From e6084c06d43a17f37a85b6a8141471e3b84e1cc0 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Wed, 10 Jan 2024 21:48:30 +0900 Subject: [PATCH] Auto Update 2024/01/10 12:48:30 --- 2007/CVE-2007-2447.json | 90 ++++++++++++++++++++++++++++++++++++++ 2007/CVE-2007-3831.json | 32 ++++++++++++++ 2014/CVE-2014-4210.json | 8 ++-- 2016/CVE-2016-0189.json | 8 ++-- 2016/CVE-2016-0638.json | 8 ++-- 2017/CVE-2017-1000353.json | 4 +- 2017/CVE-2017-3248.json | 8 ++-- 2017/CVE-2017-7494.json | 4 +- 2017/CVE-2017-7529.json | 8 ++-- 2018/CVE-2018-17240.json | 2 +- 2018/CVE-2018-2628.json | 8 ++-- 2019/CVE-2019-14234.json | 8 ++-- 2019/CVE-2019-2618.json | 16 +++---- 2020/CVE-2020-2551.json | 8 ++-- 2021/CVE-2021-1647.json | 32 -------------- 2021/CVE-2021-1675.json | 4 +- 2021/CVE-2021-2109.json | 65 --------------------------- 2021/CVE-2021-2119.json | 30 ------------- 2021/CVE-2021-24084.json | 8 ++-- 2021/CVE-2021-3019.json | 30 ------------- 2021/CVE-2021-3130.json | 32 -------------- 2021/CVE-2021-3131.json | 32 -------------- 2021/CVE-2021-3164.json | 32 -------------- 2021/CVE-2021-3493.json | 8 ++-- 2021/CVE-2021-41773.json | 8 ++-- 2021/CVE-2021-42278.json | 30 +++++++++++++ 2021/CVE-2021-42287.json | 8 ++-- 2021/CVE-2021-44228.json | 4 +- 2022/CVE-2022-0778.json | 8 ++-- 2022/CVE-2022-0847.json | 16 +++---- 2022/CVE-2022-21449.json | 8 ++-- 2022/CVE-2022-22954.json | 8 ++-- 2022/CVE-2022-24124.json | 35 +++++++++++++++ 2022/CVE-2022-26134.json | 8 ++-- 2022/CVE-2022-26809.json | 8 ++-- 2022/CVE-2022-28281.json | 8 ++-- 2023/CVE-2023-0297.json | 30 +++++++++++++ 2023/CVE-2023-1454.json | 6 +-- 2023/CVE-2023-21707.json | 8 ++-- 2023/CVE-2023-21752.json | 30 +++++++++++++ 2023/CVE-2023-23397.json | 8 ++-- 2023/CVE-2023-23638.json | 8 ++-- 2023/CVE-2023-25136.json | 8 ++-- 2023/CVE-2023-27163.json | 2 +- 2023/CVE-2023-32233.json | 8 ++-- 2023/CVE-2023-33246.json | 30 ------------- 2023/CVE-2023-36664.json | 8 ++-- 2023/CVE-2023-38146.json | 8 ++-- 2023/CVE-2023-38545.json | 12 ++--- 2023/CVE-2023-38831.json | 8 ++-- 2023/CVE-2023-43770.json | 8 ++-- 2023/CVE-2023-49070.json | 8 ++-- 2023/CVE-2023-50164.json | 8 ++-- 2023/CVE-2023-51467.json | 16 +++---- 2023/CVE-2023-5360.json | 2 +- 2024/CVE-2024-21633.json | 8 ++-- README.md | 53 ++++++++-------------- 57 files changed, 430 insertions(+), 481 deletions(-) create mode 100644 2007/CVE-2007-3831.json delete mode 100644 2021/CVE-2021-1647.json delete mode 100644 2021/CVE-2021-3130.json delete mode 100644 2021/CVE-2021-3131.json delete mode 100644 2021/CVE-2021-3164.json diff --git a/2007/CVE-2007-2447.json b/2007/CVE-2007-2447.json index eb75442cf9..0f455ba2b1 100644 --- a/2007/CVE-2007-2447.json +++ b/2007/CVE-2007-2447.json @@ -1,4 +1,34 @@ [ + { + "id": 143461594, + "name": "CVE-2007-2447", + "full_name": "amriunix\/CVE-2007-2447", + "owner": { + "login": "amriunix", + "id": 6618368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6618368?v=4", + "html_url": "https:\/\/github.com\/amriunix" + }, + "html_url": "https:\/\/github.com\/amriunix\/CVE-2007-2447", + "description": "CVE-2007-2447 - Samba usermap script", + "fork": false, + "created_at": "2018-08-03T18:39:56Z", + "updated_at": "2023-12-27T00:25:05Z", + "pushed_at": "2020-08-16T18:54:38Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + }, { "id": 195401614, "name": "metasploitable2", @@ -89,6 +119,66 @@ "score": 0, "subscribers_count": 2 }, + { + "id": 257885318, + "name": "CVE-2007-2447", + "full_name": "3x1t1um\/CVE-2007-2447", + "owner": { + "login": "3x1t1um", + "id": 