From da6348b99935cdb78bbffa830f9d5c33b848455d Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Thu, 2 Feb 2023 03:30:15 +0900 Subject: [PATCH] Auto Update 2023/02/01 18:30:15 --- 2015/CVE-2015-6639.json | 8 ++--- 2016/CVE-2016-0638.json | 8 ++--- 2016/CVE-2016-2431.json | 8 ++--- 2017/CVE-2017-3248.json | 8 ++--- 2018/CVE-2018-2628.json | 8 ++--- 2019/CVE-2019-0232.json | 8 ++--- 2019/CVE-2019-11358.json | 4 +-- 2019/CVE-2019-1652.json | 8 ++--- 2019/CVE-2019-2618.json | 8 ++--- 2019/CVE-2019-3980.json | 2 +- 2019/CVE-2019-9193.json | 29 ++++++++++++++++++ 2020/CVE-2020-0796.json | 16 +++++----- 2020/CVE-2020-1938.json | 8 ++--- 2020/CVE-2020-2551.json | 8 ++--- 2021/CVE-2021-3156.json | 8 ++--- 2021/CVE-2021-33044.json | 8 ++--- 2021/CVE-2021-4034.json | 16 +++++----- 2021/CVE-2021-41773.json | 12 ++++---- 2021/CVE-2021-42278.json | 2 +- 2021/CVE-2021-44228.json | 63 +++++++++++----------------------------- 2022/CVE-2022-0185.json | 8 ++--- 2022/CVE-2022-1329.json | 8 ++--- 2022/CVE-2022-21999.json | 8 ++--- 2022/CVE-2022-26485.json | 12 ++++---- 2022/CVE-2022-42046.json | 8 ++--- 2022/CVE-2022-46689.json | 8 ++--- 2023/CVE-2023-21752.json | 8 ++--- 2023/CVE-2023-23924.json | 31 ++++++++++++++++++++ 2023/CVE-2023-24055.json | 8 ++--- 2023/CVE-2023-24610.json | 10 +++---- README.md | 17 +++++++++-- 31 files changed, 205 insertions(+), 161 deletions(-) create mode 100644 2023/CVE-2023-23924.json diff --git a/2015/CVE-2015-6639.json b/2015/CVE-2015-6639.json index caa9bf6914..6260afd937 100644 --- a/2015/CVE-2015-6639.json +++ b/2015/CVE-2015-6639.json @@ -42,10 +42,10 @@ "description": "Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431", "fork": false, "created_at": "2016-06-30T11:56:44Z", - "updated_at": "2023-01-18T10:18:41Z", + "updated_at": "2023-02-01T12:50:25Z", "pushed_at": "2016-06-30T15:32:42Z", - "stargazers_count": 325, - "watchers_count": 325, + "stargazers_count": 326, + "watchers_count": 326, "has_discussions": false, "forks_count": 119, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 119, - "watchers": 325, + "watchers": 326, "score": 0 } ] \ No newline at end of file diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index 1de0b2c6b0..574f8fb8cb 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-02-01T06:25:31Z", + "updated_at": "2023-02-01T17:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1596, - "watchers_count": 1596, + "stargazers_count": 1597, + "watchers_count": 1597, "has_discussions": false, "forks_count": 317, "allow_forking": true, @@ -46,7 +46,7 @@ ], "visibility": "public", "forks": 317, - "watchers": 1596, + "watchers": 1597, "score": 0 }, { diff --git a/2016/CVE-2016-2431.json b/2016/CVE-2016-2431.json index b9c1562a69..1e44afde1f 100644 --- a/2016/CVE-2016-2431.json +++ b/2016/CVE-2016-2431.json @@ -42,10 +42,10 @@ "description": "Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431", "fork": false, "created_at": "2016-06-30T11:56:44Z", - "updated_at": "2023-01-18T10:18:41Z", + "updated_at": "2023-02-01T12:50:25Z", "pushed_at": "2016-06-30T15:32:42Z", - "stargazers_count": 325, - "watchers_count": 325, + "stargazers_count": 326, + "watchers_count": 326, "has_discussions": false, "forks_count": 119, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 119, - "watchers": 325, + "watchers": 326, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 62fbb49e6e..dd49f63c12 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -42,10 +42,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-02-01T06:25:31Z", + "updated_at": "2023-02-01T17:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1596, - "watchers_count": 1596, + "stargazers_count": 1597, + "watchers_count": 1597, "has_discussions": false, "forks_count": 