mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2021/01/13 18:10:11

Browse source
This commit is contained in:
motikan2010-bot 2021-01-13 18:10:11 +09:00
parent e85985e5d9
commit d5c56e13e4
25 changed files with 180 additions and 119 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2003/CVE-2003-0264.json
View file

@ -128,8 +128,8 @@
"description": "Um exploit de buffer overflow para SLmail-5.5 pop3 service CVE-2003-0264 ",
"fork": false,
"created_at": "2021-01-02T03:30:54Z",
"updated_at": "2021-01-04T15:06:12Z",
"pushed_at": "2021-01-04T15:06:09Z",
"updated_at": "2021-01-13T03:52:12Z",
"pushed_at": "2021-01-13T03:52:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2015/CVE-2015-1805.json
View file

@ -36,13 +36,13 @@
"description": "CVE-2015-1805 root tool",
"fork": false,
"created_at": "2016-04-01T12:10:14Z",
"updated_at": "2020-12-17T10:05:19Z",
"updated_at": "2021-01-13T05:03:05Z",
"pushed_at": "2017-11-23T20:55:03Z",
"stargazers_count": 250,
"watchers_count": 250,
"stargazers_count": 251,
"watchers_count": 251,
"forks_count": 150,
"forks": 150,
"watchers": 250,
"watchers": 251,
"score": 0
},
{

8
2017/CVE-2017-10235.json
View file

@ -13,13 +13,13 @@
"description": "[CVE-2017-10235] Description and PoC of VirtualBox E1000 device Buffer Overflow",
"fork": false,
"created_at": "2017-09-25T20:42:47Z",
"updated_at": "2020-09-16T11:51:04Z",
"updated_at": "2021-01-13T07:48:08Z",
"pushed_at": "2018-01-15T19:26:45Z",
"stargazers_count": 26,
"watchers_count": 26,
"stargazers_count": 27,
"watchers_count": 27,
"forks_count": 4,
"forks": 4,
"watchers": 26,
"watchers": 27,
"score": 0
}
]

4
2017/CVE-2017-12615.json
View file

@ -243,8 +243,8 @@
"description": "CVE-2017-12615 任意文件写入exp写入webshell",
"fork": false,
"created_at": "2021-01-12T09:07:12Z",
"updated_at": "2021-01-12T09:20:00Z",
"pushed_at": "2021-01-12T09:19:44Z",
"updated_at": "2021-01-13T03:22:17Z",
"pushed_at": "2021-01-13T03:23:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

30
2018/CVE-2018-19320.json
View file

@ -1,25 +1,25 @@
[
{
"id": 255170065,
"id": 255308213,
"name": "CVE-2018-19320",
"full_name": "fdiskyou\/CVE-2018-19320",
"full_name": "ASkyeye\/CVE-2018-19320",
"owner": {
"login": "fdiskyou",
"id": 6840612,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6840612?v=4",
"html_url": "https:\/\/github.com\/fdiskyou"
"login": "ASkyeye",
"id": 50972716,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50972716?v=4",
"html_url": "https:\/\/github.com\/ASkyeye"
},
"html_url": "https:\/\/github.com\/fdiskyou\/CVE-2018-19320",
"html_url": "https:\/\/github.com\/ASkyeye\/CVE-2018-19320",
"description": "Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)",
"fork": false,
"created_at": "2020-04-12T21:06:26Z",
"updated_at": "2021-01-11T08:42:29Z",
"pushed_at": "2020-12-12T23:14:18Z",
"stargazers_count": 23,
"watchers_count": 23,
"forks_count": 11,
"forks": 11,
"watchers": 23,
"created_at": "2020-04-13T11:34:24Z",
"updated_at": "2021-01-13T08:35:04Z",
"pushed_at": "2020-04-12T21:11:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 10,
"forks": 10,
"watchers": 0,
"score": 0
}
]

8
2019/CVE-2019-1215.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2020-01-06T22:34:16Z",
"updated_at": "2020-12-16T07:06:01Z",
"updated_at": "2021-01-13T06:00:51Z",
"pushed_at": "2020-01-07T14:29:45Z",
"stargazers_count": 132,
"watchers_count": 132,
"stargazers_count": 133,
"watchers_count": 133,
"forks_count": 44,
"forks": 44,
"watchers": 132,
"watchers": 133,
"score": 0
}
]

8
2019/CVE-2019-12384.json
View file

@ -13,13 +13,13 @@
"description": "Jackson Rce For CVE-2019-12384 ",
"fork": false,
"created_at": "2019-07-24T07:12:14Z",
"updated_at": "2021-01-03T11:23:10Z",
"updated_at": "2021-01-13T04:37:53Z",
"pushed_at": "2019-07-24T07:31:42Z",
"stargazers_count": 77,
"watchers_count": 77,
"stargazers_count": 78,
"watchers_count": 78,
"forks_count": 16,
"forks": 16,
"watchers": 77,
"watchers": 78,
"score": 0
},
{