54857145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54857145?v=4", + "html_url": "https:\/\/github.com\/3x1t1um" + }, + "html_url": "https:\/\/github.com\/3x1t1um\/CVE-2007-2447", + "description": null, + "fork": false, + "created_at": "2020-04-22T11:47:16Z", + "updated_at": "2020-08-04T14:13:55Z", + "pushed_at": "2020-08-04T14:13:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 319098047, + "name": "exploit-CVE-2007-2447", + "full_name": "xlcc4096\/exploit-CVE-2007-2447", + "owner": { + "login": "xlcc4096", + "id": 75581853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75581853?v=4", + "html_url": "https:\/\/github.com\/xlcc4096" + }, + "html_url": "https:\/\/github.com\/xlcc4096\/exploit-CVE-2007-2447", + "description": "Exploit for the vulnerability CVE-2007-2447", + "fork": false, + "created_at": "2020-12-06T18:04:44Z", + "updated_at": "2020-12-06T18:09:38Z", + "pushed_at": "2020-12-06T18:09:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, { "id": 319992014, "name": "CVE-2007-2447_Samba_3.0.25rc3", diff --git a/2007/CVE-2007-3831.json b/2007/CVE-2007-3831.json new file mode 100644 index 0000000000..2373bb589c --- /dev/null +++ b/2007/CVE-2007-3831.json @@ -0,0 +1,32 @@ +[ + { + "id": 132976151, + "name": "CVE-2007-3831", + "full_name": "alt3kx\/CVE-2007-3831", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2007-3831", + "description": "PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 ", + "fork": false, + "created_at": "2018-05-11T02:02:21Z", + "updated_at": "2018-05-11T02:18:11Z", + "pushed_at": "2018-05-11T02:18:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index 263343caf9..d1b9c4ec27 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -43,10 +43,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2024-01-10T03:38:07Z", + "updated_at": "2024-01-10T06:42:57Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 1860, - "watchers_count": 1860, + "stargazers_count": 1861, + "watchers_count": 1861, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -76,7 +76,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 1860, + "watchers": 1861, "score": 0, "subscribers_count": 35 }, diff --git a/2016/CVE-2016-0189.json b/2016/CVE-2016-0189.json index d4e220ed88..2e50ac12fe 100644 --- a/2016/CVE-2016-0189.json +++ b/2016/CVE-2016-0189.json @@ -13,10 +13,10 @@ "description": "Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)", "fork": false, "created_at": "2016-06-22T23:03:30Z", - "updated_at": "2023-09-28T10:34:48Z", + "updated_at": "2024-01-10T06:46:34Z", "pushed_at": "2016-06-23T00:47:50Z", - "stargazers_count": 112, - "watchers_count": 112, + "stargazers_count": 113, + "watchers_count": 113, "has_discussions": false, "forks_count": 61, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 61, - "watchers": 112, + "watchers": 113, "score": 0, "subscribers_count": 13 }, diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index a20fad5bc8..c2324dd276 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2024-01-10T03:38:07Z", + "updated_at": "2024-01-10T06:42:57Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 1860, - "watchers_count": 1860, + "stargazers_count": 1861, + "watchers_count": 1861, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -46,7 +46,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 1860, + "watchers": 1861, "score": 0, "subscribers_count": 35 }, diff --git a/2017/CVE-2017-1000353.json b/2017/CVE-2017-1000353.json index d3987d5084..1fc746b414 100644 --- a/2017/CVE-2017-1000353.json +++ b/2017/CVE-2017-1000353.json @@ -18,13 +18,13 @@ "stargazers_count": 