From d5ab5ca138c63454fc4c71084cf93fe4b20a86e8 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Mon, 11 Sep 2023 23:23:27 +0900 Subject: [PATCH] Auto Update 2023/09/11 14:23:27 --- 2008/CVE-2008-0166.json | 30 ---------- 2010/CVE-2010-0232.json | 32 +++++++++++ 2017/CVE-2017-10271.json | 8 +-- 2017/CVE-2017-12615.json | 12 ++-- 2019/CVE-2019-17558.json | 8 +-- 2019/CVE-2019-2725.json | 8 +-- 2020/CVE-2020-0606.json | 32 +++++++++++ 2020/CVE-2020-0787.json | 8 +-- 2020/CVE-2020-0796.json | 60 ++++++++++++++++++++ 2020/CVE-2020-0910.json | 32 +++++++++++ 2020/CVE-2020-10148.json | 60 ++++++++++++++++++++ 2020/CVE-2020-1066.json | 8 +-- 2020/CVE-2020-12077.json | 32 +++++++++++ 2020/CVE-2020-1472.json | 34 +++++++++++- 2020/CVE-2020-14882.json | 8 +-- 2020/CVE-2020-1938.json | 12 ++-- 2020/CVE-2020-25498.json | 32 +++++++++++ 2020/CVE-2020-29583.json | 32 +++++++++++ 2020/CVE-2020-35262.json | 32 +++++++++++ 2020/CVE-2020-35717.json | 32 +++++++++++ 2020/CVE-2020-5510.json | 32 +++++++++++ 2020/CVE-2020-7661.json | 8 +-- 2020/CVE-2020-7961.json | 30 ++++++++++ 2020/CVE-2020-8165.json | 30 ++++++++++ 2020/CVE-2020-9484.json | 30 ++++++++++ 2021/CVE-2021-21972.json | 20 +++---- 2021/CVE-2021-23840.json | 32 +++++++++++ 2021/CVE-2021-26084.json | 15 +++-- 2021/CVE-2021-30357.json | 8 +-- 2021/CVE-2021-3156.json | 12 ++-- 2021/CVE-2021-3754.json | 2 +- 2021/CVE-2021-4034.json | 8 +-- 2021/CVE-2021-41773.json | 8 +-- 2021/CVE-2021-44228.json | 24 ++++---- 2022/CVE-2022-0236.json | 64 --------------------- 2022/CVE-2022-0337.json | 4 +- 2022/CVE-2022-0778.json | 30 ++++++++++ 2022/CVE-2022-0847.json | 8 +-- 2022/CVE-2022-21660.json | 30 ---------- 2022/CVE-2022-21882.json | 8 +-- 2022/CVE-2022-21907.json | 60 -------------------- 2022/CVE-2022-21999.json | 8 +-- 2022/CVE-2022-22947.json | 8 +-- 2022/CVE-2022-23222.json | 8 +-- 2022/CVE-2022-24637.json | 4 +- 2022/CVE-2022-25265.json | 8 +-- 2022/CVE-2022-26809.json | 8 +-- 2022/CVE-2022-30190.json | 2 +- 2023/CVE-2023-0159.json | 41 ++++++++++++++ 2023/CVE-2023-0386.json | 8 +-- 2023/CVE-2023-21768.json | 8 +-- 2023/CVE-2023-22960.json | 8 +-- 2023/CVE-2023-23397.json | 8 +-- 2023/CVE-2023-26818.json | 2 +- 2023/CVE-2023-27326.json | 4 +- 2023/CVE-2023-27470.json | 32 +++++++++++ 2023/CVE-2023-27524.json | 10 ++-- 2023/CVE-2023-28229.json | 12 ++-- 2023/CVE-2023-28434.json | 8 +-- 2023/CVE-2023-32233.json | 8 +-- 2023/CVE-2023-34039.json | 8 +-- 2023/CVE-2023-3460.json | 8 +-- 2023/CVE-2023-36123.json | 6 +- 2023/CVE-2023-36844.json | 8 +-- 2023/CVE-2023-36874.json | 8 +-- 2023/CVE-2023-37941.json | 4 +- 2023/CVE-2023-38831.json | 16 +++--- 2023/CVE-2023-41080.json | 30 ---------- 2023/CVE-2023-41362.json | 32 +++++++++++ 2023/CVE-2023-4350.json | 32 +++++++++++ README.md | 116 ++++++++++++++++++++++++++++++++++----- 71 files changed, 1022 insertions(+), 416 deletions(-) create mode 100644 2010/CVE-2010-0232.json create mode 100644 2020/CVE-2020-0606.json create mode 100644 2020/CVE-2020-0910.json create mode 100644 2020/CVE-2020-12077.json create mode 100644 2020/CVE-2020-25498.json create mode 100644 2020/CVE-2020-29583.json create mode 100644 2020/CVE-2020-35262.json create mode 100644 2020/CVE-2020-35717.json create mode 100644 2020/CVE-2020-5510.json create mode 100644 2021/CVE-2021-23840.json delete mode 100644 2022/CVE-2022-0236.json create mode 100644 2023/CVE-2023-0159.json create mode 100644 2023/CVE-2023-27470.json create mode 100644 2023/CVE-2023-41362.json create mode 100644 2023/CVE-2023-4350.json diff --git a/2008/CVE-2008-0166.json b/2008/CVE-2008-0166.json index 5d433213fe..a17bf77b67 100644 --- a/2008/CVE-2008-0166.json +++ b/2008/CVE-2008-0166.json @@ -61,36 +61,6 @@ "score": 0, "subscribers_count": 1 }, - { - "id": 492454353, - "name": "debianopenssl", - "full_name": "badkeys\/debianopenssl", - "owner": { - "login": "badkeys", - "id": 97682451, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97682451?v=4", - "html_url": "https:\/\/github.com\/badkeys" - }, - "html_url": "https:\/\/github.com\/badkeys\/debianopenssl", - "description": "Private keys vulnerable to Debian OpenSSL bug (CVE-2008-0166)", - "fork": false, - "created_at": "2022-05-15T10:28:03Z", - "updated_at": "2023-09-04T13:30:37Z", - "pushed_at": "2022-07-08T09:14:14Z", - "stargazers_count": 1, - "watchers_count": 1, - "has_discussions": false, - "forks_count": 15, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 15, - "watchers": 1, - "score": 0, - "subscribers_count": 2 - }, { "id": 529245817, "name": "Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166", diff --git a/2010/CVE-2010-0232.json b/2010/CVE-2010-0232.json new file mode 100644 index 0000000000..f31be25cd2 --- /dev/null +++ b/2010/CVE-2010-0232.json @@ -0,0 +1,32 @@ +[ + { + "id": 689986038, + "name": "CVE-2010-0232", + "full_name": "azorfus\/CVE-2010-0232", + "owner": { + "login": "azorfus", + "id": 72391760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72391760?v=4", + "html_url": "https:\/\/github.com\/azorfus" + }, + "html_url": "https:\/\/github.com\/azorfus\/CVE-2010-0232", + "description": "Development of an exploit for privilege escalation in Windows systems ( NT \/ 2k \/ XP \/ 2K3 \/ VISTA \/ 2k8 \/ 7 ) using the vulnerability CVE-2010-0232", + "fork": false, + "created_at": "2023-09-11T10:08:21Z", + "updated_at": "2023-09-11T10:08:22Z", + "pushed_at": "2023-09-11T10:15:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10271.json b/2017/CVE-2017-10271.json index 3ad625fc3f..be95ec117e 100644 --- a/2017/CVE-2017-10271.json +++ b/2017/CVE-2017-10271.json @@ -474,10 +474,10 @@ "description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。", "fork": false, "created_at": "2018-09-13T09:44:18Z", - "updated_at": "2023-09-06T03:27:49Z", + "updated_at": "2023-09-11T09:23:36Z", "pushed_at": "2020-10-01T20:20:41Z", - "stargazers_count": 399, - "watchers_count": 399, + "stargazers_count": 400, + "watchers_count": 400, "has_discussions": false, "forks_count": 143, "allow_forking": true, @@ -486,7 +486,7 @@ "topics": [], "visibility": "public", "forks": 143, - "watchers": 399, + "watchers": 400, "score": 0, "subscribers_count": 9 }, diff --git a/2017/CVE-2017-12615.json b/2017/CVE-2017-12615.json index 3cad8d2d7e..745bed7a5c 100644 --- a/2017/CVE-2017-12615.json +++ b/2017/CVE-2017-12615.json @@ -343,19 +343,19 @@ "description": "Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取\/包含", "fork": false, "created_at": "2022-11-13T11:01:41Z", - "updated_at": "2023-09-09T12:12:52Z", + "updated_at": "2023-09-11T13:22:16Z", "pushed_at": "2022-11-15T09:05:50Z", - "stargazers_count": 84, - "watchers_count": 84, + "stargazers_count": 85, + "watchers_count": 85, "has_discussions": false, - "forks_count": 12, + "forks_count": 13, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 12, - "watchers": 84, + "forks": 13, + "watchers": 85, "score": 0, "subscribers_count": 3 }, diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index 7d7abae683..35abf04498 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -43,10 +43,10 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2023-09-11T02:43:21Z", + "updated_at": "2023-09-11T12:06:37Z", "pushed_at": "2021-04-04T09:13:57Z", - "stargazers_count": 3868, - "watchers_count": 3868, + "stargazers_count": 3869, + "watchers_count": 3869, "has_discussions": false, "forks_count": 1087, "allow_forking": true, @@ -75,7 +75,7 @@ ], "visibility": "public", "forks": 1087, - "watchers": 3868, + "watchers": 3869, "score": 0, "subscribers_count": 155 }, diff --git a/2019/CVE-2019-2725.json b/2019/CVE-2019-2725.json index 5e4236be43..e4e122d868 100644 --- a/2019/CVE-2019-2725.json +++ b/2019/CVE-2019-2725.json @@ -13,10 +13,10 @@ "description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。", "fork": false, "created_at": "2018-09-13T09:44:18Z", - "updated_at": "2023-09-06T03:27:49Z", + "updated_at": "2023-09-11T09:23:36Z", "pushed_at": "2020-10-01T20:20:41Z", - "stargazers_count": 399, - "watchers_count": 399, + "stargazers_count": 400, + "watchers_count": 400, "has_discussions": false, "forks_count": 143, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 143, - "watchers": 399, + "watchers": 400, "score": 0, "subscribers_count": 9 }, diff --git a/2020/CVE-2020-0606.json b/2020/CVE-2020-0606.json new file mode 100644 index 0000000000..1ff074552a --- /dev/null +++ b/2020/CVE-2020-0606.json @@ -0,0 +1,32 @@ +[ + { + "id": 