317, "allow_forking": true, @@ -75,7 +75,7 @@ ], "visibility": "public", "forks": 317, - "watchers": 1596, + "watchers": 1597, "score": 0 }, { diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index 0cc914ac83..825b2ff6af 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -568,10 +568,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-02-01T06:25:31Z", + "updated_at": "2023-02-01T17:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1596, - "watchers_count": 1596, + "stargazers_count": 1597, + "watchers_count": 1597, "has_discussions": false, "forks_count": 317, "allow_forking": true, @@ -601,7 +601,7 @@ ], "visibility": "public", "forks": 317, - "watchers": 1596, + "watchers": 1597, "score": 0 }, { diff --git a/2019/CVE-2019-0232.json b/2019/CVE-2019-0232.json index 69dd895274..09e96db158 100644 --- a/2019/CVE-2019-0232.json +++ b/2019/CVE-2019-0232.json @@ -100,10 +100,10 @@ "description": "CVE-2019-0232-Remote Code Execution on Apache Tomcat 7.0.42", "fork": false, "created_at": "2019-11-21T14:25:39Z", - "updated_at": "2022-10-22T07:08:06Z", + "updated_at": "2023-02-01T15:56:37Z", "pushed_at": "2019-11-21T15:03:15Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 14, + "watchers_count": 14, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -112,7 +112,7 @@ "topics": [], "visibility": "public", "forks": 6, - "watchers": 15, + "watchers": 14, "score": 0 }, { diff --git a/2019/CVE-2019-11358.json b/2019/CVE-2019-11358.json index ea048639c1..e5a98ca231 100644 --- a/2019/CVE-2019-11358.json +++ b/2019/CVE-2019-11358.json @@ -84,13 +84,13 @@ "stargazers_count": 45, "watchers_count": 45, "has_discussions": false, - "forks_count": 33, + "forks_count": 34, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 33, + "forks": 34, "watchers": 45, "score": 0 }, diff --git a/2019/CVE-2019-1652.json b/2019/CVE-2019-1652.json index f85548ea26..51591ac5d5 100644 --- a/2019/CVE-2019-1652.json +++ b/2019/CVE-2019-1652.json @@ -13,10 +13,10 @@ "description": "CVE-2019-1652 \/CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!", "fork": false, "created_at": "2019-01-24T10:12:44Z", - "updated_at": "2022-12-01T04:58:56Z", + "updated_at": "2023-02-01T13:09:44Z", "pushed_at": "2019-02-08T12:38:05Z", - "stargazers_count": 223, - "watchers_count": 223, + "stargazers_count": 224, + "watchers_count": 224, "has_discussions": false, "forks_count": 70, "allow_forking": true, @@ -30,7 +30,7 @@ ], "visibility": "public", "forks": 70, - "watchers": 223, + "watchers": 224, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index ed763d826d..fbe689bb4a 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -187,10 +187,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-02-01T06:25:31Z", + "updated_at": "2023-02-01T17:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1596, - "watchers_count": 1596, + "stargazers_count": 1597, + "watchers_count": 1597, "has_discussions": false, "forks_count": 317, "allow_forking": true, @@ -220,7 +220,7 @@ ], "visibility": "public", "forks": 317, - "watchers": 1596, + "watchers": 1597, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-3980.json b/2019/CVE-2019-3980.json index 3b43f6c937..e43edf5640 100644 --- a/2019/CVE-2019-3980.json +++ b/2019/CVE-2019-3980.json @@ -13,7 +13,7 @@ "description": null, "fork": false, "created_at": "2020-08-03T14:12:56Z", - "updated_at": "2022-11-09T18:08:51Z", + "updated_at": "2023-02-01T14:48:32Z", "pushed_at": "2020-12-12T03:41:43Z", "stargazers_count": 17, "watchers_count": 17, diff --git a/2019/CVE-2019-9193.json b/2019/CVE-2019-9193.json index 81333b76e1..c06441a7d1 100644 --- a/2019/CVE-2019-9193.json +++ b/2019/CVE-2019-9193.json @@ -93,5 +93,34 @@ "forks": 0, "watchers": 0, "score": 