51, "watchers_count": 51, "has_discussions": false, - "forks_count": 63, + "forks_count": 64, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 63, + "forks": 64, "watchers": 51, "score": 0, "subscribers_count": 3 diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index f085f04a2d..5cdf5b6562 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -43,10 +43,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2024-01-10T03:38:07Z", + "updated_at": "2024-01-10T06:42:57Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 1860, - "watchers_count": 1860, + "stargazers_count": 1861, + "watchers_count": 1861, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -76,7 +76,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 1860, + "watchers": 1861, "score": 0, "subscribers_count": 35 }, diff --git a/2017/CVE-2017-7494.json b/2017/CVE-2017-7494.json index 17cd775968..d47107da5e 100644 --- a/2017/CVE-2017-7494.json +++ b/2017/CVE-2017-7494.json @@ -78,7 +78,7 @@ "stargazers_count": 364, "watchers_count": 364, "has_discussions": false, - "forks_count": 111, + "forks_count": 110, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -90,7 +90,7 @@ "sambacry" ], "visibility": "public", - "forks": 111, + "forks": 110, "watchers": 364, "score": 0, "subscribers_count": 10 diff --git a/2017/CVE-2017-7529.json b/2017/CVE-2017-7529.json index 27a9c6cfef..c5ba81b674 100644 --- a/2017/CVE-2017-7529.json +++ b/2017/CVE-2017-7529.json @@ -43,10 +43,10 @@ "description": "CVE-2017-7529_PoC", "fork": false, "created_at": "2018-06-20T15:16:10Z", - "updated_at": "2023-08-30T23:47:42Z", + "updated_at": "2024-01-10T08:39:38Z", "pushed_at": "2018-06-20T15:16:39Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 18, + "watchers_count": 18, "has_discussions": false, "forks_count": 26, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 26, - "watchers": 19, + "watchers": 18, "score": 0, "subscribers_count": 2 }, diff --git a/2018/CVE-2018-17240.json b/2018/CVE-2018-17240.json index a6652ad6d6..84749ff703 100644 --- a/2018/CVE-2018-17240.json +++ b/2018/CVE-2018-17240.json @@ -44,7 +44,7 @@ "fork": false, "created_at": "2024-01-04T21:44:21Z", "updated_at": "2024-01-05T06:29:51Z", - "pushed_at": "2024-01-10T02:48:02Z", + "pushed_at": "2024-01-10T06:39:35Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index 959d61f1d6..7e69115406 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -587,10 +587,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2024-01-10T03:38:07Z", + "updated_at": "2024-01-10T06:42:57Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 1860, - "watchers_count": 1860, + "stargazers_count": 1861, + "watchers_count": 1861, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -620,7 +620,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 1860, + "watchers": 1861, "score": 0, "subscribers_count": 35 }, diff --git a/2019/CVE-2019-14234.json b/2019/CVE-2019-14234.json index 9d69c6c3fa..2630333ba6 100644 --- a/2019/CVE-2019-14234.json +++ b/2019/CVE-2019-14234.json @@ -13,10 +13,10 @@ "description": "POC-Django JSONField\/HStoreField SQL Injection Vulnerability (CVE-2019-14234)", "fork": false, "created_at": "2023-09-15T09:34:56Z", - "updated_at": "2023-10-09T11:23:41Z", + "updated_at": "2024-01-10T11:51:23Z", "pushed_at": "2023-09-15T12:18:11Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 9915284be3..6285f576ef 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -103,10 +103,10 @@ "description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持", "fork": false, "created_at": "2019-06-21T09:22:43Z", - "updated_at": "2024-01-06T02:09:42Z", + "updated_at": "2024-01-10T06:54:19Z", "pushed_at": "2020-04-26T10:49:25Z", - "stargazers_count": 