435271919, + "name": "CVE-2020-0606", + "full_name": "5l1v3r1\/CVE-2020-0606", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-0606", + "description": null, + "fork": false, + "created_at": "2021-12-05T20:30:43Z", + "updated_at": "2022-07-25T15:22:50Z", + "pushed_at": "2020-01-16T18:03:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0787.json b/2020/CVE-2020-0787.json index c1708568f3..4c48819856 100644 --- a/2020/CVE-2020-0787.json +++ b/2020/CVE-2020-0787.json @@ -13,10 +13,10 @@ "description": "Support ALL Windows Version", "fork": false, "created_at": "2020-06-16T08:57:51Z", - "updated_at": "2023-09-04T02:41:10Z", + "updated_at": "2023-09-11T10:39:18Z", "pushed_at": "2020-09-11T07:38:22Z", - "stargazers_count": 695, - "watchers_count": 695, + "stargazers_count": 696, + "watchers_count": 696, "has_discussions": false, "forks_count": 177, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 177, - "watchers": 695, + "watchers": 696, "score": 0, "subscribers_count": 18 }, diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 47ca72cc7d..b92a067124 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -2195,6 +2195,66 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 435273567, + "name": "CVE-2020-0796-PoC-3", + "full_name": "5l1v3r1\/CVE-2020-0796-PoC-3", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-0796-PoC-3", + "description": " CVE-2020-0796 - a wormable SMBv3 vulnerability. ", + "fork": false, + "created_at": "2021-12-05T20:38:58Z", + "updated_at": "2021-12-15T13:13:03Z", + "pushed_at": "2020-03-12T13:12:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 435273784, + "name": "SMBGhosts", + "full_name": "5l1v3r1\/SMBGhosts", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/SMBGhosts", + "description": "Multithreaded Scanner for CVE-2020-0796 - SMBv3 RCE", + "fork": false, + "created_at": "2021-12-05T20:40:08Z", + "updated_at": "2022-11-18T22:00:23Z", + "pushed_at": "2020-03-13T02:27:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, { "id": 474851127, "name": "ECE9069_SMBGhost_Exploit_CVE-2020-0796-", diff --git a/2020/CVE-2020-0910.json b/2020/CVE-2020-0910.json new file mode 100644 index 0000000000..5d6f2215bb --- /dev/null +++ b/2020/CVE-2020-0910.json @@ -0,0 +1,32 @@ +[ + { + "id": 339823743, + "name": "CVE-2020-0910", + "full_name": "kfmgang\/CVE-2020-0910", + "owner": { + "login": "kfmgang", + "id": 20864985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20864985?v=4", + "html_url": "https:\/\/github.com\/kfmgang" + }, + "html_url": "https:\/\/github.com\/kfmgang\/CVE-2020-0910", + "description": "Exploit PoC RCE - Windows Hyper-V Remote Code Execution Reverse Shell", + "fork": false, + "created_at": "2021-02-17T18:50:02Z", + "updated_at": "2022-11-03T01:08:49Z", + "pushed_at": "2020-04-22T01:10:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10148.json b/2020/CVE-2020-10148.json index 6e7ba03ea1..c89a39f6d9 100644 --- a/2020/CVE-2020-10148.json +++ b/2020/CVE-2020-10148.json @@ -28,5 +28,65 @@ "watchers": 6, "score": 0, "subscribers_count": 2 + }, + { + "id": 326335788, + "name": "CVE-2020-10148-Solarwinds-Orion", + "full_name": "Udyz\/CVE-2020-10148-Solarwinds-Orion", + "owner": { + "login": "Udyz", + "id": 39673284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39673284?v=4", + "html_url": "https:\/\/github.com\/Udyz" + }, + "html_url": "https:\/\/github.com\/Udyz\/CVE-2020-10148-Solarwinds-Orion", + "description": null, + "fork": false, + "created_at": "2021-01-03T05:35:07Z", + "updated_at": "2022-11-24T11:12:50Z", + "pushed_at": "2021-01-03T05:37:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 327010904, + "name": "CVE-2020-10148", + "full_name": "B1anda0\/CVE-2020-10148", + "owner": { + "login": "B1anda0", + "id": 74232513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74232513?v=4", + "html_url": "https:\/\/github.com\/B1anda0" + }, + "html_url": "https:\/\/github.com\/B1anda0\/CVE-2020-10148", + "description": "SolarWinds Orion API 远程代码执行漏洞批量检测脚本", + "fork": false, + "created_at": "2021-01-05T13:42:36Z", + "updated_at": "2023-02-26T04:18:15Z", + "pushed_at": "2021-01-05T13:56:11Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1066.json b/2020/CVE-2020-1066.json index 7c9ffc4ead..b7abda9b68 100644 --- a/2020/CVE-2020-1066.json +++ b/2020/CVE-2020-1066.json @@ -13,10 +13,10 @@ "description": "CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统", "fork": false, "created_at": "2020-06-01T04:44:05Z", - "updated_at": "2023-07-25T23:36:48Z", + "updated_at": "2023-09-11T10:39:39Z", "pushed_at": "2020-06-17T00:56:08Z", - "stargazers_count": 185, - "watchers_count": 185, + "stargazers_count": 186, + "watchers_count": 186, "has_discussions": false, "forks_count": 48, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 48, - "watchers": 185, + "watchers": 186, "score": 0, "subscribers_count": 5 }, diff --git a/2020/CVE-2020-12077.json b/2020/CVE-2020-12077.json new file mode 100644 index 0000000000..fb61cccdb6 --- /dev/null +++ b/2020/CVE-2020-12077.json @@ -0,0 +1,32 @@ +[ + { + "id": 690051066, + "name": "CVE-2020-12077", + "full_name": "RandomRobbieBF\/CVE-2020-12077", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2020-12077", + "description": "MapPress Maps Pro < 2.53.9 - Remote Code Execution (RCE) due to Incorrect Access Control in AJAX Actions", + "fork": false, + "created_at": "2023-09-11T12:43:47Z", + "updated_at": "2023-09-11T12:44:41Z", + "pushed_at": "2023-09-11T13:01:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 8b4700ac78..bc034b6aee 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -48,13 +48,13 @@ "stargazers_count": 1640, "watchers_count": 1640, "has_discussions": false, - "forks_count": 361, + "forks_count": 360, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 361, + "forks": 360, "watchers": 1640, "score": 0, "subscribers_count": 90 @@ -1334,6 +1334,36 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 325937253, + "name": "zerologon", + "full_name": "wrathfulDiety\/zerologon", + "owner": { + "login": "wrathfulDiety", + "id": 36190613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36190613?v=4", + "html_url": "https:\/\/github.com\/wrathfulDiety" + }, + "html_url": "https:\/\/github.com\/wrathfulDiety\/zerologon", + "description": "zerologon script to exploit CVE-2020-1472 CVSS 10\/10", + "fork": false, + "created_at": "2021-01-01T07:38:58Z", + "updated_at": "2021-01-17T15:08:53Z", + "pushed_at": "2021-01-03T15:43:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, { "id": 327729919, "name": "ZeroLogon-Exploitation-Check", diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 193371b030..2df15fc345 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -13,10 +13,10 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2023-09-11T02:43:21Z", + "updated_at": "2023-09-11T12:06:37Z", "pushed_at": "2021-04-04T09:13:57Z", - "stargazers_count": 3868, - "watchers_count": 3868, + "stargazers_count": 3869, + "watchers_count": 3869, "has_discussions": false, "forks_count": 1087, "allow_forking": true, @@ -45,7 +45,7 @@ ], "visibility": "public", "forks": 1087, - "watchers": 3868, + "watchers": 3869, "score": 0, "subscribers_count": 155 }, diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 7c47ab3a67..5d8867f10b 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -889,19 +889,19 @@ "description": "Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取\/包含", "fork": false, "created_at": "2022-11-13T11:01:41Z", - "updated_at": "2023-09-09T12:12:52Z", + "updated_at": "2023-09-11T13:22:16Z", "pushed_at": "2022-11-15T09:05:50Z", - "stargazers_count": 84, - "watchers_count": 84, + "stargazers_count": 85, + "watchers_count": 85, "has_discussions": false, - "forks_count": 12, + "forks_count": 13, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 12, - "watchers": 84, + "forks": 13, + "watchers": 85, "score": 0, "subscribers_count": 3 } diff --git a/2020/CVE-2020-25498.json b/2020/CVE-2020-25498.json new file mode 100644 index 0000000000..36e2483605 --- /dev/null +++ b/2020/CVE-2020-25498.json @@ -0,0 +1,32 @@ +[ + { + "id": 327073339, + "name": "CVE-2020-25498", + "full_name": "the-girl-who-lived\/CVE-2020-25498", + "owner": { + "login": "the-girl-who-lived", + "id": 42164898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4", + "html_url": "https:\/\/github.com\/the-girl-who-lived" + }, + "html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-25498", + "description": "Stored XSS via CSRF in Beetel 777VR1 Router ", + "fork": false, + "created_at": "2021-01-05T17:38:52Z", + "updated_at": "2021-01-09T06:55:14Z", + "pushed_at": "2021-01-05T19:48:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29583.json b/2020/CVE-2020-29583.json