8
2019/CVE-2019-14540.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2019-14540 Exploit",
"fork": false,
"created_at": "2019-08-21T03:19:19Z",
"updated_at": "2020-10-12T16:46:28Z",
"updated_at": "2021-01-13T07:34:15Z",
"pushed_at": "2019-08-21T03:59:02Z",
"stargazers_count": 18,
"watchers_count": 18,
"stargazers_count": 19,
"watchers_count": 19,
"forks_count": 8,
"forks": 8,
"watchers": 18,
"watchers": 19,
"score": 0
}
]

12
2019/CVE-2019-17558.json
View file

@ -36,13 +36,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2021-01-13T02:27:44Z",
"updated_at": "2021-01-13T08:58:43Z",
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2258,
"watchers_count": 2258,
"forks_count": 638,
"forks": 638,
"watchers": 2258,
"stargazers_count": 2262,
"watchers_count": 2262,
"forks_count": 639,
"forks": 639,
"watchers": 2262,
"score": 0
},
{

8
2019/CVE-2019-2618.json
View file

@ -82,13 +82,13 @@
"description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618CVE-2019-2729检测Python3支持",
"fork": false,
"created_at": "2019-06-21T09:22:43Z",
"updated_at": "2021-01-08T03:19:21Z",
"updated_at": "2021-01-13T03:13:02Z",
"pushed_at": "2020-04-26T10:49:25Z",
"stargazers_count": 699,
"watchers_count": 699,
"stargazers_count": 700,
"watchers_count": 700,
"forks_count": 143,
"forks": 143,
"watchers": 699,
"watchers": 700,
"score": 0
},
{

4
2019/CVE-2019-7609.json
View file

@ -63,8 +63,8 @@
"pushed_at": "2019-10-23T07:10:35Z",
"stargazers_count": 105,
"watchers_count": 105,
"forks_count": 41,
"forks": 41,
"forks_count": 42,
"forks": 42,
"watchers": 105,
"score": 0
},

12
2020/CVE-2020-0069.json
View file

@ -82,13 +82,13 @@
"description": null,
"fork": false,
"created_at": "2020-03-24T13:10:39Z",
"updated_at": "2020-11-19T08:16:50Z",
"updated_at": "2021-01-13T08:36:00Z",
"pushed_at": "2020-03-24T13:19:34Z",
"stargazers_count": 72,
"watchers_count": 72,
"forks_count": 20,
"forks": 20,
"watchers": 72,
"stargazers_count": 73,
"watchers_count": 73,
"forks_count": 21,
"forks": 21,
"watchers": 73,
"score": 0
}
]

16
2020/CVE-2020-0796.json
View file

@ -109,8 +109,8 @@
"pushed_at": "2020-10-01T08:36:29Z",
"stargazers_count": 577,
"watchers_count": 577,
"forks_count": 190,
"forks": 190,
"forks_count": 191,
"forks": 191,
"watchers": 577,
"score": 0
},
@ -1025,13 +1025,13 @@
"description": null,
"fork": false,
"created_at": "2020-04-01T01:46:08Z",
"updated_at": "2021-01-10T23:17:44Z",
"updated_at": "2021-01-13T06:55:27Z",
"pushed_at": "2020-04-01T01:46:17Z",
"stargazers_count": 39,
"watchers_count": 39,
"forks_count": 11,
"forks": 11,
"watchers": 39,
"stargazers_count": 40,
"watchers_count": 40,
"forks_count": 12,
"forks": 12,
"watchers": 40,
"score": 0
},
{