922, - "watchers_count": 922, + "stargazers_count": 923, + "watchers_count": 923, "has_discussions": false, "forks_count": 182, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 182, - "watchers": 922, + "watchers": 923, "score": 0, "subscribers_count": 19 }, @@ -193,10 +193,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2024-01-10T03:38:07Z", + "updated_at": "2024-01-10T06:42:57Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 1860, - "watchers_count": 1860, + "stargazers_count": 1861, + "watchers_count": 1861, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -226,7 +226,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 1860, + "watchers": 1861, "score": 0, "subscribers_count": 35 } diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 2d57007dc0..b6bdf30d3f 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2024-01-10T03:38:07Z", + "updated_at": "2024-01-10T06:42:57Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 1860, - "watchers_count": 1860, + "stargazers_count": 1861, + "watchers_count": 1861, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -46,7 +46,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 1860, + "watchers": 1861, "score": 0, "subscribers_count": 35 }, diff --git a/2021/CVE-2021-1647.json b/2021/CVE-2021-1647.json deleted file mode 100644 index a8d6a6295d..0000000000 --- a/2021/CVE-2021-1647.json +++ /dev/null @@ -1,32 +0,0 @@ -[ - { - "id": 332213147, - "name": "cve-2021-1647", - "full_name": "findcool\/cve-2021-1647", - "owner": { - "login": "findcool", - "id": 73280456, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73280456?v=4", - "html_url": "https:\/\/github.com\/findcool" - }, - "html_url": "https:\/\/github.com\/findcool\/cve-2021-1647", - "description": null, - "fork": false, - "created_at": "2021-01-23T13:10:35Z", - "updated_at": "2021-01-23T13:10:37Z", - "pushed_at": "2021-01-20T14:55:37Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 5, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 5, - "watchers": 0, - "score": 0, - "subscribers_count": 0 - } -] \ No newline at end of file diff --git a/2021/CVE-2021-1675.json b/2021/CVE-2021-1675.json index 78f0dd8488..dcf61b5a16 100644 --- a/2021/CVE-2021-1675.json +++ b/2021/CVE-2021-1675.json @@ -48,13 +48,13 @@ "stargazers_count": 1770, "watchers_count": 1770, "has_discussions": false, - "forks_count": 585, + "forks_count": 584, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 585, + "forks": 584, "watchers": 1770, "score": 0, "subscribers_count": 44 diff --git a/2021/CVE-2021-2109.json b/2021/CVE-2021-2109.json index a5ba87a1a0..4822af1524 100644 --- a/2021/CVE-2021-2109.json +++ b/2021/CVE-2021-2109.json @@ -1,69 +1,4 @@ [ - { - "id": 331847444, - "name": "CVE-2021-2109", - "full_name": "Al1ex\/CVE-2021-2109", - "owner": { - "login": "Al1ex", - "id": 38161463, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", - "html_url": "https:\/\/github.com\/Al1ex" - }, - "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-2109", - "description": "CVE-2021-2109 && Weblogic Server RCE via JNDI", - "fork": false, - "created_at": "2021-01-22T05:37:11Z", - "updated_at": "2023-09-28T11:24:12Z", - "pushed_at": "2021-01-22T05:52:26Z", - "stargazers_count": 32, - "watchers_count": 32, - "has_discussions": false, - "forks_count": 10, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [ - "cve-2021-2109", - "jndi", - "rce", - "weblogic" - ], - "visibility": "public", - "forks": 