new file mode 100644 index 0000000000..2240c79b16 --- /dev/null +++ b/2020/CVE-2020-29583.json @@ -0,0 +1,32 @@ +[ + { + "id": 326532749, + "name": "scan_CVE-2020-29583", + "full_name": "ruppde\/scan_CVE-2020-29583", + "owner": { + "login": "ruppde", + "id": 46819580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46819580?v=4", + "html_url": "https:\/\/github.com\/ruppde" + }, + "html_url": "https:\/\/github.com\/ruppde\/scan_CVE-2020-29583", + "description": "Scanner for Zyxel products which are potentially vulnerable due to an undocumented user account (CVE-2020-29583)", + "fork": false, + "created_at": "2021-01-04T00:56:55Z", + "updated_at": "2023-03-15T18:45:41Z", + "pushed_at": "2021-01-04T22:55:37Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35262.json b/2020/CVE-2020-35262.json new file mode 100644 index 0000000000..88d0ef85d5 --- /dev/null +++ b/2020/CVE-2020-35262.json @@ -0,0 +1,32 @@ +[ + { + "id": 327099437, + "name": "CVE-2020-35262", + "full_name": "the-girl-who-lived\/CVE-2020-35262", + "owner": { + "login": "the-girl-who-lived", + "id": 42164898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4", + "html_url": "https:\/\/github.com\/the-girl-who-lived" + }, + "html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-35262", + "description": "Cross Site Scripting (XSS) in Digisol DG-HR3400 Router", + "fork": false, + "created_at": "2021-01-05T19:32:31Z", + "updated_at": "2021-12-05T20:27:28Z", + "pushed_at": "2021-01-05T19:46:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35717.json b/2020/CVE-2020-35717.json new file mode 100644 index 0000000000..e5756d0193 --- /dev/null +++ b/2020/CVE-2020-35717.json @@ -0,0 +1,32 @@ +[ + { + "id": 325946157, + "name": "cve-2020-35717", + "full_name": "hmartos\/cve-2020-35717", + "owner": { + "login": "hmartos", + "id": 13253656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13253656?v=4", + "html_url": "https:\/\/github.com\/hmartos" + }, + "html_url": "https:\/\/github.com\/hmartos\/cve-2020-35717", + "description": "Showcase repository for CVE-2020-35717", + "fork": false, + "created_at": "2021-01-01T08:53:53Z", + "updated_at": "2023-03-09T00:13:18Z", + "pushed_at": "2021-01-01T08:54:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5510.json b/2020/CVE-2020-5510.json new file mode 100644 index 0000000000..422c7dbbb2 --- /dev/null +++ b/2020/CVE-2020-5510.json @@ -0,0 +1,32 @@ +[ + { + "id": 435276362, + "name": "CVE-2020-5510", + "full_name": "5l1v3r1\/CVE-2020-5510", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-5510", + "description": "Car Rental Project v.1.0 Remote Code Execution", + "fork": false, + "created_at": "2021-12-05T20:53:18Z", + "updated_at": "2021-12-05T20:53:19Z", + "pushed_at": "2020-01-05T22:23:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-7661.json b/2020/CVE-2020-7661.json index 0e6c2ab51e..c9bb418e07 100644 --- a/2020/CVE-2020-7661.json +++ b/2020/CVE-2020-7661.json @@ -13,10 +13,10 @@ "description": "Regular expression matching for URL's. Maintained, safe, and browser-friendly version of url-regex. Resolves CVE-2020-7661 for Node.js servers.", "fork": false, "created_at": "2020-08-15T07:42:50Z", - "updated_at": "2023-09-08T18:11:18Z", + "updated_at": "2023-09-11T11:06:29Z", "pushed_at": "2023-08-15T17:57:06Z", - "stargazers_count": 66, - "watchers_count": 66, + "stargazers_count": 67, + "watchers_count": 67, "has_discussions": false, "forks_count": 16, "allow_forking": true, @@ -38,7 +38,7 @@ ], "visibility": "public", "forks": 16, - "watchers": 66, + "watchers": 67, "score": 0, "subscribers_count": 5 } diff --git a/2020/CVE-2020-7961.json b/2020/CVE-2020-7961.json index e9fe27b2ee..02cf88d92a 100644 --- a/2020/CVE-2020-7961.json +++ b/2020/CVE-2020-7961.json @@ -179,6 +179,36 @@ "score": 0, "subscribers_count": 2 }, + { + "id": 326194141, + "name": "CVE-2020-7961-Mass", + "full_name": "Udyz\/CVE-2020-7961-Mass", + "owner": { + "login": "Udyz", + "id": 39673284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39673284?v=4", + "html_url": "https:\/\/github.com\/Udyz" + }, + "html_url": "https:\/\/github.com\/Udyz\/CVE-2020-7961-Mass", + "description": "CVE-2020–7961 Mass exploit for Script Kiddies", + "fork": false, + "created_at": "2021-01-02T13:57:59Z", + "updated_at": "2023-08-01T05:54:50Z", + "pushed_at": "2021-01-03T10:54:20Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + }, { "id": 329711989, "name": "CVE-2020-7961", diff --git a/2020/CVE-2020-8165.json b/2020/CVE-2020-8165.json index d752613380..6c21fe42bb 100644 --- a/2020/CVE-2020-8165.json +++ b/2020/CVE-2020-8165.json @@ -89,6 +89,36 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 326508613, + "name": "CVE-2020-8165", + "full_name": "hybryx\/CVE-2020-8165", + "owner": { + "login": "hybryx", + "id": 43386553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43386553?v=4", + "html_url": "https:\/\/github.com\/hybryx" + }, + "html_url": "https:\/\/github.com\/hybryx\/CVE-2020-8165", + "description": null, + "fork": false, + "created_at": "2021-01-03T21:59:09Z", + "updated_at": "2021-02-03T02:11:09Z", + "pushed_at": "2021-01-03T22:07:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, { "id": 329810247, "name": "CVE-2020-8165", diff --git a/2020/CVE-2020-9484.json b/2020/CVE-2020-9484.json index a215570be7..13c6ec02e8 100644 --- a/2020/CVE-2020-9484.json +++ b/2020/CVE-2020-9484.json @@ -239,6 +239,36 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 329004194, + "name": "CVE-2020-9484-Scanner", + "full_name": "DanQMoo\/CVE-2020-9484-Scanner", + "owner": { + "login": "DanQMoo", + "id": 29651956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29651956?v=4", + "html_url": "https:\/\/github.com\/DanQMoo" + }, + "html_url": "https:\/\/github.com\/DanQMoo\/CVE-2020-9484-Scanner", + "description": "A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ", + "fork": false, + "created_at": "2021-01-12T14:00:00Z", + "updated_at": "2022-04-17T09:09:57Z", + "pushed_at": "2020-06-10T07:08:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, { "id": 333238894, "name": "CVE-2020-9484", diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 4c039ae271..5ca245fea7 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -90,12 +90,12 @@ "description": "CVE-2021-21972 Exploit", "fork": false, "created_at": "2021-02-24T11:14:58Z", - "updated_at": "2023-09-11T01:02:26Z", + "updated_at": "2023-09-11T13:31:11Z", "pushed_at": "2023-06-08T04:01:33Z", - "stargazers_count": 452, - "watchers_count": 452, + "stargazers_count": 454, + "watchers_count": 454, "has_discussions": false, - "forks_count": 150, + "forks_count": 151, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -103,8 +103,8 @@ "cve-2021-21972" ], "visibility": "public", - "forks": 150, - "watchers": 452, + "forks": 151, + "watchers": 454, "score": 0, "subscribers_count": 7 }, @@ -152,10 +152,10 @@ "description": "Proof of Concept Exploit for vCenter CVE-2021-21972", "fork": false, "created_at": "2021-02-24T16:31:34Z", - "updated_at": "2023-09-07T03:07:59Z", + "updated_at": "2023-09-11T09:03:36Z", "pushed_at": "2021-02-25T16:05:02Z", - "stargazers_count": 238, - "watchers_count": 238, + "stargazers_count": 239, + "watchers_count": 239, "has_discussions": false, "forks_count": 86, "allow_forking": true, @@ -164,7 +164,7 @@ "topics": [], "visibility": "public", "forks": 86, - "watchers": 238, + "watchers": 239, "score": 0, "subscribers_count": 10 }, diff --git a/2021/CVE-2021-23840.json b/2021/CVE-2021-23840.json new file mode 100644 index 0000000000..1f37a79982 --- /dev/null +++ b/2021/CVE-2021-23840.json @@ -0,0 +1,32 @@ +[ + { + "id": 689968197, + "name": "openssl-1.1.1g_CVE-2021-23840", + "full_name": "Trinadh465\/openssl-1.1.1g_CVE-2021-23840", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/openssl-1.1.1g_CVE-2021-23840", + "description": null, + "fork": false, + "created_at": "2023-09-11T09:24:54Z", + "updated_at": "2023-09-11T09:27:35Z", + "pushed_at": "2023-09-11T09:27:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26084.json b/2021/CVE-2021-26084.json index 952dfba023..40801ecc9a 100644 --- a/2021/CVE-2021-26084.json +++ b/2021/CVE-2021-26084.json @@ -223,10 +223,10 @@ "description": "CVE-2021-26084 Remote Code Execution on Confluence Servers", "fork": false, "created_at": "2021-09-01T09:50:26Z", - "updated_at": "2023-09-05T06:30:58Z", + "updated_at": "2023-09-11T08:53:33Z", "pushed_at": "2022-02-10T11:38:46Z", - "stargazers_count": 65, - "watchers_count": 65, + "stargazers_count": 66, + "watchers_count": 