34
2020/CVE-2020-14882.json
View file

@ -13,13 +13,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2021-01-13T02:27:44Z",
"updated_at": "2021-01-13T08:58:43Z",
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2258,
"watchers_count": 2258,
"forks_count": 638,
"forks": 638,
"watchers": 2258,
"stargazers_count": 2262,
"watchers_count": 2262,
"forks_count": 639,
"forks": 639,
"watchers": 2262,
"score": 0
},
{
@ -36,13 +36,13 @@
"description": "Vulmap - Web vulnerability scanning and verification tools支持扫描 activemq, flink, shiro, solr, struts2, tomcat, unomi, drupal, elasticsearch, nexus, weblogic, jboss, thinkphp并且具备漏洞利用功能。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883, S2-061, CVE-2020-13942, CVE-2020-17530, CVE-2020-17518, CVE-2020-17519",
"fork": false,
"created_at": "2020-10-09T06:34:36Z",
"updated_at": "2021-01-12T18:34:38Z",
"pushed_at": "2021-01-11T09:03:04Z",
"stargazers_count": 739,
"watchers_count": 739,
"forks_count": 129,
"forks": 129,
"watchers": 739,
"updated_at": "2021-01-13T08:27:55Z",
"pushed_at": "2021-01-13T05:02:09Z",
"stargazers_count": 741,
"watchers_count": 741,
"forks_count": 130,
"forks": 130,
"watchers": 741,
"score": 0
},
{
@ -59,13 +59,13 @@
"description": "CVE-202014882、CVE-202014883",
"fork": false,
"created_at": "2020-10-28T11:43:37Z",
"updated_at": "2021-01-12T18:34:58Z",
"updated_at": "2021-01-13T08:40:04Z",
"pushed_at": "2020-11-16T04:23:09Z",
"stargazers_count": 204,
"watchers_count": 204,
"stargazers_count": 206,
"watchers_count": 206,
"forks_count": 40,
"forks": 40,
"watchers": 204,
"watchers": 206,
"score": 0
},
{

25
2020/CVE-2020-15257.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 319257203,
"name": "abstractshimmer",
"full_name": "nccgroup\/abstractshimmer",
"owner": {
"login": "nccgroup",
"id": 4067082,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4067082?v=4",
"html_url": "https:\/\/github.com\/nccgroup"
},
"html_url": "https:\/\/github.com\/nccgroup\/abstractshimmer",
"description": "Proof of concept for CVE-2020-15257 in containerd.",
"fork": false,
"created_at": "2020-12-07T08:47:09Z",
"updated_at": "2021-01-13T07:45:02Z",
"pushed_at": "2021-01-12T09:46:50Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"forks": 1,
"watchers": 2,
"score": 0
}
]

8
2020/CVE-2020-15349.json
View file

@ -13,13 +13,13 @@
"description": "Vulnerability Description of CVE-2020-15349",
"fork": false,
"created_at": "2020-11-13T12:20:07Z",
"updated_at": "2020-11-18T21:30:40Z",
"updated_at": "2021-01-13T03:42:47Z",
"pushed_at": "2020-11-13T13:41:42Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 1,
"forks": 1,
"watchers": 7,
"watchers": 8,
"score": 0
}
]

8
2020/CVE-2020-17144.json
View file

@ -13,13 +13,13 @@
"description": "Exchange2010 authorized RCE",
"fork": false,
"created_at": "2020-12-09T10:30:16Z",
"updated_at": "2021-01-08T23:59:23Z",
"updated_at": "2021-01-13T07:44:14Z",
"pushed_at": "2020-12-24T08:11:51Z",
"stargazers_count": 121,
"watchers_count": 121,
"stargazers_count": 122,
"watchers_count": 122,
"forks_count": 33,
"forks": 33,
"watchers": 121,
"watchers": 122,
"score": 0
},
{

8
2020/CVE-2020-2551.json
View file

@ -174,13 +174,13 @@
"description": "CVE-2020-2551 POC to use in Internet",
"fork": false,
"created_at": "2020-05-24T02:56:12Z",
"updated_at": "2020-12-14T16:47:25Z",
"updated_at": "2021-01-13T09:07:37Z",
"pushed_at": "2020-05-26T06:58:10Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 13,
"watchers_count": 13,
"forks_count": 4,
"forks": 4,
"watchers": 14,
"watchers": 13,
"score": 0
}
]

8
2020/CVE-2020-29583.json
View file

@ -13,13 +13,13 @@
"description": "Scanner for Zyxel products which are potentially vulnerable due to an undocumented user account (CVE-2020-29583)",
"fork": false,
"created_at": "2021-01-04T00:56:55Z",
"updated_at": "2021-01-11T02:10:24Z",
"updated_at": "2021-01-13T08:42:27Z",
"pushed_at": "2021-01-04T22:55:37Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 2,
"forks": 2,
"watchers": 7,
"watchers": 8,
"score": 0
}
]

8
2020/CVE-2020-3452.json
View file

@ -312,13 +312,13 @@
"description": "CISCO CVE-2020-3452 Scanner & Exploiter",
"fork": false,
"created_at": "2021-01-05T14:41:13Z",
"updated_at": "2021-01-11T18:50:46Z",
"updated_at": "2021-01-13T06:42:44Z",
"pushed_at": "2021-01-10T09:14:08Z",
"stargazers_count": 49,
"watchers_count": 49,
"stargazers_count": 51,
"watchers_count": 51,
"forks_count": 13,
"forks": 13,
"watchers": 49,
"watchers": 51,
"score": 0
}
]