0 + }, + { + "id": 596184870, + "name": "CVE-2019-9193", + "full_name": "paulotrindadec\/CVE-2019-9193", + "owner": { + "login": "paulotrindadec", + "id": 94475244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94475244?v=4", + "html_url": "https:\/\/github.com\/paulotrindadec" + }, + "html_url": "https:\/\/github.com\/paulotrindadec\/CVE-2019-9193", + "description": null, + "fork": false, + "created_at": "2023-02-01T16:41:15Z", + "updated_at": "2023-02-01T17:04:55Z", + "pushed_at": "2023-02-01T17:04:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 4e8662d8c6..297a3a056b 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -826,10 +826,10 @@ "description": "Lightweight PoC and Scanner for CVE-2020-0796 without authentication.", "fork": false, "created_at": "2020-03-16T00:47:41Z", - "updated_at": "2022-08-13T15:50:53Z", + "updated_at": "2023-02-01T12:50:55Z", "pushed_at": "2022-08-13T15:50:50Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -838,7 +838,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 2, + "watchers": 3, "score": 0 }, { @@ -1032,10 +1032,10 @@ "description": "CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost", "fork": false, "created_at": "2020-03-30T11:42:56Z", - "updated_at": "2023-01-25T19:37:26Z", + "updated_at": "2023-02-01T15:58:58Z", "pushed_at": "2020-12-07T20:04:27Z", - "stargazers_count": 1227, - "watchers_count": 1227, + "stargazers_count": 1228, + "watchers_count": 1228, "has_discussions": false, "forks_count": 371, "allow_forking": true, @@ -1050,7 +1050,7 @@ ], "visibility": "public", "forks": 371, - "watchers": 1227, + "watchers": 1228, "score": 0 }, { diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 7b810de7b1..fac6271138 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2020-02-20T17:00:02Z", - "updated_at": "2023-01-28T03:15:55Z", + "updated_at": "2023-02-01T16:58:07Z", "pushed_at": "2020-03-02T20:25:35Z", - "stargazers_count": 44, - "watchers_count": 44, + "stargazers_count": 45, + "watchers_count": 45, "has_discussions": false, "forks_count": 36, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 36, - "watchers": 44, + "watchers": 45, "score": 0 }, { diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 5b5511e6c1..32d8ba1472 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-02-01T06:25:31Z", + "updated_at": "2023-02-01T17:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1596, - "watchers_count": 1596, + "stargazers_count": 1597, + "watchers_count": 1597, "has_discussions": false, "forks_count": 317, "allow_forking": true, @@ -46,7 +46,7 @@ ], "visibility": "public", "forks": 317, - "watchers": 1596, + "watchers": 1597, "score": 0 }, { diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index 8f4ed68c5d..77f9068d35 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -1039,10 +1039,10 @@ "description": "Sudo Baron Samedit Exploit", "fork": false, "created_at": "2021-03-15T17:37:02Z", - "updated_at": "2023-01-29T09:32:47Z", + "updated_at": "2023-02-01T15:18:17Z", "pushed_at": "2022-01-13T05:48:01Z", - "stargazers_count": 563, - "watchers_count": 563, + "stargazers_count": 564, + "watchers_count": 564, "has_discussions": false, "forks_count": 154, "allow_forking": true, @@ -1051,7 +1051,7 @@ "topics": [], "visibility": "public", "forks": 154, - "watchers": 563, + "watchers": 564, "score": 0 }, { diff --git a/2021/CVE-2021-33044.json b/2021/CVE-2021-33044.json index 43e23db0e1..0f559ed839 100644 --- a/2021/CVE-2021-33044.json +++ b/2021/CVE-2021-33044.json @@ -13,10 +13,10 @@ "description": "Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.", "fork": false, "created_at": "2021-10-11T22:08:47Z", - "updated_at": "2023-01-30T00:06:06Z", + "updated_at": "2023-02-01T15:17:22Z", "pushed_at": "2021-10-13T22:32:36Z", - "stargazers_count": 