-2020-5902", @@ -152,6 +320,90 @@ "watchers": 37, "score": 0 }, + { + "id": 277448062, + "name": "cve-2020-5902", + "full_name": "r0ttenbeef\/cve-2020-5902", + "owner": { + "login": "r0ttenbeef", + "id": 48027449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48027449?v=4", + "html_url": "https:\/\/github.com\/r0ttenbeef" + }, + "html_url": "https:\/\/github.com\/r0ttenbeef\/cve-2020-5902", + "description": "cve-2020-5902 POC exploit", + "fork": false, + "created_at": "2020-07-06T05:11:37Z", + "updated_at": "2022-03-23T10:36:40Z", + "pushed_at": "2020-07-06T22:35:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 277463829, + "name": "CVE-2020-5902_RCE", + "full_name": "sv3nbeast\/CVE-2020-5902_RCE", + "owner": { + "login": "sv3nbeast", + "id": 55974091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", + "html_url": "https:\/\/github.com\/sv3nbeast" + }, + "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-5902_RCE", + "description": null, + "fork": false, + "created_at": "2020-07-06T06:45:21Z", + "updated_at": "2020-07-08T03:03:42Z", + "pushed_at": "2020-07-06T09:18:11Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0 + }, + { + "id": 277466351, + "name": "scanner-CVE-2020-5902", + "full_name": "cybersecurityworks553\/scanner-CVE-2020-5902", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/scanner-CVE-2020-5902", + "description": "CVE-2020-5902 scanner", + "fork": false, + "created_at": "2020-07-06T06:58:29Z", + "updated_at": "2021-10-06T13:26:18Z", + "pushed_at": "2020-07-06T07:16:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 277496316, "name": "CVE-2020-5902-POC-EXP", @@ -180,6 +432,62 @@ "watchers": 11, "score": 0 }, + { + "id": 277513237, + "name": "poc-CVE-2020-5902", + "full_name": "qlkwej\/poc-CVE-2020-5902", + "owner": { + "login": "qlkwej", + "id": 25258929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25258929?v=4", + "html_url": "https:\/\/github.com\/qlkwej" + }, + "html_url": "https:\/\/github.com\/qlkwej\/poc-CVE-2020-5902", + "description": "dummy poc", + "fork": false, + "created_at": "2020-07-06T10:36:07Z", + "updated_at": "2020-07-07T02:31:59Z", + "pushed_at": "2020-07-06T10:41:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 277549906, + "name": "F5-BIG-IP-CVE-2020-5902", + "full_name": "Zinkuth\/F5-BIG-IP-CVE-2020-5902", + "owner": { + "login": "Zinkuth", + "id": 36253549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36253549?v=4", + "html_url": "https:\/\/github.com\/Zinkuth" + }, + "html_url": "https:\/\/github.com\/Zinkuth\/F5-BIG-IP-CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-06T13:30:44Z", + "updated_at": "2020-07-06T13:47:41Z", + "pushed_at": "2020-07-06T13:40:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 277567865, "name": "CVE-2020-5902", @@ -208,6 +516,90 @@ "watchers": 1, "score": 0 }, + { + "id": 277584668, + "name": "CVE-2020-5902", + "full_name": "jinnywc\/CVE-2020-5902", + "owner": { + "login": "jinnywc", + "id": 30540295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30540295?v=4", + "html_url": "https:\/\/github.com\/jinnywc" + }, + "html_url": "https:\/\/github.com\/jinnywc\/CVE-2020-5902", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-07-06T15:49:46Z", + "updated_at": "2020-07-06T15:55:37Z", + "pushed_at": "2020-07-06T15:53:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 277626606, + "name": "F5-Patch", + "full_name": "GoodiesHQ\/F5-Patch", + "owner": { + "login": "GoodiesHQ", + "id": 4576046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4576046?v=4", + "html_url": "https:\/\/github.com\/GoodiesHQ" + }, + "html_url": "https:\/\/github.com\/GoodiesHQ\/F5-Patch", + "description": "Patch F5 appliance