66, "has_discussions": false, "forks_count": 43, "allow_forking": true, @@ -235,7 +235,7 @@ "topics": [], "visibility": "public", "forks": 43, - "watchers": 65, + "watchers": 66, "score": 0, "subscribers_count": 3 }, @@ -1097,7 +1097,7 @@ "description": null, "fork": false, "created_at": "2023-07-03T07:31:29Z", - "updated_at": "2023-07-05T03:28:16Z", + "updated_at": "2023-09-11T11:40:35Z", "pushed_at": "2023-07-05T05:32:50Z", "stargazers_count": 0, "watchers_count": 0, @@ -1106,7 +1106,10 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "cve-2021-26084", + "rce" + ], "visibility": "public", "forks": 1, "watchers": 0, diff --git a/2021/CVE-2021-30357.json b/2021/CVE-2021-30357.json index 8511b9cb9f..9c751cfe7a 100644 --- a/2021/CVE-2021-30357.json +++ b/2021/CVE-2021-30357.json @@ -13,10 +13,10 @@ "description": "Proof-of-Concept for privileged file read through CheckPoint SNX VPN Linux Client ", "fork": false, "created_at": "2023-06-18T21:52:28Z", - "updated_at": "2023-06-21T07:07:11Z", + "updated_at": "2023-09-11T10:32:54Z", "pushed_at": "2023-06-20T10:27:14Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 6, + "watchers_count": 6, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 5, + "watchers": 6, "score": 0, "subscribers_count": 1 } diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index 10603202c6..6824cb99fe 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -1074,19 +1074,19 @@ "description": "Sudo Baron Samedit Exploit", "fork": false, "created_at": "2021-03-15T17:37:02Z", - "updated_at": "2023-09-11T03:28:05Z", + "updated_at": "2023-09-11T13:30:29Z", "pushed_at": "2022-01-13T05:48:01Z", - "stargazers_count": 640, - "watchers_count": 640, + "stargazers_count": 649, + "watchers_count": 649, "has_discussions": false, - "forks_count": 161, + "forks_count": 162, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 161, - "watchers": 640, + "forks": 162, + "watchers": 649, "score": 0, "subscribers_count": 10 }, diff --git a/2021/CVE-2021-3754.json b/2021/CVE-2021-3754.json index bec277224f..500bdd0bb8 100644 --- a/2021/CVE-2021-3754.json +++ b/2021/CVE-2021-3754.json @@ -14,7 +14,7 @@ "fork": false, "created_at": "2023-09-07T07:49:21Z", "updated_at": "2023-09-07T11:19:22Z", - "pushed_at": "2023-09-07T11:33:13Z", + "pushed_at": "2023-09-11T07:03:06Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index e4764ac811..0d45396447 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -79,10 +79,10 @@ "description": "CVE-2021-4034 1day", "fork": false, "created_at": "2022-01-25T23:51:37Z", - "updated_at": "2023-09-11T02:05:24Z", + "updated_at": "2023-09-11T09:31:12Z", "pushed_at": "2022-06-08T04:00:28Z", - "stargazers_count": 1850, - "watchers_count": 1850, + "stargazers_count": 1851, + "watchers_count": 1851, "has_discussions": false, "forks_count": 513, "allow_forking": true, @@ -91,7 +91,7 @@ "topics": [], "visibility": "public", "forks": 513, - "watchers": 1850, + "watchers": 1851, "score": 0, "subscribers_count": 22 }, diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json index 2c719b3a96..792baac623 100644 --- a/2021/CVE-2021-41773.json +++ b/2021/CVE-2021-41773.json @@ -103,10 +103,10 @@ "description": null, "fork": false, "created_at": "2021-10-05T17:29:49Z", - "updated_at": "2023-03-01T05:13:27Z", + "updated_at": "2023-09-11T08:12:59Z", "pushed_at": "2021-10-06T09:25:38Z", - "stargazers_count": 18, - "watchers_count": 18, + "stargazers_count": 17, + "watchers_count": 17, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 18, + "watchers": 17, "score": 0, "subscribers_count": 3 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index f6a8756c2b..d24cb83a9c 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -857,10 +857,10 @@ "description": "🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks", "fork": false, "created_at": "2021-12-10T22:35:00Z", - "updated_at": "2023-09-10T16:43:44Z", + "updated_at": "2023-09-11T09:24:06Z", "pushed_at": "2022-01-15T16:18:44Z", - "stargazers_count": 909, - "watchers_count": 909, + "stargazers_count": 910, + "watchers_count": 910, "has_discussions": false, "forks_count": 139, "allow_forking": true, @@ -889,7 +889,7 @@ ], "visibility": "public", "forks": 139, - "watchers": 909, + "watchers": 910, "score": 0, "subscribers_count": 24 }, @@ -3703,10 +3703,10 @@ "description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ", "fork": false, "created_at": "2021-12-13T03:57:50Z", - "updated_at": "2023-09-11T04:21:22Z", + "updated_at": "2023-09-11T12:57:52Z", "pushed_at": "2022-11-23T18:23:24Z", - "stargazers_count": 3284, - "watchers_count": 3284, + "stargazers_count": 3285, + "watchers_count": 3285, "has_discussions": true, "forks_count": 744, "allow_forking": true, @@ -3715,7 +3715,7 @@ "topics": [], "visibility": "public", "forks": 744, - "watchers": 3284, + "watchers": 3285, "score": 0, "subscribers_count": 60 }, @@ -6278,10 +6278,10 @@ "description": "Scanners for Jar files that may be vulnerable to CVE-2021-44228", "fork": false, "created_at": "2021-12-14T23:33:51Z", - "updated_at": "2023-07-16T23:59:34Z", + "updated_at": "2023-09-11T13:36:58Z", "pushed_at": "2022-03-23T18:12:51Z", - "stargazers_count": 344, - "watchers_count": 344, + "stargazers_count": 345, + "watchers_count": 345, "has_discussions": false, "forks_count": 91, "allow_forking": true, @@ -6290,7 +6290,7 @@ "topics": [], "visibility": "public", "forks": 91, - "watchers": 344, + "watchers": 345, "score": 0, "subscribers_count": 35 }, diff --git a/2022/CVE-2022-0236.json b/2022/CVE-2022-0236.json deleted file mode 100644 index 1815a5c0dc..0000000000 --- a/2022/CVE-2022-0236.json +++ /dev/null @@ -1,64 +0,0 @@ -[ - { - "id": 448514056, - "name": "CVE-2022-0236", - "full_name": "qurbat\/CVE-2022-0236", - "owner": { - "login": "qurbat", - "id": 37518297, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37518297?v=4", - "html_url": "https:\/\/github.com\/qurbat" - }, - "html_url": "https:\/\/github.com\/qurbat\/CVE-2022-0236", - "description": "Proof of concept for unauthenticated sensitive data disclosure affecting the wp-import-export WordPress plugin (CVE-2022-0236)", - "fork": false, - "created_at": "2022-01-16T09:52:28Z", - "updated_at": "2023-01-28T03:56:57Z", - "pushed_at": "2022-01-18T17:14:53Z", - "stargazers_count": 3, - "watchers_count": 3, - "has_discussions": false, - "forks_count": 2, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [ - "wordpress-security" - ], - "visibility": "public", - "forks": 2, - "watchers": 3, - "score": 0, - "subscribers_count": 1 - }, - { - "id": 448893968, - "name": "CVE-2022-0236", - "full_name": "xiska62314\/CVE-2022-0236", - "owner": { - "login": "xiska62314", - "id": 97891523, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4", - "html_url": "https:\/\/github.com\/xiska62314" - }, - "html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-0236", - "description": "CVE-2022-0236", - "fork": false, - "created_at": "2022-01-17T12:56:19Z", - "updated_at": "2022-01-17T12:56:19Z", - "pushed_at": "2022-01-17T12:56:20Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - } -] \ No newline at end of file diff --git a/2022/CVE-2022-0337.json b/2022/CVE-2022-0337.json index 96e77d95a7..7a8e606781 100644 --- a/2022/CVE-2022-0337.json +++ b/2022/CVE-2022-0337.json @@ -18,7 +18,7 @@ "stargazers_count": 319, "watchers_count": 319, "has_discussions": false, - "forks_count": 39, + "forks_count": 38, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -40,7 +40,7 @@ "writeups" ], "visibility": "public", - "forks": 39, + "forks": 38, "watchers": 319, "score": 0, "subscribers_count": 6 diff --git a/2022/CVE-2022-0778.json b/2022/CVE-2022-0778.json index 5373c9bc6f..51566b3408 100644 --- a/2022/CVE-2022-0778.json +++ b/2022/CVE-2022-0778.json @@ -154,5 +154,35 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 689922616, + "name": "openssl-1.1.1g_CVE-2022-0778", + "full_name": "Trinadh465\/openssl-1.1.1g_CVE-2022-0778", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/openssl-1.1.1g_CVE-2022-0778", + "description": null, + "fork": false, + "created_at": "2023-09-11T07:30:33Z", + "updated_at": "2023-09-11T07:33:47Z", + "pushed_at": "2023-09-11T07:34:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0847.json b/2022/CVE-2022-0847.json index dc31cad0e0..fc82c82996 100644 --- a/2022/CVE-2022-0847.json +++ b/2022/CVE-2022-0847.json @@ -133,10 +133,10 @@ "description": "A root exploit for CVE-2022-0847 (Dirty Pipe)", "fork": false, "created_at": "2022-03-07T18:55:20Z", - "updated_at": "2023-08-30T11:38:43Z", + "updated_at": "2023-09-11T13:56:27Z", "pushed_at": "2022-03-08T06:20:05Z", - "stargazers_count": 