8
2020/CVE-2020-36179.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2020-36179~82 Jackson-databind SSRF&RCE",
"fork": false,
"created_at": "2021-01-10T06:47:49Z",
"updated_at": "2021-01-12T16:28:08Z",
"updated_at": "2021-01-13T07:53:08Z",
"pushed_at": "2021-01-10T06:48:53Z",
"stargazers_count": 43,
"watchers_count": 43,
"stargazers_count": 45,
"watchers_count": 45,
"forks_count": 7,
"forks": 7,
"watchers": 43,
"watchers": 45,
"score": 0
}
]

8
2020/CVE-2020-36184.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2020-36184 && Jackson-databind RCE",
"fork": false,
"created_at": "2021-01-11T06:22:25Z",
"updated_at": "2021-01-13T02:40:45Z",
"updated_at": "2021-01-13T08:37:04Z",
"pushed_at": "2021-01-11T06:22:44Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 11,
"watchers_count": 11,
"forks_count": 1,
"forks": 1,
"watchers": 8,
"watchers": 11,
"score": 0
}
]

16
2021/CVE-2021-3019.json
View file

@ -13,13 +13,13 @@
"description": "lanproxy 目录遍历漏洞批量检测 (CVE-2021-3019)",
"fork": false,
"created_at": "2021-01-09T07:11:38Z",
"updated_at": "2021-01-12T03:18:05Z",
"updated_at": "2021-01-13T08:35:47Z",
"pushed_at": "2021-01-09T07:14:26Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 2,
"forks": 2,
"watchers": 1,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 3,
"forks": 3,
"watchers": 2,
"score": 0
},
{
@ -36,8 +36,8 @@
"description": "CVE-2021-3019 lanproxy目录遍历任意文件读取漏洞探测POC",
"fork": false,
"created_at": "2021-01-11T04:18:44Z",
"updated_at": "2021-01-11T08:44:50Z",
"pushed_at": "2021-01-11T08:10:02Z",
"updated_at": "2021-01-13T07:29:03Z",
"pushed_at": "2021-01-13T07:29:01Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,

25
2021/CVE-2021-3131.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 329230328,
"name": "CVE-2021-3131",
"full_name": "jet-pentest\/CVE-2021-3131",
"owner": {
"login": "jet-pentest",
"id": 71512502,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/71512502?v=4",
"html_url": "https:\/\/github.com\/jet-pentest"
},
"html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-3131",
"description": "CVE-2021-3131",
"fork": false,
"created_at": "2021-01-13T07:41:25Z",
"updated_at": "2021-01-13T07:54:41Z",
"pushed_at": "2021-01-13T07:54:38Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

13
README.md
View file

@ -18,6 +18,9 @@ ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.properties
- [B1anda0/CVE-2021-3019](https://github.com/B1anda0/CVE-2021-3019)
- [FanqXu/CVE-2021-3019](https://github.com/FanqXu/CVE-2021-3019)
### CVE-2021-3131
- [jet-pentest/CVE-2021-3131](https://github.com/jet-pentest/CVE-2021-3131)
## 2020
### CVE-2020-0001 (2020-01-08)
@ -2689,6 +2692,14 @@ In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVari
- [guettli/fix-CVE-2020-15228](https://github.com/guettli/fix-CVE-2020-15228)
### CVE-2020-15257 (2020-11-30)
<code>
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shims API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective UID of 0 but otherwise reduced privileges, to cause new processes to be run with elevated privileges. This vulnerability has been fixed in containerd 1.3.9 and 1.4.3. Users should update to these versions as soon as they are released. It should be noted that containers started with an old version of containerd-shim should be stopped and restarted, as running containers will continue to be vulnerable even after an upgrade. If you are not providing the ability for untrusted users to start containers in the same network namespace as the shim (typically the &quot;host&quot; network namespace, for example with docker run --net=host or hostNetwork: true in a Kubernetes pod) and run with an effective UID of 0, you are not vulnerable to this issue. If you are running containers with a vulnerable configuration, you can deny access to all abstract sockets with AppArmor by adding a line similar to deny unix addr=@**, to your policy. It is best practice to run containers with a reduced set of privileges, with a non-zero UID, and with isolated namespaces. The containerd maintainers strongly advise against sharing namespaces with the host. Reducing the set of isolation mechanisms used for a container necessarily increases that container's privilege, regardless of what container runtime is used for running that container.
</code>
- [nccgroup/abstractshimmer](https://github.com/nccgroup/abstractshimmer)
### CVE-2020-15349 (2020-11-16)
<code>
@ -10186,7 +10197,7 @@ OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerab
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.
</code>
- [fdiskyou/CVE-2018-19320](https://github.com/fdiskyou/CVE-2018-19320)
- [ASkyeye/CVE-2018-19320](https://github.com/ASkyeye/CVE-2018-19320)
### CVE-2018-19466 (2019-03-27)