73, - "watchers_count": 73, + "stargazers_count": 74, + "watchers_count": 74, "has_discussions": false, "forks_count": 22, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 22, - "watchers": 73, + "watchers": 74, "score": 0 }, { diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index 11ef721823..2b4c7842a6 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -164,10 +164,10 @@ "description": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)", "fork": false, "created_at": "2022-01-26T00:56:36Z", - "updated_at": "2023-01-29T10:59:38Z", + "updated_at": "2023-02-01T15:04:02Z", "pushed_at": "2022-02-12T05:22:58Z", - "stargazers_count": 942, - "watchers_count": 942, + "stargazers_count": 941, + "watchers_count": 941, "has_discussions": false, "forks_count": 311, "allow_forking": true, @@ -180,7 +180,7 @@ ], "visibility": "public", "forks": 311, - "watchers": 942, + "watchers": 941, "score": 0 }, { @@ -908,10 +908,10 @@ "description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation", "fork": false, "created_at": "2022-01-26T14:26:10Z", - "updated_at": "2023-02-01T06:32:55Z", + "updated_at": "2023-02-01T17:23:48Z", "pushed_at": "2022-06-21T14:52:05Z", - "stargazers_count": 728, - "watchers_count": 728, + "stargazers_count": 729, + "watchers_count": 729, "has_discussions": false, "forks_count": 149, "allow_forking": true, @@ -922,7 +922,7 @@ ], "visibility": "public", "forks": 149, - "watchers": 728, + "watchers": 729, "score": 0 }, { diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json index f4a71b9a6c..d3ca47b875 100644 --- a/2021/CVE-2021-41773.json +++ b/2021/CVE-2021-41773.json @@ -2403,12 +2403,12 @@ "description": "Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773", "fork": false, "created_at": "2022-03-12T21:24:55Z", - "updated_at": "2022-11-21T15:34:17Z", + "updated_at": "2023-02-01T17:55:10Z", "pushed_at": "2022-03-12T21:30:58Z", - "stargazers_count": 58, - "watchers_count": 58, + "stargazers_count": 59, + "watchers_count": 59, "has_discussions": false, - "forks_count": 25, + "forks_count": 26, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -2423,8 +2423,8 @@ "thehackersbrain" ], "visibility": "public", - "forks": 25, - "watchers": 58, + "forks": 26, + "watchers": 59, "score": 0 }, { diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json index cd02678ea8..2188d992d0 100644 --- a/2021/CVE-2021-42278.json +++ b/2021/CVE-2021-42278.json @@ -13,7 +13,7 @@ "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", "fork": false, "created_at": "2021-12-11T15:10:30Z", - "updated_at": "2023-01-27T09:27:33Z", + "updated_at": "2023-02-01T15:04:02Z", "pushed_at": "2022-07-10T22:23:13Z", "stargazers_count": 875, "watchers_count": 875, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index be98c6814c..88b02f2abb 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -909,10 +909,10 @@ "description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ", "fork": false, "created_at": "2021-12-10T23:19:28Z", - "updated_at": "2023-01-30T15:47:27Z", + "updated_at": "2023-02-01T17:54:05Z", "pushed_at": "2022-09-21T07:49:03Z", - "stargazers_count": 1530, - "watchers_count": 1530, + "stargazers_count": 1531, + "watchers_count": 1531, "has_discussions": false, "forks_count": 439, "allow_forking": true, @@ -926,7 +926,7 @@ ], "visibility": "public", "forks": 439, - "watchers": 1530, + "watchers": 1531, "score": 0 }, { @@ -3614,10 +3614,10 @@ "description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ", "fork": false, "created_at": "2021-12-13T03:57:50Z", - "updated_at": "2023-02-01T09:39:31Z", + "updated_at": "2023-02-01T17:53:52Z", "pushed_at": "2022-11-23T18:23:24Z", - "stargazers_count": 