1051, - "watchers_count": 1051, + "stargazers_count": 1052, + "watchers_count": 1052, "has_discussions": false, "forks_count": 221, "allow_forking": true, @@ -145,7 +145,7 @@ "topics": [], "visibility": "public", "forks": 221, - "watchers": 1051, + "watchers": 1052, "score": 0, "subscribers_count": 17 }, diff --git a/2022/CVE-2022-21660.json b/2022/CVE-2022-21660.json index 653ef529ba..69d302d40d 100644 --- a/2022/CVE-2022-21660.json +++ b/2022/CVE-2022-21660.json @@ -1,34 +1,4 @@ [ - { - "id": 446296593, - "name": "Gin-Vue-admin-poc-CVE-2022-21660", - "full_name": "UzJu\/Gin-Vue-admin-poc-CVE-2022-21660", - "owner": { - "login": "UzJu", - "id": 50813806, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813806?v=4", - "html_url": "https:\/\/github.com\/UzJu" - }, - "html_url": "https:\/\/github.com\/UzJu\/Gin-Vue-admin-poc-CVE-2022-21660", - "description": "CVE-2022-21660", - "fork": false, - "created_at": "2022-01-10T05:50:35Z", - "updated_at": "2023-08-04T05:22:54Z", - "pushed_at": "2022-01-10T05:52:03Z", - "stargazers_count": 25, - "watchers_count": 25, - "has_discussions": false, - "forks_count": 2, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 2, - "watchers": 25, - "score": 0, - "subscribers_count": 1 - }, { "id": 462232980, "name": "CVE-2022-21660", diff --git a/2022/CVE-2022-21882.json b/2022/CVE-2022-21882.json index 022a1da1b9..e0aa03fdd4 100644 --- a/2022/CVE-2022-21882.json +++ b/2022/CVE-2022-21882.json @@ -13,10 +13,10 @@ "description": "win32k LPE ", "fork": false, "created_at": "2022-01-27T03:44:10Z", - "updated_at": "2023-09-08T18:31:01Z", + "updated_at": "2023-09-11T13:56:33Z", "pushed_at": "2022-01-27T04:18:18Z", - "stargazers_count": 454, - "watchers_count": 454, + "stargazers_count": 455, + "watchers_count": 455, "has_discussions": false, "forks_count": 142, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 142, - "watchers": 454, + "watchers": 455, "score": 0, "subscribers_count": 14 }, diff --git a/2022/CVE-2022-21907.json b/2022/CVE-2022-21907.json index bdf9b57f54..eb363a53f1 100644 --- a/2022/CVE-2022-21907.json +++ b/2022/CVE-2022-21907.json @@ -79,66 +79,6 @@ "score": 0, "subscribers_count": 3 }, - { - "id": 448729790, - "name": "CVE-2022-21907", - "full_name": "ZZ-SOCMAP\/CVE-2022-21907", - "owner": { - "login": "ZZ-SOCMAP", - "id": 98105412, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", - "html_url": "https:\/\/github.com\/ZZ-SOCMAP" - }, - "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-21907", - "description": "HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907", - "fork": false, - "created_at": "2022-01-17T02:28:50Z", - "updated_at": "2023-08-27T20:45:32Z", - "pushed_at": "2022-01-20T02:07:59Z", - "stargazers_count": 367, - "watchers_count": 367, - "has_discussions": false, - "forks_count": 98, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 98, - "watchers": 367, - "score": 0, - "subscribers_count": 10 - }, - { - "id": 448909871, - "name": "CVE-2022-21907", - "full_name": "xiska62314\/CVE-2022-21907", - "owner": { - "login": "xiska62314", - "id": 97891523, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4", - "html_url": "https:\/\/github.com\/xiska62314" - }, - "html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-21907", - "description": "CVE-2022-21907", - "fork": false, - "created_at": "2022-01-17T13:42:44Z", - "updated_at": "2022-01-17T13:42:44Z", - "pushed_at": "2022-01-17T13:42:45Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - }, { "id": 448952968, "name": "CVE-2022-21907-http.sys", diff --git a/2022/CVE-2022-21999.json b/2022/CVE-2022-21999.json index 68a0ebbe56..d6fb6bb1be 100644 --- a/2022/CVE-2022-21999.json +++ b/2022/CVE-2022-21999.json @@ -13,10 +13,10 @@ "description": "Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)", "fork": false, "created_at": "2022-02-08T17:25:44Z", - "updated_at": "2023-09-06T03:22:13Z", + "updated_at": "2023-09-11T13:56:20Z", "pushed_at": "2022-02-09T16:54:09Z", - "stargazers_count": 720, - "watchers_count": 720, + "stargazers_count": 721, + "watchers_count": 721, "has_discussions": false, "forks_count": 155, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 155, - "watchers": 720, + "watchers": 721, "score": 0, "subscribers_count": 16 } diff --git a/2022/CVE-2022-22947.json b/2022/CVE-2022-22947.json index e16cf00579..a448725b03 100644 --- a/2022/CVE-2022-22947.json +++ b/2022/CVE-2022-22947.json @@ -1314,10 +1314,10 @@ "description": "Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 注入哥斯拉内存马", "fork": false, "created_at": "2022-05-16T15:27:41Z", - "updated_at": "2023-08-22T08:32:49Z", + "updated_at": "2023-09-11T08:26:16Z", "pushed_at": "2022-05-16T15:33:37Z", - "stargazers_count": 37, - "watchers_count": 37, + "stargazers_count": 38, + "watchers_count": 38, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -1326,7 +1326,7 @@ "topics": [], "visibility": "public", "forks": 8, - "watchers": 37, + "watchers": 38, "score": 0, "subscribers_count": 1 }, diff --git a/2022/CVE-2022-23222.json b/2022/CVE-2022-23222.json index 648af519b0..7e855c2d93 100644 --- a/2022/CVE-2022-23222.json +++ b/2022/CVE-2022-23222.json @@ -13,10 +13,10 @@ "description": "CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation", "fork": false, "created_at": "2022-06-07T03:20:23Z", - "updated_at": "2023-09-09T04:37:17Z", + "updated_at": "2023-09-11T13:56:39Z", "pushed_at": "2022-06-07T03:41:13Z", - "stargazers_count": 550, - "watchers_count": 550, + "stargazers_count": 551, + "watchers_count": 551, "has_discussions": false, "forks_count": 95, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 95, - "watchers": 550, + "watchers": 551, "score": 0, "subscribers_count": 7 }, diff --git a/2022/CVE-2022-24637.json b/2022/CVE-2022-24637.json index f0ca30ba9b..bde132a86e 100644 --- a/2022/CVE-2022-24637.json +++ b/2022/CVE-2022-24637.json @@ -142,13 +142,13 @@ "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, - "forks_count": 3, + "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 3, + "forks": 4, "watchers": 4, "score": 0, "subscribers_count": 1 diff --git a/2022/CVE-2022-25265.json b/2022/CVE-2022-25265.json index 7086b0438e..81da90fb88 100644 --- a/2022/CVE-2022-25265.json +++ b/2022/CVE-2022-25265.json @@ -13,10 +13,10 @@ "description": "Bypassing Linux Executable Space Protection using 20+ years old tools (CVE-2022-25265).", "fork": false, "created_at": "2022-02-16T12:42:24Z", - "updated_at": "2023-07-06T17:44:56Z", + "updated_at": "2023-09-11T10:20:27Z", "pushed_at": "2022-02-19T18:06:01Z", - "stargazers_count": 8, - "watchers_count": 8, + "stargazers_count": 9, + "watchers_count": 9, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -31,7 +31,7 @@ ], "visibility": "public", "forks": 1, - "watchers": 8, + "watchers": 9, "score": 0, "subscribers_count": 2 } diff --git a/2022/CVE-2022-26809.json b/2022/CVE-2022-26809.json index 0f6ed81a3e..38dafba23a 100644 --- a/2022/CVE-2022-26809.json +++ b/2022/CVE-2022-26809.json @@ -257,10 +257,10 @@ "description": "警惕 一种针对红队的新型溯源手段!", "fork": false, "created_at": "2022-07-27T15:48:19Z", - "updated_at": "2023-08-26T02:12:40Z", + "updated_at": "2023-09-11T07:55:14Z", "pushed_at": "2022-07-27T15:55:01Z", - "stargazers_count": 368, - "watchers_count": 368, + "stargazers_count": 369, + "watchers_count": 369, "has_discussions": false, "forks_count": 81, "allow_forking": true, @@ -269,7 +269,7 @@ "topics": [], "visibility": "public", "forks": 81, - "watchers": 368, + "watchers": 369, "score": 0, "subscribers_count": 2 }, diff --git a/2022/CVE-2022-30190.json b/2022/CVE-2022-30190.json index 68898e8694..77dcea8947 100644 --- a/2022/CVE-2022-30190.json +++ b/2022/CVE-2022-30190.json @@ -2184,7 +2184,7 @@ "fork": false, "created_at": "2022-09-15T16:12:57Z", "updated_at": "2023-08-29T16:29:42Z", - "pushed_at": "2023-08-29T16:30:22Z", + "pushed_at": "2023-09-11T10:21:06Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, diff --git a/2023/CVE-2023-0159.json b/2023/CVE-2023-0159.json new file mode 100644 index 0000000000..e40e2bfa73 --- /dev/null +++ b/2023/CVE-2023-0159.json @@ -0,0 +1,41 @@ +[ + { + "id": 690020929, + "name": "EVCer", + "full_name": "im-hanzou\/EVCer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/EVCer", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2023-0159 - Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated LFI", + "fork": false, + "created_at": "2023-09-11T11:36:35Z", + "updated_at": "2023-09-11T12:17:49Z", + "pushed_at": "2023-09-11T12:18:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "checker", + "cve-2023-0159", + "exploit", + "wordpress", + "wordpress-plugin", + "wpbakery" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0386.json b/2023/CVE-2023-0386.json index 0157f6cd9c..5c728545b7 100644 --- a/2023/CVE-2023-0386.json +++ b/2023/CVE-2023-0386.json @@ -73,10 +73,10 @@ "description": "CVE-2023-0386在ubuntu22.04上的提权", "fork": false, "created_at": "2023-05-05T03:02:13Z", - "updated_at": "2023-09-05T17:26:10Z", + "updated_at": "2023-09-11T10:45:08Z", "pushed_at": "2023-06-13T08:58:53Z", - "stargazers_count": 356, - "watchers_count": 356, + "stargazers_count": 357, + "watchers_count": 357, "has_discussions": false, "forks_count": 64, "allow_forking": true, @@ -85,7 +85,7 @@ "topics": [], "visibility": "public", "forks": 64, - "watchers": 356, + "watchers": 357, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-21768.json b/2023/CVE-2023-21768.json index d3a1455945..47fe3c4d9b 100644 --- a/2023/CVE-2023-21768.json +++ b/2023/CVE-2023-21768.json @@ -73,10 +73,10 @@ "description": "Using CVE-2023-21768 to manual map kernel mode driver ", "fork": false, "created_at": "2023-03-10T19:08:28Z", - "updated_at": "2023-09-06T23:15:37Z", + "updated_at": "2023-09-11T14:00:25Z", "pushed_at": "2023-03-10T20:16:53Z", - "stargazers_count": 137, - "watchers_count": 137, + "stargazers_count": 138, + "watchers_count": 138, "has_discussions": false, "forks_count": 40, "allow_forking": true, @@ -93,7 +93,7 @@ ], "visibility": "public", "forks": 40, - "watchers": 137, + "watchers": 138, "score": 0, "subscribers_count": 3 }, diff --git a/2023/CVE-2023-22960.json b/2023/CVE-2023-22960.json index b4cd06da95..5236a8f7bc 100644 --- a/2023/CVE-2023-22960.json +++ b/2023/CVE-2023-22960.json @@ -13,10 +13,10 @@ "description": "This vulnerability allows an attacker to bypass the credentials brute-force prevention mechanism of the Embedded Web Server (interface) of more than 60 Lexmark printer models. This issue affects both username-password and PIN authentication.", "fork": false, "created_at": "2023-01-24T08:33:19Z", - "updated_at": "2023-07-12T07:18:19Z", + "updated_at": "2023-09-11T09:07:16Z", "pushed_at": "2023-06-15T14:38:07Z", - "stargazers_count": 79, - "watchers_count": 79, + "stargazers_count": 80, + "watchers_count": 80, "has_discussions": false, "forks_count": 16, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 16, - "watchers": 79, + "watchers": 80, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-23397.json b/2023/CVE-2023-23397.json index e02dacdba0..8bcc769fec 100644 --- a/2023/CVE-2023-23397.json +++ b/2023/CVE-2023-23397.json @@ -413,10 +413,10 @@ "description": "Simple PoC of the CVE-2023-23397 vulnerability with the payload sent by email.", "fork": false, "created_at": "2023-03-20T16:31:54Z", - "updated_at": "2023-09-04T00:49:49Z", + "updated_at": "2023-09-11T07:52:20Z", "pushed_at": "2023-03-24T10:46:38Z", - "stargazers_count": 98, - "watchers_count": 98, + "stargazers_count": 99, + "watchers_count": 99, "has_discussions": false, "forks_count": 24, "allow_forking": true, @@ -427,7 +427,7 @@ ], "visibility": "public", "forks": 24, - "watchers": 98, + "watchers": 99, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-26818.json b/2023/CVE-2023-26818.json index 24459bf10a..27b5ff61cb 100644 --- a/2023/CVE-2023-26818.json +++ b/2023/CVE-2023-26818.json @@ -14,7 +14,7 @@ "fork": false, "created_at": "2023-08-30T12:40:50Z", "updated_at": "2023-09-02T06:01:23Z", - "pushed_at": "2023-08-30T12:50:02Z", + "pushed_at": "2023-09-11T12:51:06Z", "stargazers_count": 7, "watchers_count": 7, "has_discussions": false, diff --git a/2023/CVE-2023-27326.json b/2023/CVE-2023-27326.json index 2caed26281..4e0178603a 100644 --- a/2023/CVE-2023-27326.json +++ b/2023/CVE-2023-27326.json @@ -48,7 +48,7 @@ "stargazers_count": 37, "watchers_count": 37, "has_discussions": false, - "forks_count": 5, + "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -63,7 +63,7 @@ "vm-escape" ], "visibility": "public", - "forks": 5, + "forks": 6, "watchers": 37, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-27470.json b/2023/CVE-2023-27470.json new file mode 100644 index 0000000000..d1beb124f0 --- /dev/null +++ b/2023/CVE-2023-27470.json @@ -0,0 +1,32 @@ +[ + { + "id": 689935383, + "name": "CVE-2023-27470_Exercise", + "full_name": "3lp4tr0n\/CVE-2023-27470_Exercise", + "owner": { + "login": "3lp4tr0n", + "id": 32691065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32691065?v=4", + "html_url": "https:\/\/github.com\/3lp4tr0n" + }, + "html_url": "https:\/\/github.com\/3lp4tr0n\/CVE-2023-27470_Exercise", + "description": null, + "fork": false, + "created_at": "2023-09-11T08:04:08Z", + "updated_at": "2023-09-11T10:09:00Z", + "pushed_at": "2023-09-11T09:00:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27524.json b/2023/CVE-2023-27524.json index 21757d7f8b..a23e22d12e 100644 --- a/2023/CVE-2023-27524.json +++ b/2023/CVE-2023-27524.json @@ -227,10 +227,10 @@ "description": null, "fork": false, "created_at": "2023-09-08T06:15:00Z", - "updated_at": "2023-09-08T12:31:14Z", - "pushed_at": "2023-09-08T12:52:21Z", - "stargazers_count": 0, - "watchers_count": 0, + "updated_at": "2023-09-11T10:25:46Z", + "pushed_at": "2023-09-11T06:49:19Z", + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -239,7 +239,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-28229.json b/2023/CVE-2023-28229.json index 7f032ff9e7..d94e271c13 100644 --- a/2023/CVE-2023-28229.json +++ b/2023/CVE-2023-28229.json @@ -13,19 +13,19 @@ "description": null, "fork": false, "created_at": "2023-09-04T07:48:13Z", - "updated_at": "2023-09-11T06:19:35Z", + "updated_at": "2023-09-11T12:58:39Z", "pushed_at": "2023-09-04T07:51:58Z", - "stargazers_count": 64, - "watchers_count": 64, + "stargazers_count": 68, + "watchers_count": 68, "has_discussions": false, - "forks_count": 20, + "forks_count": 21, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 20, - "watchers": 64, + "forks": 21, + "watchers": 68, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-28434.json b/2023/CVE-2023-28434.json index 30c5a245d3..a5dbeb4d00 100644 --- a/2023/CVE-2023-28434.json +++ b/2023/CVE-2023-28434.json @@ -13,10 +13,10 @@ "description": "EXP for CVE-2023-28434 MinIO unauthorized to RCE", "fork": false, "created_at": "2023-03-27T08:53:04Z", - "updated_at": "2023-09-11T04:54:17Z", + "updated_at": "2023-09-11T06:50:41Z", "pushed_at": "2023-04-04T05:26:59Z", - "stargazers_count": 247, - "watchers_count": 247, + "stargazers_count": 248, + "watchers_count": 248, "has_discussions": false, "forks_count": 36, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 36, - "watchers": 247, + "watchers": 248, "score": 0, "subscribers_count": 3 } diff --git a/2023/CVE-2023-32233.json b/2023/CVE-2023-32233.json index ec4ec089b2..717a697184 100644 --- a/2023/CVE-2023-32233.json +++ b/2023/CVE-2023-32233.json @@ -43,10 +43,10 @@ "description": "CVE-2023-32233: Linux内核中的安全漏洞", "fork": false, "created_at": "2023-05-16T03:06:40Z", - "updated_at": "2023-09-11T03:01:31Z", + "updated_at": "2023-09-11T09:48:30Z", "pushed_at": "2023-05-16T04:34:16Z", - "stargazers_count": 323, - "watchers_count": 323, + "stargazers_count": 324, + "watchers_count": 324, "has_discussions": false, "forks_count": 71, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 71, - "watchers": 323, + "watchers": 324, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-34039.json b/2023/CVE-2023-34039.json index a6b435a50a..9c53b5d866 100644 --- a/2023/CVE-2023-34039.json +++ b/2023/CVE-2023-34039.json @@ -13,10 +13,10 @@ "description": "VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)", "fork": false, "created_at": "2023-09-01T16:17:10Z", - "updated_at": "2023-09-11T04:37:34Z", + "updated_at": "2023-09-11T11:09:58Z", "pushed_at": "2023-09-01T16:21:56Z", - "stargazers_count": 73, - "watchers_count": 73, + "stargazers_count": 74, + "watchers_count": 74, "has_discussions": false, "forks_count": 26, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 26, - "watchers": 73, + "watchers": 74, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-3460.json b/2023/CVE-2023-3460.json index d68390db47..7a72ede17d 100644 --- a/2023/CVE-2023-3460.json +++ b/2023/CVE-2023-3460.json @@ -13,10 +13,10 @@ "description": "Exploit for CVE-2023-3460. Unauthorized admin access for Ultimate Member plugin < v2.6.7", "fork": false, "created_at": "2023-07-05T13:44:50Z", - "updated_at": "2023-08-30T14:47:13Z", + "updated_at": "2023-09-11T11:46:20Z", "pushed_at": "2023-07-05T13:49:03Z", - "stargazers_count": 22, - "watchers_count": 22, + "stargazers_count": 23, + "watchers_count": 23, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 22, + "watchers": 23, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-36123.json b/2023/CVE-2023-36123.json index 67d23ea441..410d66a946 100644 --- a/2023/CVE-2023-36123.json +++ b/2023/CVE-2023-36123.json @@ -14,17 +14,17 @@ "fork": false, "created_at": "2023-09-06T14:29:18Z", "updated_at": "2023-09-06T14:58:04Z", - "pushed_at": "2023-09-06T14:47:00Z", + "pushed_at": "2023-09-11T11:44:38Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-36844.json b/2023/CVE-2023-36844.json index f23bfb8dd0..5bb9913d0d 100644 --- a/2023/CVE-2023-36844.json +++ b/2023/CVE-2023-36844.