CVE-2020-5902", + "fork": false, + "created_at": "2020-07-06T19:07:33Z", + "updated_at": "2020-07-06T19:07:34Z", + "pushed_at": "2020-07-06T19:07:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277692329, + "name": "CVE-2020-5902", + "full_name": "jiansiting\/CVE-2020-5902", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2020-5902", + "description": "F5 BIG-IP Scanner (CVE-2020-5902)", + "fork": false, + "created_at": "2020-07-07T02:03:39Z", + "updated_at": "2021-10-26T09:25:22Z", + "pushed_at": "2020-07-07T02:03:40Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0 + }, { "id": 277704969, "name": "CVE-2020-5902-fix", diff --git a/2020/CVE-2020-6287.json b/2020/CVE-2020-6287.json index b013a16ca6..395e97568a 100644 --- a/2020/CVE-2020-6287.json +++ b/2020/CVE-2020-6287.json @@ -17,13 +17,13 @@ "pushed_at": "2020-09-29T17:20:12Z", "stargazers_count": 199, "watchers_count": 199, - "forks_count": 66, + "forks_count": 67, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 66, + "forks": 67, "watchers": 199, "score": 0 }, diff --git a/2020/CVE-2020-7246.json b/2020/CVE-2020-7246.json index ff6c9a2efb..41aad7694a 100644 --- a/2020/CVE-2020-7246.json +++ b/2020/CVE-2020-7246.json @@ -1,4 +1,32 @@ [ + { + "id": 318702481, + "name": "CVE-2020-7246", + "full_name": "j0hn30n\/CVE-2020-7246", + "owner": { + "login": "j0hn30n", + "id": 19259150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19259150?v=4", + "html_url": "https:\/\/github.com\/j0hn30n" + }, + "html_url": "https:\/\/github.com\/j0hn30n\/CVE-2020-7246", + "description": "[qdPM < 9.1 - Remote Code Execution](https:\/\/www.exploit-db.com\/exploits\/48146)", + "fork": false, + "created_at": "2020-12-05T04:37:17Z", + "updated_at": "2022-07-01T10:08:26Z", + "pushed_at": "2020-02-28T15:46:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 529682312, "name": "SecAssignment", diff --git a/2020/CVE-2020-8835.json b/2020/CVE-2020-8835.json index 2d7c18847f..3d07cab915 100644 --- a/2020/CVE-2020-8835.json +++ b/2020/CVE-2020-8835.json @@ -27,6 +27,34 @@ "watchers": 0, "score": 0 }, + { + "id": 277140244, + "name": "Rick_write_exp_CVE-2020-8835", + "full_name": "snappyJack\/Rick_write_exp_CVE-2020-8835", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack" + }, + "html_url": "https:\/\/github.com\/snappyJack\/Rick_write_exp_CVE-2020-8835", + "description": null, + "fork": false, + "created_at": "2020-07-04T15:51:14Z", + "updated_at": "2022-06-25T02:41:07Z", + "pushed_at": "2020-07-04T16:40:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 299816602, "name": "CVE-2020-8835", diff --git a/2020/CVE-2020-9484.json b/2020/CVE-2020-9484.json index 498f3b4968..086c506543 100644 --- a/2020/CVE-2020-9484.json +++ b/2020/CVE-2020-9484.json @@ -223,6 +223,34 @@ "watchers": 15, "score": 0 }, + { + "id": 329004194, + "name": "CVE-2020-9484-Scanner", + "full_name": "DanQMoo\/CVE-2020-9484-Scanner", + "owner": { + "login": "DanQMoo", + "id": 29651956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29651956?v=4", + "html_url": "https:\/\/github.com\/DanQMoo" + }, + "html_url": "https:\/\/github.com\/DanQMoo\/CVE-2020-9484-Scanner", + "description": "A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ", + "fork": false, + "created_at": "2021-01-12T14:00:00Z", + "updated_at": "2022-04-17T09:09:57Z", + "pushed_at": "2020-06-10T07:08:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 333238894, "name": "CVE-2020-9484", diff --git a/2020/CVE-2020-9768.json b/2020/CVE-2020-9768.json new file mode 100644 index 0000000000..ac2265e409 --- /dev/null +++ b/2020/CVE-2020-9768.json @@ -0,0 +1,30 @@ +[ + { + "id": 298576538, + "name": "CVE-2020-9768", + "full_name": "XorgX304\/CVE-2020-9768", + "owner": { + "login": "XorgX304", + "id": 46254011, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46254011?v=4", + "html_url": "https:\/\/github.com\/XorgX304" + }, + "html_url": "https:\/\/github.com\/XorgX304\/CVE-2020-9768", + "description": "AppleJPEGDriverUserClient : mach port use-after-free\/type-confusion via race condition", + "fork": false, + "created_at": "2020-09-25T13:12:04Z", + "updated_at": "2021-02-09T09:03:25Z", + "pushed_at": "2020-03-26T22:29:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2109.json b/2021/CVE-2021-2109.json index 95c12bb8aa..60f13e1259 100644 --- a/2021/CVE-2021-2109.json +++ b/2021/CVE-2021-2109.json @@ -134,13 +134,13 @@ "pushed_at": "2022-08-30T11:52:05Z", "stargazers_count": 0, "watchers_count": 0, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 0, "score": 0 } diff --git a/2021/CVE-2021-36749.json b/2021/CVE-2021-36749.json index 186f61892c..93d80cb081 100644 --- a/2021/CVE-2021-36749.json +++ b/2021/CVE-2021-36749.json @@ -13,10 +13,10 @@ "description": "漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露", "fork": false, "created_at": "2021-05-22T05:06:33Z", - "updated_at": "2022-08-29T07:46:53Z", + "updated_at": "2022-08-30T14:14:23Z", "pushed_at": "2021-11-21T10:34:06Z", - "stargazers_count": 106, - "watchers_count": 106, + "stargazers_count": 107, + "watchers_count": 107, "forks_count": 28, "allow_forking": true, "is_template": false, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 28, - "watchers": 106, + "watchers": 107, "score": 0 }, { diff --git a/2021/CVE-2021-41184.json b/2021/CVE-2021-41184.json index 2ac0179122..111e9b8c85 100644 --- a/2021/CVE-2021-41184.json +++ b/2021/CVE-2021-41184.json @@ -14,7 +14,7 @@ "fork": false, "created_at": "2022-04-14T13:42:54Z", "updated_at": "2022-05-31T19:06:32Z", - "pushed_at": "2022-04-14T13:55:04Z", + "pushed_at": "2022-08-30T16:02:36Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, diff --git a/2021/CVE-2021-42287.json b/2021/CVE-2021-42287.json index 389db7db00..4ef1434e7b 100644 --- a/2021/CVE-2021-42287.json +++ b/2021/CVE-2021-42287.json @@ -13,10 +13,10 @@ "description": "CVE-2021-42287\/CVE-2021-42278 Scanner & Exploiter.", "fork": false, "created_at": "2021-12-11T19:27:30Z", - "updated_at": "2022-08-29T17:01:41Z", + "updated_at": "2022-08-30T13:49:25Z", "pushed_at": "2021-12-16T09:50:15Z", - "stargazers_count": 1134, - "watchers_count": 1134, + "stargazers_count": 1135, + "watchers_count": 1135, "forks_count": 296, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 296, - "watchers": 1134, + "watchers": 1135, "score": 0 }, { diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 319ac7e2f0..551daeb1d8 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -2430,10 +2430,10 @@ "description": "A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.", "fork": false, "created_at": "2021-12-14T06:37:59Z", - "updated_at": "2022-08-28T15:39:19Z", + "updated_at": "2022-08-30T13:49:02Z", "pushed_at": "2022-04-24T08:56:47Z", - "stargazers_count": 345, - "watchers_count": 345, + "stargazers_count": 346, + "watchers_count": 346, "forks_count": 48, "allow_forking": true, "is_template": false, @@ -2447,7 +2447,7 @@ ], "visibility": "public", "forks": 48, - "watchers": 345, + "watchers": 346, "score": 0 }, { diff --git a/2022/CVE-2022-0540.json b/2022/CVE-2022-0540.json index 3223861b0c..d053b8ec80 100644 --- a/2022/CVE-2022-0540.json +++ b/2022/CVE-2022-0540.json @@ -13,10 +13,10 @@ "description": "Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)", "fork": false, "created_at": "2022-05-25T10:47:04Z", - "updated_at": "2022-08-30T08:21:58Z", + "updated_at": "2022-08-30T16:49:14Z", "pushed_at": "2022-05-25T13:43:16Z", - "stargazers_count": 51, - "watchers_count": 51, + "stargazers_count": 52, + "watchers_count": 52, "forks_count": 10, "allow_forking": true, "is_template": false, @@ -27,7 +27,7 @@ ], "visibility": "public", "forks": 10, - "watchers": 51, + "watchers": 52, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-1802.json b/2022/CVE-2022-1802.json index 