10, - "watchers": 32, - "score": 0, - "subscribers_count": 2 - }, - { - "id": 331873303, - "name": "CVE-2021-2109", - "full_name": "rabbitsafe\/CVE-2021-2109", - "owner": { - "login": "rabbitsafe", - "id": 33046073, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33046073?v=4", - "html_url": "https:\/\/github.com\/rabbitsafe" - }, - "html_url": "https:\/\/github.com\/rabbitsafe\/CVE-2021-2109", - "description": null, - "fork": false, - "created_at": "2021-01-22T07:43:46Z", - "updated_at": "2023-09-28T11:24:12Z", - "pushed_at": "2021-01-22T08:34:11Z", - "stargazers_count": 10, - "watchers_count": 10, - "has_discussions": false, - "forks_count": 5, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 5, - "watchers": 10, - "score": 0, - "subscribers_count": 1 - }, { "id": 367086891, "name": "CVE-2021-2109_poc", diff --git a/2021/CVE-2021-2119.json b/2021/CVE-2021-2119.json index 16b8309616..0869152231 100644 --- a/2021/CVE-2021-2119.json +++ b/2021/CVE-2021-2119.json @@ -1,34 +1,4 @@ [ - { - "id": 329979678, - "name": "RWCTF21-VirtualBox-61-escape", - "full_name": "Sauercloud\/RWCTF21-VirtualBox-61-escape", - "owner": { - "login": "Sauercloud", - "id": 41395211, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41395211?v=4", - "html_url": "https:\/\/github.com\/Sauercloud" - }, - "html_url": "https:\/\/github.com\/Sauercloud\/RWCTF21-VirtualBox-61-escape", - "description": "0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020\/2021 CVE-2021-2119", - "fork": false, - "created_at": "2021-01-15T17:32:24Z", - "updated_at": "2023-12-20T23:48:30Z", - "pushed_at": "2021-01-23T01:25:22Z", - "stargazers_count": 137, - "watchers_count": 137, - "has_discussions": false, - "forks_count": 23, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 23, - "watchers": 137, - "score": 0, - "subscribers_count": 10 - }, { "id": 471867550, "name": "Sauercloude", diff --git a/2021/CVE-2021-24084.json b/2021/CVE-2021-24084.json index 99e2bb9509..c7d6bacfb1 100644 --- a/2021/CVE-2021-24084.json +++ b/2021/CVE-2021-24084.json @@ -43,10 +43,10 @@ "description": "CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day", "fork": false, "created_at": "2021-11-28T09:48:36Z", - "updated_at": "2023-12-20T00:02:36Z", + "updated_at": "2024-01-10T07:42:51Z", "pushed_at": "2022-02-21T08:30:22Z", - "stargazers_count": 44, - "watchers_count": 44, + "stargazers_count": 45, + "watchers_count": 45, "has_discussions": false, "forks_count": 17, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 17, - "watchers": 44, + "watchers": 45, "score": 0, "subscribers_count": 2 } diff --git a/2021/CVE-2021-3019.json b/2021/CVE-2021-3019.json index 38af400b5f..2804e23645 100644 --- a/2021/CVE-2021-3019.json +++ b/2021/CVE-2021-3019.json @@ -59,36 +59,6 @@ "score": 0, "subscribers_count": 2 }, - { - "id": 329537345, - "name": "CVE-2021-3019", - "full_name": "Maksim-venus\/CVE-2021-3019", - "owner": { - "login": "Maksim-venus", - "id": 35008035, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35008035?v=4", - "html_url": "https:\/\/github.com\/Maksim-venus" - }, - "html_url": "https:\/\/github.com\/Maksim-venus\/CVE-2021-3019", - "description": "lanproxy 目录遍历漏洞批量检测用户名密码POC (CVE-2021-3019)", - "fork": false, - "created_at": "2021-01-14T07:19:21Z", - "updated_at": "2023-09-28T11:23:56Z", - "pushed_at": "2021-01-14T07:52:31Z", - "stargazers_count": 3, - "watchers_count": 3, - "has_discussions": false, - "forks_count": 2, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 2, - "watchers": 3, - "score": 0, - "subscribers_count": 1 - }, { "id": 