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2023-08-25T07:28:06Z", - "updated_at": "2023-09-09T04:28:35Z", + "updated_at": "2023-09-11T12:14:07Z", "pushed_at": "2023-08-25T09:38:05Z", - "stargazers_count": 80, - "watchers_count": 80, + "stargazers_count": 82, + "watchers_count": 82, "has_discussions": false, "forks_count": 18, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 18, - "watchers": 80, + "watchers": 82, "score": 0, "subscribers_count": 3 } diff --git a/2023/CVE-2023-36874.json b/2023/CVE-2023-36874.json index ce4a4f73a5..a3d5685f63 100644 --- a/2023/CVE-2023-36874.json +++ b/2023/CVE-2023-36874.json @@ -103,10 +103,10 @@ "description": "Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE", "fork": false, "created_at": "2023-08-24T22:24:34Z", - "updated_at": "2023-09-04T09:44:16Z", + "updated_at": "2023-09-11T11:34:01Z", "pushed_at": "2023-08-25T00:30:01Z", - "stargazers_count": 139, - "watchers_count": 139, + "stargazers_count": 140, + "watchers_count": 140, "has_discussions": false, "forks_count": 24, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 24, - "watchers": 139, + "watchers": 140, "score": 0, "subscribers_count": 3 } diff --git a/2023/CVE-2023-37941.json b/2023/CVE-2023-37941.json index b85b1b6223..0d03b7ef4b 100644 --- a/2023/CVE-2023-37941.json +++ b/2023/CVE-2023-37941.json @@ -18,13 +18,13 @@ "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, + "forks": 2, "watchers": 0, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-38831.json b/2023/CVE-2023-38831.json index 8765ad54d2..0049692c9b 100644 --- a/2023/CVE-2023-38831.json +++ b/2023/CVE-2023-38831.json @@ -43,10 +43,10 @@ "description": "CVE-2023-38831 winrar exploit generator", "fork": false, "created_at": "2023-08-25T09:44:08Z", - "updated_at": "2023-09-11T01:59:36Z", + "updated_at": "2023-09-11T10:49:50Z", "pushed_at": "2023-08-30T14:20:43Z", - "stargazers_count": 605, - "watchers_count": 605, + "stargazers_count": 607, + "watchers_count": 607, "has_discussions": false, "forks_count": 105, "allow_forking": true, @@ -59,7 +59,7 @@ ], "visibility": "public", "forks": 105, - "watchers": 605, + "watchers": 607, "score": 0, "subscribers_count": 6 }, @@ -107,10 +107,10 @@ "description": "一款用于生成winrar程序RCE(即cve-2023-38831)的POC的工具。", "fork": false, "created_at": "2023-08-27T14:08:36Z", - "updated_at": "2023-09-11T02:20:16Z", + "updated_at": "2023-09-11T12:25:25Z", "pushed_at": "2023-08-27T14:35:00Z", - "stargazers_count": 89, - "watchers_count": 89, + "stargazers_count": 90, + "watchers_count": 90, "has_discussions": false, "forks_count": 17, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 17, - "watchers": 89, + "watchers": 90, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-41080.json b/2023/CVE-2023-41080.json index d77f07de40..bddb7eb3dd 100644 --- a/2023/CVE-2023-41080.json +++ b/2023/CVE-2023-41080.json @@ -28,35 +28,5 @@ "watchers": 9, "score": 0, "subscribers_count": 1 - }, - { - "id": 687455380, - "name": "CVE-2023-41080", - "full_name": "thperchi\/CVE-2023-41080", - "owner": { - "login": "thperchi", - "id": 25300771, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25300771?v=4", - "html_url": "https:\/\/github.com\/thperchi" - }, - "html_url": "https:\/\/github.com\/thperchi\/CVE-2023-41080", - "description": null, - "fork": false, - "created_at": "2023-09-05T11:51:55Z", - "updated_at": "2023-09-05T11:51:55Z", - "pushed_at": "2023-09-05T11:51:55Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2023/CVE-2023-41362.json b/2023/CVE-2023-41362.json new file mode 100644 index 0000000000..947b7b4a25 --- /dev/null +++ b/2023/CVE-2023-41362.json @@ -0,0 +1,32 @@ +[ + { + "id": 689929838, + "name": "CVE-2023-41362_MyBB_ACP_RCE", + "full_name": "SorceryIE\/CVE-2023-41362_MyBB_ACP_RCE", + "owner": { + "login": "SorceryIE", + "id": 74211927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74211927?v=4", + "html_url": "https:\/\/github.com\/SorceryIE" + }, + "html_url": "https:\/\/github.com\/SorceryIE\/CVE-2023-41362_MyBB_ACP_RCE", + "description": null, + "fork": false, + "created_at": "2023-09-11T07:49:38Z", + "updated_at": "2023-09-11T10:19:51Z", + "pushed_at": "2023-09-11T10:19:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4350.json b/2023/CVE-2023-4350.json new file mode 100644 index 0000000000..76f8fb1c5a --- /dev/null +++ b/2023/CVE-2023-4350.json @@ -0,0 +1,32 @@ +[ + { + "id": 690091497, + "name": "cve-2023-4350", + "full_name": "0nyx-hkr\/cve-2023-4350", + "owner": { + "login": "0nyx-hkr", + "id": 76675355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76675355?v=4", + "html_url": "https:\/\/github.com\/0nyx-hkr" + }, + "html_url": "https:\/\/github.com\/0nyx-hkr\/cve-2023-4350", + "description": "creating an hack for that cve as a research and attack", + "fork": false, + "created_at": "2023-09-11T14:09:48Z", + "updated_at": "2023-09-11T14:11:23Z", + "pushed_at": "2023-09-11T14:11:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index ecb24b9568..b5dabf851e 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,13 @@ - [wh-gov/CVE-2023-0050](https://github.com/wh-gov/CVE-2023-0050) +### CVE-2023-0159 (2023-02-13) + +The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. + + +- [im-hanzou/EVCer](https://github.com/im-hanzou/EVCer) + ### CVE-2023-0179 (2023-03-27) A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. @@ -538,6 +545,13 @@ ### CVE-2023-4278 - [revan-ar/CVE-2023-4278](https://github.com/revan-ar/CVE-2023-4278) +### CVE-2023-4350 (2023-08-15) + +Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) + + +- [0nyx-hkr/cve-2023-4350](https://github.com/0nyx-hkr/cve-2023-4350) + ### CVE-2023-4460 - [daniloalbuqrque/poc-cve-xss-uploading-svg](https://github.com/daniloalbuqrque/poc-cve-xss-uploading-svg) @@ -1438,6 +1452,9 @@ - [Pari-Malam/CVE-2023-27372](https://github.com/Pari-Malam/CVE-2023-27372) - [redboltsec/CVE-2023-27372-PoC](https://github.com/redboltsec/CVE-2023-27372-PoC) +### CVE-2023-27470 +- [3lp4tr0n/CVE-2023-27470_Exercise](https://github.com/3lp4tr0n/CVE-2023-27470_Exercise) + ### CVE-2023-27524 (2023-04-24) Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config. @@ -3253,7 +3270,6 @@ - [shiomiyan/CVE-2023-41080](https://github.com/shiomiyan/CVE-2023-41080) -- [thperchi/CVE-2023-41080](https://github.com/thperchi/CVE-2023-41080) ### CVE-2023-41265 (2023-08-29) @@ -3262,6 +3278,13 @@ - [praetorian-inc/zeroqlik-detect](https://github.com/praetorian-inc/zeroqlik-detect) +### CVE-2023-41362 (2023-08-29) + +MyBB before 1.8.36 allows Code Injection by users with certain high privileges. Templates in Admin CP intentionally use eval, and there was some validation of the input to eval, but type juggling interfered with this when using PCRE within PHP. + + +- [SorceryIE/CVE-2023-41362_MyBB_ACP_RCE](https://github.com/SorceryIE/CVE-2023-41362_MyBB_ACP_RCE) + ### CVE-2023-41507 (2023-09-05) Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters. @@ -3341,14 +3364,6 @@ - [Haxatron/CVE-2022-0219](https://github.com/Haxatron/CVE-2022-0219) -### CVE-2022-0236 (2022-01-18) - -The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15. - - -- [qurbat/CVE-2022-0236](https://github.com/qurbat/CVE-2022-0236) -- [xiska62314/CVE-2022-0236](https://github.com/xiska62314/CVE-2022-0236) - ### CVE-2022-0265 (2022-03-03) Improper Restriction of XML External Entity Reference in GitHub repository hazelcast/hazelcast in 5.1-BETA-1. @@ -3505,6 +3520,7 @@ - [jkakavas/CVE-2022-0778-POC](https://github.com/jkakavas/CVE-2022-0778-POC) - [0xUhaw/CVE-2022-0778](https://github.com/0xUhaw/CVE-2022-0778) - [mrluc4s-sysadmin/PoC-CVE-2022-0778-](https://github.com/mrluc4s-sysadmin/PoC-CVE-2022-0778-) +- [Trinadh465/openssl-1.1.1g_CVE-2022-0778](https://github.com/Trinadh465/openssl-1.1.1g_CVE-2022-0778) ### CVE-2022-0811 (2022-03-16) @@ -4541,7 +4557,6 @@ Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no known workarounds. -- [UzJu/Gin-Vue-admin-poc-CVE-2022-21660](https://github.com/UzJu/Gin-Vue-admin-poc-CVE-2022-21660) - [UzJu/CVE-2022-21660](https://github.com/UzJu/CVE-2022-21660) ### CVE-2022-21661 (2022-01-06) @@ -4631,8 +4646,6 @@ - [corelight/cve-2022-21907](https://github.com/corelight/cve-2022-21907) - [mauricelambert/CVE-2022-21907](https://github.com/mauricelambert/CVE-2022-21907) -- [ZZ-SOCMAP/CVE-2022-21907](https://github.com/ZZ-SOCMAP/CVE-2022-21907) -- [xiska62314/CVE-2022-21907](https://github.com/xiska62314/CVE-2022-21907) - [p0dalirius/CVE-2022-21907-http.sys](https://github.com/p0dalirius/CVE-2022-21907-http.sys) - [michelep/CVE-2022-21907-Vulnerability-PoC](https://github.com/michelep/CVE-2022-21907-Vulnerability-PoC) - [polakow/CVE-2022-21907](https://github.com/polakow/CVE-2022-21907) @@ -11388,6 +11401,13 @@ - [numanturle/CVE-2021-23758-POC](https://github.com/numanturle/CVE-2021-23758-POC) +### CVE-2021-23840 (2021-02-16) + +Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). + + +- [Trinadh465/openssl-1.1.1g_CVE-2021-23840](https://github.com/Trinadh465/openssl-1.1.1g_CVE-2021-23840) + ### CVE-2021-23841 (2021-02-16) The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). @@ -16270,6 +16290,13 @@ - [cimashiro/-Awesome-CVE-2020-0601-](https://github.com/cimashiro/-Awesome-CVE-2020-0601-) - [tyj956413282/curveball-plus](https://github.com/tyj956413282/curveball-plus) +### CVE-2020-0606 (2020-01-14) + +A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0605. + + +- [5l1v3r1/CVE-2020-0606](https://github.com/5l1v3r1/CVE-2020-0606) + ### CVE-2020-0609 (2020-01-14) A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0610. @@ -16455,6 +16482,8 @@ - [Murasame-nc/CVE-2020-0796-LPE-POC](https://github.com/Murasame-nc/CVE-2020-0796-LPE-POC) - [F6JO/CVE-2020-0796-Batch-scanning](https://github.com/F6JO/CVE-2020-0796-Batch-scanning) - [lisinan988/CVE-2020-0796-exp](https://github.com/lisinan988/CVE-2020-0796-exp) +- [5l1v3r1/CVE-2020-0796-PoC-3](https://github.com/5l1v3r1/CVE-2020-0796-PoC-3) +- [5l1v3r1/SMBGhosts](https://github.com/5l1v3r1/SMBGhosts) - [vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-](https://github.com/vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-) - [arzuozkan/CVE-2020-0796](https://github.com/arzuozkan/CVE-2020-0796) - [SEHandler/CVE-2020-0796](https://github.com/SEHandler/CVE-2020-0796) @@ -16501,6 +16530,13 @@ - [skasanagottu57gmailv/gerhart01](https://github.com/skasanagottu57gmailv/gerhart01) - [MarcelloTinocor/gerhart01](https://github.com/MarcelloTinocor/gerhart01) +### CVE-2020-0910 (2020-04-15) + +A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. + + +- [kfmgang/CVE-2020-0910](https://github.com/kfmgang/CVE-2020-0910) + ### CVE-2020-0976 (2020-04-15) A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0977. @@ -16692,6 +16728,7 @@ - [JayP232/The_big_Zero](https://github.com/JayP232/The_big_Zero) - [b1ack0wl/CVE-2020-1472](https://github.com/b1ack0wl/CVE-2020-1472) - [SaharAttackit/CVE-2020-1472](https://github.com/SaharAttackit/CVE-2020-1472) +- [wrathfulDiety/zerologon](https://github.com/wrathfulDiety/zerologon) - [YossiSassi/ZeroLogon-Exploitation-Check](https://github.com/YossiSassi/ZeroLogon-Exploitation-Check) - [sho-luv/zerologon](https://github.com/sho-luv/zerologon) - [hell-moon/ZeroLogon-Exploit](https://github.com/hell-moon/ZeroLogon-Exploit) @@ -17186,6 +17223,13 @@ - [5l1v3r1/CVE-2020-5509](https://github.com/5l1v3r1/CVE-2020-5509) +### CVE-2020-5510 (2020-01-08) + +PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file. + + +- [5l1v3r1/CVE-2020-5510](https://github.com/5l1v3r1/CVE-2020-5510) + ### CVE-2020-5752 (2020-05-21) Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges. @@ -17564,6 +17608,7 @@ - [shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui](https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui) - [shacojx/GLiferay-CVE-2020-7961-golang](https://github.com/shacojx/GLiferay-CVE-2020-7961-golang) - [shacojx/POC-CVE-2020-7961-Token-iterate](https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate) +- [Udyz/CVE-2020-7961-Mass](https://github.com/Udyz/CVE-2020-7961-Mass) - [ShutdownRepo/CVE-2020-7961](https://github.com/ShutdownRepo/CVE-2020-7961) - [pashayogi/CVE-2020-7961-Mass](https://github.com/pashayogi/CVE-2020-7961-Mass) @@ -17612,6 +17657,7 @@ - [masahiro331/CVE-2020-8165](https://github.com/masahiro331/CVE-2020-8165) - [umiterkol/CVE-2020-8165--Auto-Shell](https://github.com/umiterkol/CVE-2020-8165--Auto-Shell) - [taipansec/CVE-2020-8165](https://github.com/taipansec/CVE-2020-8165) +- [hybryx/CVE-2020-8165](https://github.com/hybryx/CVE-2020-8165) - [AssassinUKG/CVE-2020-8165](https://github.com/AssassinUKG/CVE-2020-8165) - [progfay/CVE-2020-8165](https://github.com/progfay/CVE-2020-8165) - [danielklim/cve-2020-8165-demo](https://github.com/danielklim/cve-2020-8165-demo) @@ -18014,6 +18060,7 @@ - [osamahamad/CVE-2020-9484-Mass-Scan](https://github.com/osamahamad/CVE-2020-9484-Mass-Scan) - [anjai94/CVE-2020-9484-exploit](https://github.com/anjai94/CVE-2020-9484-exploit) - [PenTestical/CVE-2020-9484](https://github.com/PenTestical/CVE-2020-9484) +- [DanQMoo/CVE-2020-9484-Scanner](https://github.com/DanQMoo/CVE-2020-9484-Scanner) - [AssassinUKG/CVE-2020-9484](https://github.com/AssassinUKG/CVE-2020-9484) - [VICXOR/CVE-2020-9484](https://github.com/VICXOR/CVE-2020-9484) - [DXY0411/CVE-2020-9484](https://github.com/DXY0411/CVE-2020-9484) @@ -18155,6 +18202,8 @@ - [rdoix/CVE-2020-10148-Solarwinds-Orion](https://github.com/rdoix/CVE-2020-10148-Solarwinds-Orion) +- [Udyz/CVE-2020-10148-Solarwinds-Orion](https://github.com/Udyz/CVE-2020-10148-Solarwinds-Orion) +- [B1anda0/CVE-2020-10148](https://github.com/B1anda0/CVE-2020-10148) ### CVE-2020-10189 (2020-03-06) @@ -18560,6 +18609,13 @@ - [rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996](https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996) +### CVE-2020-12077 (2020-04-22) + +The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution. + + +- [RandomRobbieBF/CVE-2020-12077](https://github.com/RandomRobbieBF/CVE-2020-12077) + ### CVE-2020-12078 (2020-04-28) An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address. @@ -20018,6 +20074,13 @@ ### CVE-2020-25488 - [Ko-kn3t/CVE-2020-25488](https://github.com/Ko-kn3t/CVE-2020-25488) +### CVE-2020-25498 (2021-01-06) + +Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter. + + +- [the-girl-who-lived/CVE-2020-25498](https://github.com/the-girl-who-lived/CVE-2020-25498) + ### CVE-2020-25514 (2020-09-22) Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php. @@ -20565,6 +20628,13 @@ - [nanopathi/linux-4.19.72_CVE-2020-29370](https://github.com/nanopathi/linux-4.19.72_CVE-2020-29370) +### CVE-2020-29583 (2020-12-22) + +Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. + + +- [ruppde/scan_CVE-2020-29583](https://github.com/ruppde/scan_CVE-2020-29583) + ### CVE-2020-29599 (2020-12-07) ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c. @@ -20607,6 +20677,13 @@ - [megadimenex/MegaHiDocker](https://github.com/megadimenex/MegaHiDocker) +### CVE-2020-35262 (2021-01-06) + +Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter. + + +- [the-girl-who-lived/CVE-2020-35262](https://github.com/the-girl-who-lived/CVE-2020-35262) + ### CVE-2020-35314 (2021-04-20) A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code and obtain a webshell via the theme/plugin installer. @@ -20697,6 +20774,13 @@ - [Al1ex/CVE-2020-35713](https://github.com/Al1ex/CVE-2020-35713) +### CVE-2020-35717 (2021-01-01) + +zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true). + + +- [hmartos/cve-2020-35717](https://github.com/hmartos/cve-2020-35717) + ### CVE-2020-35728 (2020-12-26) FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl). @@ -33854,6 +33938,13 @@ ## 2010 +### CVE-2010-0232 (2010-01-21) + +The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability." + + +- [azorfus/CVE-2010-0232](https://github.com/azorfus/CVE-2010-0232) + ### CVE-2010-0426 (2010-02-24) sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory. @@ -34207,7 +34298,6 @@ - [g0tmi1k/debian-ssh](https://github.com/g0tmi1k/debian-ssh) - [avarx/vulnkeys](https://github.com/avarx/vulnkeys) -- [badkeys/debianopenssl](https://github.com/badkeys/debianopenssl) - [demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166](https://github.com/demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166) ### CVE-2008-0228 (2008-01-10)