3181, - "watchers_count": 3181, + "stargazers_count": 3183, + "watchers_count": 3183, "has_discussions": true, "forks_count": 743, "allow_forking": true, @@ -3626,7 +3626,7 @@ "topics": [], "visibility": "public", "forks": 743, - "watchers": 3181, + "watchers": 3183, "score": 0 }, { @@ -4873,10 +4873,10 @@ "description": "Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)", "fork": false, "created_at": "2021-12-13T20:17:14Z", - "updated_at": "2023-01-02T23:31:28Z", + "updated_at": "2023-02-01T17:52:24Z", "pushed_at": "2021-12-17T17:23:57Z", - "stargazers_count": 55, - "watchers_count": 55, + "stargazers_count": 56, + "watchers_count": 56, "has_discussions": false, "forks_count": 20, "allow_forking": true, @@ -4892,7 +4892,7 @@ ], "visibility": "public", "forks": 20, - "watchers": 55, + "watchers": 56, "score": 0 }, { @@ -10726,35 +10726,6 @@ "watchers": 0, "score": 0 }, - { - "id": 450053162, - "name": "CVE-2021-44228-ScannersListFromRF", - "full_name": "semelnyk\/CVE-2021-44228-ScannersListFromRF", - "owner": { - "login": "semelnyk", - "id": 97104452, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97104452?v=4", - "html_url": "https:\/\/github.com\/semelnyk" - }, - "html_url": "https:\/\/github.com\/semelnyk\/CVE-2021-44228-ScannersListFromRF", - "description": null, - "fork": false, - "created_at": "2022-01-20T10:34:48Z", - "updated_at": "2022-01-20T10:54:00Z", - "pushed_at": "2022-01-20T10:53:58Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 452823928, "name": "log4j-polkit-poc", @@ -10857,7 +10828,7 @@ "fork": false, "created_at": "2022-02-12T11:19:41Z", "updated_at": "2023-01-15T08:28:51Z", - "pushed_at": "2023-01-25T16:47:11Z", + "pushed_at": "2023-02-01T12:33:29Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, @@ -11729,10 +11700,10 @@ "description": "Vulnerability CVE-2021-44228 allows remote code execution without authentication for several versions of Apache Log4j2 (Log4Shell). Attackers can exploit vulnerable servers by connecting over any protocol, such as HTTPS, and sending a specially crafted string.", "fork": false, "created_at": "2023-01-31T20:29:26Z", - "updated_at": "2023-01-31T22:06:36Z", + "updated_at": "2023-02-01T13:28:11Z", "pushed_at": "2023-01-31T20:35:59Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -11755,7 +11726,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0185.json b/2022/CVE-2022-0185.json index 8402481029..98e5f79150 100644 --- a/2022/CVE-2022-0185.json +++ b/2022/CVE-2022-0185.json @@ -13,10 +13,10 @@ "description": "CVE-2022-0185", "fork": false, "created_at": "2022-01-19T06:19:38Z", - "updated_at": "2023-01-31T18:40:57Z", + "updated_at": "2023-02-01T17:14:00Z", "pushed_at": "2022-04-25T04:11:33Z", - "stargazers_count": 352, - "watchers_count": 352, + "stargazers_count": 351, + "watchers_count": 351, "has_discussions": false, "forks_count": 55, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 55, - "watchers": 352, + "watchers": 351, "score": 0 }, { diff --git a/2022/CVE-2022-1329.json b/2022/CVE-2022-1329.json index 1c6f8c9250..3576af04cd 100644 --- a/2022/CVE-2022-1329.json +++ b/2022/CVE-2022-1329.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2022-04-15T19:37:35Z", - "updated_at": "2022-12-22T10:20:41Z", + "updated_at": "2023-02-01T16:02:14Z", "pushed_at": "2022-04-22T17:55:37Z", - "stargazers_count": 14, - "watchers_count": 14, + "stargazers_count": 15, + "watchers_count": 15, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 14, + "watchers": 15, "score": 0 }, { diff --git a/2022/CVE-2022-21999.json b/2022/CVE-2022-21999.json index 6f3b73c671..c67d00107a 100644 --- a/2022/CVE-2022-21999.json +++ b/2022/CVE-2022-21999.json @@ -13,10 +13,10 @@ "description": "Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)", "fork": false, "created_at": "2022-02-08T17:25:44Z", - "updated_at": "2023-01-30T14:18:47Z", + "updated_at": "2023-02-01T15:04:02Z", "pushed_at": "2022-02-09T16:54:09Z", - "stargazers_count": 686, - "watchers_count": 686, + "stargazers_count": 685, + "watchers_count": 685, "has_discussions": false, "forks_count": 145, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 145, - "watchers": 686, + "watchers": 685, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26485.json b/2022/CVE-2022-26485.json index 865ee85b69..b7f5911ca9 100644 --- a/2022/CVE-2022-26485.json +++ b/2022/CVE-2022-26485.json @@ -13,19 +13,19 @@ "description": null, "fork": false, "created_at": "2023-01-31T09:01:17Z", - "updated_at": "2023-02-01T11:36:41Z", + "updated_at": "2023-02-01T17:43:06Z", "pushed_at": "2023-01-31T09:10:21Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, - "forks_count": 5, + "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 5, - "watchers": 7, + "forks": 6, + "watchers": 8, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-42046.json b/2022/CVE-2022-42046.json index 17c4b0b308..e79dd34209 100644 --- a/2022/CVE-2022-42046.json +++ b/2022/CVE-2022-42046.json @@ -13,10 +13,10 @@ "description": "CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM", "fork": false, "created_at": "2022-08-17T16:45:13Z", - "updated_at": "2023-02-01T11:41:19Z", + "updated_at": "2023-02-01T16:43:31Z", "pushed_at": "2022-12-24T10:29:08Z", - "stargazers_count": 138, - "watchers_count": 138, + "stargazers_count": 141, + "watchers_count": 141, "has_discussions": true, "forks_count": 22, "allow_forking": true, @@ -27,7 +27,7 @@ ], "visibility": "public", "forks": 22, - "watchers": 138, + "watchers": 141, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index 4c7be582a3..a423a9fbba 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -71,10 +71,10 @@ "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", "fork": false, "created_at": "2022-12-26T06:56:35Z", - "updated_at": "2023-02-01T07:31:49Z", + "updated_at": "2023-02-01T14:41:03Z", "pushed_at": "2023-01-30T10:51:18Z", - "stargazers_count": 660, - "watchers_count": 660, + "stargazers_count": 663, + "watchers_count": 663, "has_discussions": false, "forks_count": 46, "allow_forking": true, @@ -83,7 +83,7 @@ "topics": [], "visibility": "public", "forks": 46, - "watchers": 660, + "watchers": 663, "score": 0 }, { diff --git a/2023/CVE-2023-21752.json b/2023/CVE-2023-21752.json index a20b052b66..fe3d8592c9 100644 --- a/2023/CVE-2023-21752.json +++ b/2023/CVE-2023-21752.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2023-01-10T15:59:26Z", - "updated_at": "2023-02-01T09:45:37Z", + "updated_at": "2023-02-01T16:26:01Z", "pushed_at": "2023-01-13T09:01:20Z", - "stargazers_count": 230, - "watchers_count": 230, + "stargazers_count": 231, + "watchers_count": 231, "has_discussions": false, "forks_count": 48, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 48, - "watchers": 230, + "watchers": 231, "score": 0 } ] \ No newline at end of file diff --git a/2023/CVE-2023-23924.json b/2023/CVE-2023-23924.json new file mode 100644 index 0000000000..f7b6028744 --- /dev/null +++ b/2023/CVE-2023-23924.json @@ -0,0 +1,31 @@ +[ + { + "id": 596224234, + "name": "CVE-2023-23924", + "full_name": "motikan2010\/CVE-2023-23924", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2023-23924", + "description": "CVE-2023-23924 PoC", + "fork": false, + "created_at": "2023-02-01T18:21:23Z", + "updated_at": "2023-02-01T18:24:51Z", + "pushed_at": "2023-02-01T18:22:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24055.json b/2023/CVE-2023-24055.json index 559f78a6d8..d9f5534dd7 100644 --- a/2023/CVE-2023-24055.json +++ b/2023/CVE-2023-24055.json @@ -42,10 +42,10 @@ "description": "CVE-2023-24055 PoC (KeePass 2.5x)", "fork": false, "created_at": "2023-01-25T03:21:42Z", - "updated_at": "2023-02-01T12:08:32Z", + "updated_at": "2023-02-01T17:49:24Z", "pushed_at": "2023-01-25T06:29:15Z", - "stargazers_count": 162, - "watchers_count": 162, + "stargazers_count": 171, + "watchers_count": 171, "has_discussions": false, "forks_count": 26, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 26, - "watchers": 162, + "watchers": 171, "score": 0 }, { diff --git a/2023/CVE-2023-24610.json b/2023/CVE-2023-24610.json index 5b4ee05488..779bebb971 100644 --- a/2023/CVE-2023-24610.json +++ b/2023/CVE-2023-24610.json @@ -13,10 +13,10 @@ "description": "This is a proof of concept for CVE-2023-24610", "fork": false, "created_at": "2023-01-30T21:33:46Z", - "updated_at": "2023-01-30T21:33:46Z", - "pushed_at": "2023-01-30T21:34:34Z", - "stargazers_count": 0, - "watchers_count": 0, + "updated_at": "2023-02-01T17:24:10Z", + "pushed_at": "2023-02-01T16:02:35Z", + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index 5f8c7a19c3..b028484efc 100644 --- a/README.md +++ b/README.md @@ -61,6 +61,14 @@ The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an - [r3nt0n/CVE-2023-23488-PoC](https://github.com/r3nt0n/CVE-2023-23488-PoC) +### CVE-2023-23924 (2023-01-31) + + +Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing `<image>` tags with uppercase letters. This may lead to arbitrary object unserialize on PHP < 8, through the `phar` URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with arbitrary protocols, if they can provide a SVG file to dompdf. In PHP versions before 8.0.0, it leads to arbitrary unserialize, that will lead to the very least to an arbitrary file deletion and even remote code execution, depending on classes that are available. + + +- [motikan2010/CVE-2023-23924](https://github.com/motikan2010/CVE-2023-23924) + ### CVE-2023-24055 (2023-01-21) @@ -72,7 +80,12 @@ The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an - [Cyb3rtus/keepass_CVE-2023-24055_yara_rule](https://github.com/Cyb3rtus/keepass_CVE-2023-24055_yara_rule) - [julesbozouklian/PoC_CVE-2023-24055](https://github.com/julesbozouklian/PoC_CVE-2023-24055) -### CVE-2023-24610 +### CVE-2023-24610 (2023-02-01) + + +NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks can be bypassed. This may allow attackers to steal Protected Health Information because the product is for health charting. + + - [abbisQQ/CVE-2023-24610](https://github.com/abbisQQ/CVE-2023-24610) @@ -11555,7 +11568,6 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - [arnaudluti/PS-CVE-2021-44228](https://github.com/arnaudluti/PS-CVE-2021-44228) - [ColdFusionX/CVE-2021-44228-Log4Shell-POC](https://github.com/ColdFusionX/CVE-2021-44228-Log4Shell-POC) - [robrankin/cve-2021-44228-waf-tests](https://github.com/robrankin/cve-2021-44228-waf-tests) -- [semelnyk/CVE-2021-44228-ScannersListFromRF](https://github.com/semelnyk/CVE-2021-44228-ScannersListFromRF) - [0xalwayslucky/log4j-polkit-poc](https://github.com/0xalwayslucky/log4j-polkit-poc) - [y-security/yLog4j](https://github.com/y-security/yLog4j) - [FeryaelJustice/Log4Shell](https://github.com/FeryaelJustice/Log4Shell) @@ -19155,6 +19167,7 @@ SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! a - [wkjung0624/cve-2019-9193](https://github.com/wkjung0624/cve-2019-9193) - [b4keSn4ke/CVE-2019-9193](https://github.com/b4keSn4ke/CVE-2019-9193) - [chromanite/CVE-2019-9193-PostgreSQL-9.3-11.7](https://github.com/chromanite/CVE-2019-9193-PostgreSQL-9.3-11.7) +- [paulotrindadec/CVE-2019-9193](https://github.com/paulotrindadec/CVE-2019-9193) ### CVE-2019-9194 (2019-02-26)