346618078, "name": "CVE-2021-3019", diff --git a/2021/CVE-2021-3130.json b/2021/CVE-2021-3130.json deleted file mode 100644 index ad31eb5a25..0000000000 --- a/2021/CVE-2021-3130.json +++ /dev/null @@ -1,32 +0,0 @@ -[ - { - "id": 331557374, - "name": "CVE-2021-3130", - "full_name": "jet-pentest\/CVE-2021-3130", - "owner": { - "login": "jet-pentest", - "id": 71512502, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", - "html_url": "https:\/\/github.com\/jet-pentest" - }, - "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-3130", - "description": null, - "fork": false, - "created_at": "2021-01-21T08:04:32Z", - "updated_at": "2021-02-14T09:24:07Z", - "pushed_at": "2021-01-21T12:31:34Z", - "stargazers_count": 1, - "watchers_count": 1, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 1, - "score": 0, - "subscribers_count": 1 - } -] \ No newline at end of file diff --git a/2021/CVE-2021-3131.json b/2021/CVE-2021-3131.json deleted file mode 100644 index 7f287ed243..0000000000 --- a/2021/CVE-2021-3131.json +++ /dev/null @@ -1,32 +0,0 @@ -[ - { - "id": 329230328, - "name": "CVE-2021-3131", - "full_name": "jet-pentest\/CVE-2021-3131", - "owner": { - "login": "jet-pentest", - "id": 71512502, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", - "html_url": "https:\/\/github.com\/jet-pentest" - }, - "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-3131", - "description": "CVE-2021-3131", - "fork": false, - "created_at": "2021-01-13T07:41:25Z", - "updated_at": "2022-12-19T10:01:54Z", - "pushed_at": "2021-01-13T07:54:38Z", - "stargazers_count": 1, - "watchers_count": 1, - "has_discussions": false, - "forks_count": 1, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 1, - "watchers": 1, - "score": 0, - "subscribers_count": 1 - } -] \ No newline at end of file diff --git a/2021/CVE-2021-3164.json b/2021/CVE-2021-3164.json deleted file mode 100644 index 27ad3e8509..0000000000 --- a/2021/CVE-2021-3164.json +++ /dev/null @@ -1,32 +0,0 @@ -[ - { - "id": 331173610, - "name": "cve-2021-3164", - "full_name": "rmccarth\/cve-2021-3164", - "owner": { - "login": "rmccarth", - "id": 36937649, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36937649?v=4", - "html_url": "https:\/\/github.com\/rmccarth" - }, - "html_url": "https:\/\/github.com\/rmccarth\/cve-2021-3164", - "description": "Church Rota version 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file. The application is written primarily with PHP so we use PHP in our PoC ", - "fork": false, - "created_at": "2021-01-20T02:48:46Z", - "updated_at": "2021-10-16T06:43:27Z", - "pushed_at": "2021-01-20T02:49:27Z", - "stargazers_count": 2, - "watchers_count": 2, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 2, - "score": 0, - "subscribers_count": 2 - } -] \ No newline at end of file diff --git a/2021/CVE-2021-3493.json b/2021/CVE-2021-3493.json index e75f7b6a42..6872925a0a 100644 --- a/2021/CVE-2021-3493.json +++ b/2021/CVE-2021-3493.json @@ -13,10 +13,10 @@ "description": "Ubuntu OverlayFS Local Privesc", "fork": false, "created_at": "2021-04-19T20:07:01Z", - "updated_at": "2024-01-07T15:43:41Z", + "updated_at": "2024-01-10T09:48:38Z", "pushed_at": "2021-09-28T04:08:43Z", - "stargazers_count": 384, - "watchers_count": 384, + "stargazers_count": 385, + "watchers_count": 385, "has_discussions": false, "forks_count": 135, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 135, - "watchers": 384, + "watchers": 385, "score": 0, "subscribers_count": 4 }, diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json index e1ffdda4ce..d5a4937e99 