0442f3d1b7..811f3571de 100644 --- a/2022/CVE-2022-1802.json +++ b/2022/CVE-2022-1802.json @@ -13,18 +13,18 @@ "description": null, "fork": false, "created_at": "2022-08-20T03:01:30Z", - "updated_at": "2022-08-30T12:11:10Z", + "updated_at": "2022-08-30T14:56:00Z", "pushed_at": "2022-08-26T00:48:33Z", - "stargazers_count": 105, - "watchers_count": 105, - "forks_count": 24, + "stargazers_count": 107, + "watchers_count": 107, + "forks_count": 25, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 24, - "watchers": 105, + "forks": 25, + "watchers": 107, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-2109.json b/2022/CVE-2022-2109.json index 985f40eadf..57f180577b 100644 --- a/2022/CVE-2022-2109.json +++ b/2022/CVE-2022-2109.json @@ -17,13 +17,13 @@ "pushed_at": "2022-08-30T11:52:05Z", "stargazers_count": 0, "watchers_count": 0, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 0, "score": 0 } diff --git a/2022/CVE-2022-21894.json b/2022/CVE-2022-21894.json index 999c2fc62a..4c224582e7 100644 --- a/2022/CVE-2022-21894.json +++ b/2022/CVE-2022-21894.json @@ -34,31 +34,31 @@ "score": 0 }, { - "id": 526226978, + "id": 526405651, "name": "CVE-2022-21894-Payload", - "full_name": "sm0ke1337\/CVE-2022-21894-Payload", + "full_name": "ASkyeye\/CVE-2022-21894-Payload", "owner": { - "login": "sm0ke1337", - "id": 65368643, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65368643?v=4", - "html_url": "https:\/\/github.com\/sm0ke1337" + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye" }, - "html_url": "https:\/\/github.com\/sm0ke1337\/CVE-2022-21894-Payload", + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2022-21894-Payload", "description": "Example payload for CVE-2022-21894", "fork": false, - "created_at": "2022-08-18T13:37:56Z", - "updated_at": "2022-08-20T23:07:04Z", + "created_at": "2022-08-18T23:45:47Z", + "updated_at": "2022-08-18T17:48:51Z", "pushed_at": "2022-08-18T13:53:06Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 2, + "forks": 0, + "watchers": 0, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22947.json b/2022/CVE-2022-22947.json index 69ce652ac2..47eec124b4 100644 --- a/2022/CVE-2022-22947.json +++ b/2022/CVE-2022-22947.json @@ -687,10 +687,10 @@ "description": "CVE-2022-22947_EXP,CVE-2022-22947_RCE,CVE-2022-22947反弹shell,CVE-2022-22947 getshell", "fork": false, "created_at": "2022-03-08T09:32:36Z", - "updated_at": "2022-08-13T07:14:35Z", + "updated_at": "2022-08-30T12:57:39Z", "pushed_at": "2022-03-08T09:36:31Z", - "stargazers_count": 13, - "watchers_count": 13, + "stargazers_count": 14, + "watchers_count": 14, "forks_count": 7, "allow_forking": true, "is_template": false, @@ -698,7 +698,7 @@ "topics": [], "visibility": "public", "forks": 7, - "watchers": 13, + "watchers": 14, "score": 0 }, { @@ -1223,10 +1223,10 @@ "description": "Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)", "fork": false, "created_at": "2022-04-15T15:41:36Z", - "updated_at": "2022-04-16T15:31:32Z", + "updated_at": "2022-08-30T14:30:40Z", "pushed_at": "2022-04-15T15:48:07Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "forks_count": 0, "allow_forking": true, "is_template": false, @@ -1241,7 +1241,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 4, + "watchers": 5, "score": 0 }, { diff --git a/2022/CVE-2022-24637.json b/2022/CVE-2022-24637.json new file mode 100644 index 0000000000..a8b4c74373 --- /dev/null +++ b/2022/CVE-2022-24637.json @@ -0,0 +1,30 @@ +[ + { + "id": 530742974, + "name": "CVE-2022-24637", + "full_name": "JacobEbben\/CVE-2022-24637", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-24637", + "description": "Unauthenticated RCE in Open Web Analytics (OWA) 1.7.3", + "fork": false, + "created_at": "2022-08-30T16:38:01Z", + "updated_at": "2022-08-30T17:31:08Z", + "pushed_at": "2022-08-30T17:09:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26809.json