100644 --- a/2021/CVE-2021-41773.json +++ b/2021/CVE-2021-41773.json @@ -1092,10 +1092,10 @@ "description": "MASS CVE-2021-41773", "fork": false, "created_at": "2021-10-07T15:13:18Z", - "updated_at": "2023-12-06T02:22:56Z", + "updated_at": "2024-01-10T12:07:21Z", "pushed_at": "2023-11-14T07:00:33Z", - "stargazers_count": 27, - "watchers_count": 27, + "stargazers_count": 28, + "watchers_count": 28, "has_discussions": false, "forks_count": 24, "allow_forking": true, @@ -1109,7 +1109,7 @@ ], "visibility": "public", "forks": 24, - "watchers": 27, + "watchers": 28, "score": 0, "subscribers_count": 3 }, diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json index 882bb6a588..6fd2ab74a6 100644 --- a/2021/CVE-2021-42278.json +++ b/2021/CVE-2021-42278.json @@ -34,6 +34,36 @@ "score": 0, "subscribers_count": 26 }, + { + "id": 437829160, + "name": "noPac", + "full_name": "Ridter\/noPac", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter" + }, + "html_url": "https:\/\/github.com\/Ridter\/noPac", + "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", + "fork": false, + "created_at": "2021-12-13T10:28:12Z", + "updated_at": "2024-01-10T07:04:50Z", + "pushed_at": "2023-01-29T03:31:27Z", + "stargazers_count": 678, + "watchers_count": 678, + "has_discussions": false, + "forks_count": 114, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 114, + "watchers": 678, + "score": 0, + "subscribers_count": 12 + }, { "id": 437924403, "name": "noPac", diff --git a/2021/CVE-2021-42287.json b/2021/CVE-2021-42287.json index c630cca4a3..fd88b1cbec 100644 --- a/2021/CVE-2021-42287.json +++ b/2021/CVE-2021-42287.json @@ -13,10 +13,10 @@ "description": "CVE-2021-42287\/CVE-2021-42278 Scanner & Exploiter.", "fork": false, "created_at": "2021-12-11T19:27:30Z", - "updated_at": "2024-01-07T22:25:23Z", + "updated_at": "2024-01-10T06:57:57Z", "pushed_at": "2021-12-16T09:50:15Z", - "stargazers_count": 1276, - "watchers_count": 1276, + "stargazers_count": 1277, + "watchers_count": 1277, "has_discussions": false, "forks_count": 317, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 317, - "watchers": 1276, + "watchers": 1277, "score": 0, "subscribers_count": 27 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 1882227b5b..035efc65c8 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -3641,13 +3641,13 @@ "stargazers_count": 3324, "watchers_count": 3324, "has_discussions": true, - "forks_count": 750, + "forks_count": 749, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 750, + "forks": 749, "watchers": 3324, "score": 0, "subscribers_count": 58 diff --git a/2022/CVE-2022-0778.json b/2022/CVE-2022-0778.json index bdfcb3f1f1..de7305350f 100644 --- a/2022/CVE-2022-0778.json +++ b/2022/CVE-2022-0778.json @@ -13,10 +13,10 @@ "description": "Proof of concept for CVE-2022-0778, which triggers an infinite loop in parsing X.509 certificates due to a bug in BN_mod_sqrt", "fork": false, "created_at": "2022-03-15T19:06:33Z", - "updated_at": "2023-12-30T22:07:32Z", + "updated_at": "2024-01-10T08:26:03Z", "pushed_at": "2022-04-03T15:07:31Z", - "stargazers_count": 188, - "watchers_count": 188, + "stargazers_count": 187, + "watchers_count": 187, "has_discussions": false, "forks_count": 51, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 51, - "watchers": 188, + "watchers": 187, "score": 0, "subscribers_count": 19 }, diff --git a/2022/CVE-2022-0847.json b/2022/CVE-2022-0847.json index d9aaf6e086..e4cc6384e5 100644 --- a/2022/CVE-2022-0847.json +++ b/2022/CVE-2022-0847.json @@ -1882,10 +1882,10 @@ "description": "An eBPF detection program