b/2022/CVE-2022-26809.json index a821deaee3..dbe0cf544a 100644 --- a/2022/CVE-2022-26809.json +++ b/2022/CVE-2022-26809.json @@ -267,10 +267,10 @@ "description": null, "fork": false, "created_at": "2022-05-01T13:19:10Z", - "updated_at": "2022-08-08T14:41:03Z", + "updated_at": "2022-08-30T13:10:12Z", "pushed_at": "2022-05-25T00:57:52Z", - "stargazers_count": 52, - "watchers_count": 52, + "stargazers_count": 53, + "watchers_count": 53, "forks_count": 24, "allow_forking": true, "is_template": false, @@ -280,7 +280,7 @@ ], "visibility": "public", "forks": 24, - "watchers": 52, + "watchers": 53, "score": 0 }, { @@ -616,13 +616,13 @@ "pushed_at": "2022-07-27T15:55:01Z", "stargazers_count": 300, "watchers_count": 300, - "forks_count": 69, + "forks_count": 70, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 69, + "forks": 70, "watchers": 300, "score": 0 }, diff --git a/2022/CVE-2022-27255.json b/2022/CVE-2022-27255.json index 516f8fecd9..7e0165cef4 100644 --- a/2022/CVE-2022-27255.json +++ b/2022/CVE-2022-27255.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2022-07-06T17:29:04Z", - "updated_at": "2022-08-30T11:50:17Z", - "pushed_at": "2022-08-30T07:24:59Z", - "stargazers_count": 167, - "watchers_count": 167, + "updated_at": "2022-08-30T18:02:46Z", + "pushed_at": "2022-08-30T13:23:51Z", + "stargazers_count": 168, + "watchers_count": 168, "forks_count": 31, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 31, - "watchers": 167, + "watchers": 168, "score": 0 }, { diff --git a/2022/CVE-2022-28219.json b/2022/CVE-2022-28219.json index 6e5f97ca82..fdc4d6e48a 100644 --- a/2022/CVE-2022-28219.json +++ b/2022/CVE-2022-28219.json @@ -70,7 +70,7 @@ "fork": false, "created_at": "2022-07-27T09:03:10Z", "updated_at": "2022-08-02T15:06:58Z", - "pushed_at": "2022-08-02T15:05:38Z", + "pushed_at": "2022-08-30T15:06:11Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/2022/CVE-2022-29464.json b/2022/CVE-2022-29464.json index b61c8c95a0..613554905c 100644 --- a/2022/CVE-2022-29464.json +++ b/2022/CVE-2022-29464.json @@ -551,7 +551,7 @@ "fork": false, "created_at": "2022-08-01T07:27:29Z", "updated_at": "2022-08-01T13:31:27Z", - "pushed_at": "2022-08-19T14:23:35Z", + "pushed_at": "2022-08-30T16:54:07Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 2, diff --git a/2022/CVE-2022-30525.json b/2022/CVE-2022-30525.json index 580ac917ff..0273ce4f58 100644 --- a/2022/CVE-2022-30525.json +++ b/2022/CVE-2022-30525.json @@ -102,10 +102,10 @@ "description": "Zyxel 防火墙未经身份验证的远程命令注入", "fork": false, "created_at": "2022-05-13T18:16:31Z", - "updated_at": "2022-07-25T11:13:36Z", + "updated_at": "2022-08-30T13:42:34Z", "pushed_at": "2022-05-14T04:45:38Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "forks_count": 2, "allow_forking": true, "is_template": false, @@ -113,7 +113,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 2, + "watchers": 3, "score": 0 }, { diff --git a/2022/CVE-2022-32250.json b/2022/CVE-2022-32250.json index 51a7cac177..49ec0c99cd 100644 --- a/2022/CVE-2022-32250.json +++ b/2022/CVE-2022-32250.json @@ -13,18 +13,18 @@ "description": null, "fork": false, "created_at": "2022-08-24T06:00:47Z", - "updated_at": "2022-08-30T11:43:24Z", + "updated_at": "2022-08-30T16:15:36Z", "pushed_at": "2022-08-25T03:02:26Z", - "stargazers_count": 94, - "watchers_count": 94, - "forks_count": 16, + "stargazers_count": 97, + "watchers_count": 97, + "forks_count": 18, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 16, - "watchers": 94, + "forks": 18, + "watchers": 97, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-34918.json b/2022/CVE-2022-34918.json index a14fae0b78..945b658cca 100644 --- a/2022/CVE-2022-34918.json +++ b/2022/CVE-2022-34918.json @@ -13,18 +13,18 @@ "description": null, "fork": false, "created_at": "2022-07-19T12:46:45Z", - "updated_at": "2022-08-25T16:03:14Z", + "updated_at": "2022-08-30T12:58:43Z", "pushed_at": "2022-08-28T16:23:06Z", - "stargazers_count": 201, - "watchers_count": 201, - "forks_count": 25, + "stargazers_count": 202, + "watchers_count": 202, + "forks_count": 26, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 25, - "watchers": 201, + "forks": 26, + "watchers": 202, "score": 0 }, { diff --git a/2022/CVE-2022-37042.json b/2022/CVE-2022-37042.json index df6b5e6dcb..8c5324cc6d 100644 --- a/2022/CVE-2022-37042.json +++ b/2022/CVE-2022-37042.json @@ -17,13 +17,13 @@ "pushed_at": "2022-08-18T18:41:13Z", "stargazers_count": 6, "watchers_count": 6, - "forks_count": 3, + "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 3, + "forks": 4, "watchers": 6, "score": 0 }, diff --git a/README.md b/README.md index 46f80e6095..e5992cad39 100644 --- a/README.md +++ b/README.md @@ -806,7 +806,7 @@ Secure Boot Security Feature Bypass Vulnerability. - [Wack0/CVE-2022-21894](https://github.com/Wack0/CVE-2022-21894) -- [sm0ke1337/CVE-2022-21894-Payload](https://github.com/sm0ke1337/CVE-2022-21894-Payload) +- [ASkyeye/CVE-2022-21894-Payload](https://github.com/ASkyeye/CVE-2022-21894-Payload) ### CVE-2022-21907 (2022-01-11) @@ -1563,6 +1563,14 @@ Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Sili - [ITSecLab-HSEL/CVE-2022-24611](https://github.com/ITSecLab-HSEL/CVE-2022-24611) +### CVE-2022-24637 (2022-03-18) + + +Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter. + + +- [JacobEbben/CVE-2022-24637](https://github.com/JacobEbben/CVE-2022-24637) + ### CVE-2022-24644 (2022-03-07) @@ -6670,7 +6678,7 @@ The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allo ### CVE-2021-40905 (2022-03-25) -The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session of a user with administrator role. +** DISPUTED ** The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session of a user with administrator role. NOTE: the vendor states that this is the intended behavior: admins are supposed to be able to execute code in this manner. - [Edgarloyola/CVE-2021-40905](https://github.com/Edgarloyola/CVE-2021-40905) @@ -8501,6 +8509,14 @@ A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) valid - [ShayNehmad/twoplustwo](https://github.com/ShayNehmad/twoplustwo) - [okanulkr/CurveBall-CVE-2020-0601-PoC](https://github.com/okanulkr/CurveBall-CVE-2020-0601-PoC) +### CVE-2020-0606 (2020-01-14) + + +A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0605. + + +- [5l1v3r1/CVE-2020-0606](https://github.com/5l1v3r1/CVE-2020-0606) + ### CVE-2020-0609 (2020-01-14) @@ -8692,6 +8708,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - [Barriuso/SMBGhost_AutomateExploitation](https://github.com/Barriuso/SMBGhost_AutomateExploitation) - [1060275195/SMBGhost](https://github.com/1060275195/SMBGhost) - [Almorabea/SMBGhost-LPE-Metasploit-Module](https://github.com/Almorabea/SMBGhost-LPE-Metasploit-Module) +- [ZecOps/SMBGhost-SMBleed-scanner](https://github.com/ZecOps/SMBGhost-SMBleed-scanner) - [5l1v3r1/smbghost-5](https://github.com/5l1v3r1/smbghost-5) - [rsmudge/CVE-2020-0796-BOF](https://github.com/rsmudge/CVE-2020-0796-BOF) - [codewithpradhan/SMBGhost-CVE-2020-0796-](https://github.com/codewithpradhan/SMBGhost-CVE-2020-0796-) @@ -8706,6 +8723,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - [Murasame-nc/CVE-2020-0796-LPE-POC](https://github.com/Murasame-nc/CVE-2020-0796-LPE-POC) - [F6JO/CVE-2020-0796-Batch-scanning](https://github.com/F6JO/CVE-2020-0796-Batch-scanning) - [lisinan988/CVE-2020-0796-exp](https://github.com/lisinan988/CVE-2020-0796-exp) +- [5l1v3r1/CVE-2020-0796-PoC-3](https://github.com/5l1v3r1/CVE-2020-0796-PoC-3) - [vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-](https://github.com/vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-) - [arzuozkan/CVE-2020-0796](https://github.com/arzuozkan/CVE-2020-0796) - [motherfucker12138/CVE-2020-0796_SMBGhost](https://github.com/motherfucker12138/CVE-2020-0796_SMBGhost) @@ -8863,6 +8881,8 @@ An information disclosure vulnerability exists in the way that the Microsoft Ser - [ZecOps/CVE-2020-1206-POC](https://github.com/ZecOps/CVE-2020-1206-POC) +- [Info-Security-Solution-Kolkata/CVE-2020-1206-Exploit](https://github.com/Info-Security-Solution-Kolkata/CVE-2020-1206-Exploit) +- [Info-Security-Solution-Kolkata/Smbleed-CVE-2020-1206-Exploit](https://github.com/Info-Security-Solution-Kolkata/Smbleed-CVE-2020-1206-Exploit) - [datntsec/CVE-2020-1206](https://github.com/datntsec/CVE-2020-1206) ### CVE-2020-1283 (2020-06-09) @@ -9029,6 +9049,14 @@ A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an a - [Ibonok/CVE-2020-1611](https://github.com/Ibonok/CVE-2020-1611) +### CVE-2020-1764 (2020-03-26) + + +A hard-coded cryptographic key vulnerability in the default configuration file was found in Kiali, all versions prior to 1.15.1. A remote attacker could abuse this flaw by creating their own JWT signed tokens and bypass Kiali authentication mechanisms, possibly gaining privileges to view and alter the Istio configuration. + + +- [jpts/cve-2020-1764-poc](https://github.com/jpts/cve-2020-1764-poc) + ### CVE-2020-1937 (2020-02-24) @@ -9093,6 +9121,8 @@ This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An - [ctlyz123/CVE-2020-1948](https://github.com/ctlyz123/CVE-2020-1948) +- [txrw/Dubbo-CVE-2020-1948](https://github.com/txrw/Dubbo-CVE-2020-1948) +- [M3g4Byt3/cve-2020-1948-poc](https://github.com/M3g4Byt3/cve-2020-1948-poc) - [L0kiii/Dubbo-deserialization](https://github.com/L0kiii/Dubbo-deserialization) ### CVE-2020-1956 (2020-05-22) @@ -9500,6 +9530,14 @@ In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the use - [xMohamed0/CVE-2020-5504-phpMyAdmin](https://github.com/xMohamed0/CVE-2020-5504-phpMyAdmin) +### CVE-2020-5509 (2020-01-14) + + +PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. + + +- [5l1v3r1/CVE-2020-5509](https://github.com/5l1v3r1/CVE-2020-5509) + ### CVE-2020-5837 (2020-05-11) @@ -9539,13 +9577,27 @@ index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. +- [dwisiswant0/CVE-2020-5902](https://github.com/dwisiswant0/CVE-2020-5902) - [aqhmal/CVE-2020-5902-Scanner](https://github.com/aqhmal/CVE-2020-5902-Scanner) - [jas502n/CVE-2020-5902](https://github.com/jas502n/CVE-2020-5902) +- [ar0dd/CVE-2020-5902](https://github.com/ar0dd/CVE-2020-5902) +- [yassineaboukir/CVE-2020-5902](https://github.com/yassineaboukir/CVE-2020-5902) +- [rwincey/CVE-2020-5902-NSE](https://github.com/rwincey/CVE-2020-5902-NSE) - [un4gi/CVE-2020-5902](https://github.com/un4gi/CVE-2020-5902) +- [nsflabs/CVE-2020-5902](https://github.com/nsflabs/CVE-2020-5902) - [yasserjanah/CVE-2020-5902](https://github.com/yasserjanah/CVE-2020-5902) +- [JSec1337/RCE-CVE-2020-5902](https://github.com/JSec1337/RCE-CVE-2020-5902) - [dunderhay/CVE-2020-5902](https://github.com/dunderhay/CVE-2020-5902) +- [r0ttenbeef/cve-2020-5902](https://github.com/r0ttenbeef/cve-2020-5902) +- [sv3nbeast/CVE-2020-5902_RCE](https://github.com/sv3nbeast/CVE-2020-5902_RCE) +- [cybersecurityworks553/scanner-CVE-2020-5902](https://github.com/cybersecurityworks553/scanner-CVE-2020-5902) - [lijiaxing1997/CVE-2020-5902-POC-EXP](https://github.com/lijiaxing1997/CVE-2020-5902-POC-EXP) +- [qlkwej/poc-CVE-2020-5902](https://github.com/qlkwej/poc-CVE-2020-5902) +- [Zinkuth/F5-BIG-IP-CVE-2020-5902](https://github.com/Zinkuth/F5-BIG-IP-CVE-2020-5902) - [0xAbdullah/CVE-2020-5902](https://github.com/0xAbdullah/CVE-2020-5902) +- [jinnywc/CVE-2020-5902](https://github.com/jinnywc/CVE-2020-5902) +- [GoodiesHQ/F5-Patch](https://github.com/GoodiesHQ/F5-Patch) +- [jiansiting/CVE-2020-5902](https://github.com/jiansiting/CVE-2020-5902) - [wdlid/CVE-2020-5902-fix](https://github.com/wdlid/CVE-2020-5902-fix) - [Any3ite/CVE-2020-5902-F5BIG](https://github.com/Any3ite/CVE-2020-5902-F5BIG) - [k3nundrum/CVE-2020-5902](https://github.com/k3nundrum/CVE-2020-5902) @@ -9736,6 +9788,7 @@ LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is re A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884. +- [j0hn30n/CVE-2020-7246](https://github.com/j0hn30n/CVE-2020-7246) - [arafatansari/SecAssignment](https://github.com/arafatansari/SecAssignment) ### CVE-2020-7247 (2020-01-29) @@ -10181,6 +10234,7 @@ In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) di - [Prabhashaka/Exploitation-CVE-2020-8835](https://github.com/Prabhashaka/Exploitation-CVE-2020-8835) +- [snappyJack/Rick_write_exp_CVE-2020-8835](https://github.com/snappyJack/Rick_write_exp_CVE-2020-8835) - [zilong3033/CVE-2020-8835](https://github.com/zilong3033/CVE-2020-8835) - [SplendidSky/CVE-2020-8835](https://github.com/SplendidSky/CVE-2020-8835) - [digamma-ai/CVE-2020-8835-verification](https://github.com/digamma-ai/CVE-2020-8835-verification) @@ -10377,6 +10431,7 @@ When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8. - [osamahamad/CVE-2020-9484-Mass-Scan](https://github.com/osamahamad/CVE-2020-9484-Mass-Scan) - [anjai94/CVE-2020-9484-exploit](https://github.com/anjai94/CVE-2020-9484-exploit) - [PenTestical/CVE-2020-9484](https://github.com/PenTestical/CVE-2020-9484) +- [DanQMoo/CVE-2020-9484-Scanner](https://github.com/DanQMoo/CVE-2020-9484-Scanner) - [AssassinUKG/CVE-2020-9484](https://github.com/AssassinUKG/CVE-2020-9484) - [VICXOR/CVE-2020-9484](https://github.com/VICXOR/CVE-2020-9484) - [DXY0411/CVE-2020-9484](https://github.com/DXY0411/CVE-2020-9484) @@ -10447,6 +10502,14 @@ A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom - [shubham0d/Zoom-dll-hijacking](https://github.com/shubham0d/Zoom-dll-hijacking) +### CVE-2020-9768 (2020-04-01) + + +A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges. + + +- [XorgX304/CVE-2020-9768](https://github.com/XorgX304/CVE-2020-9768) + ### CVE-2020-9781 (2020-04-01) @@ -10525,6 +10588,9 @@ Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. - [zhzyker/CVE-2020-10204](https://github.com/zhzyker/CVE-2020-10204) +### CVE-2020-10205 +- [5l1v3r1/CVE-2020-10205](https://github.com/5l1v3r1/CVE-2020-10205) + ### CVE-2020-10238 (2020-03-16) @@ -11173,6 +11239,14 @@ The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File D ### CVE-2020-13457 - [alt3kx/CVE-2020-13457](https://github.com/alt3kx/CVE-2020-13457) +### CVE-2020-13640 (2020-06-18) + + +A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. (No 7.x versions are affected.) + + +- [asterite3/CVE-2020-13640](https://github.com/asterite3/CVE-2020-13640) + ### CVE-2020-13699 (2020-07-29) @@ -11567,6 +11641,14 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - [Osyanina/westone-CVE-2020-14883-scanner](https://github.com/Osyanina/westone-CVE-2020-14883-scanner) - [1n7erface/PocList](https://github.com/1n7erface/PocList) +### CVE-2020-14947 (2020-06-30) + + +OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid. + + +- [mhaskar/CVE-2020-14947](https://github.com/mhaskar/CVE-2020-14947) + ### CVE-2020-14955 (2020-06-26) @@ -14874,7 +14956,7 @@ An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News m - [SUNNYSAINI01001/46635.py_CVE-2019-9053](https://github.com/SUNNYSAINI01001/46635.py_CVE-2019-9053) - [k4u5h41/CVE-2019-9053](https://github.com/k4u5h41/CVE-2019-9053) - [padsalatushal/CVE-2019-9053](https://github.com/padsalatushal/CVE-2019-9053) -- [Marbocatcat/46635.py](https://github.com/Marbocatcat/46635.py) +- [maraspiras/46635.py](https://github.com/maraspiras/46635.py) - [4nner/CVE-2019-9053](https://github.com/4nner/CVE-2019-9053) ### CVE-2019-9081