for CVE-2022-0847", "fork": false, "created_at": "2022-07-05T07:20:59Z", - "updated_at": "2023-11-07T15:57:55Z", + "updated_at": "2024-01-10T12:16:51Z", "pushed_at": "2022-07-05T14:25:46Z", - "stargazers_count": 25, - "watchers_count": 25, + "stargazers_count": 26, + "watchers_count": 26, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -1894,7 +1894,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 25, + "watchers": 26, "score": 0, "subscribers_count": 9 }, @@ -2517,10 +2517,10 @@ "description": "An eBPF program to detect attacks on CVE-2022-0847", "fork": false, "created_at": "2023-07-06T01:31:01Z", - "updated_at": "2023-12-23T11:19:47Z", + "updated_at": "2024-01-10T12:16:49Z", "pushed_at": "2023-11-04T15:49:51Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -2529,7 +2529,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 6, + "watchers": 7, "score": 0, "subscribers_count": 1 }, diff --git a/2022/CVE-2022-21449.json b/2022/CVE-2022-21449.json index 677c872152..25c65b52dd 100644 --- a/2022/CVE-2022-21449.json +++ b/2022/CVE-2022-21449.json @@ -73,10 +73,10 @@ "description": "CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server", "fork": false, "created_at": "2022-04-20T20:31:15Z", - "updated_at": "2023-12-27T09:56:01Z", + "updated_at": "2024-01-10T08:36:43Z", "pushed_at": "2022-04-21T12:04:10Z", - "stargazers_count": 122, - "watchers_count": 122, + "stargazers_count": 121, + "watchers_count": 121, "has_discussions": false, "forks_count": 26, "allow_forking": true, @@ -85,7 +85,7 @@ "topics": [], "visibility": "public", "forks": 26, - "watchers": 122, + "watchers": 121, "score": 0, "subscribers_count": 4 }, diff --git a/2022/CVE-2022-22954.json b/2022/CVE-2022-22954.json index ad7129db59..e5dfb0310e 100644 --- a/2022/CVE-2022-22954.json +++ b/2022/CVE-2022-22954.json @@ -46,10 +46,10 @@ "description": "POC for VMWARE CVE-2022-22954", "fork": false, "created_at": "2022-04-11T13:59:23Z", - "updated_at": "2023-12-11T06:17:41Z", + "updated_at": "2024-01-10T08:25:57Z", "pushed_at": "2022-04-13T06:15:11Z", - "stargazers_count": 285, - "watchers_count": 285, + "stargazers_count": 284, + "watchers_count": 284, "has_discussions": false, "forks_count": 53, "allow_forking": true, @@ -58,7 +58,7 @@ "topics": [], "visibility": "public", "forks": 53, - "watchers": 285, + "watchers": 284, "score": 0, "subscribers_count": 5 }, diff --git a/2022/CVE-2022-24124.json b/2022/CVE-2022-24124.json index 06d1e7e82a..4b4a43ff7e 100644 --- a/2022/CVE-2022-24124.json +++ b/2022/CVE-2022-24124.json @@ -63,5 +63,40 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 531165610, + "name": "CVE-2022-24124", + "full_name": "b1gdog\/CVE-2022-24124", + "owner": { + "login": "b1gdog", + "id": 81157360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81157360?v=4", + "html_url": "https:\/\/github.com\/b1gdog" + }, + "html_url": "https:\/\/github.com\/b1gdog\/CVE-2022-24124", + "description": "CVE-2022-24124 exploit", + "fork": false, + "created_at": "2022-08-31T16:23:16Z", + "updated_at": "2024-01-10T08:58:18Z", + "pushed_at": "2023-08-15T22:59:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "poc", + "python", + "sqli", + "sqlinjection" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26134.json b/2022/CVE-2022-26134.json index 31c62bf026..41faf1cd58 100644 --- a/2022/CVE-2022-26134.json +++ b/2022/CVE-2022-26134.json @@ -13,10 +13,10 @@ "description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。", "fork": false, "created_at": "2022-05-31T07:44:01Z", - "updated_at": "2024-01-09T16:51:02Z", + "updated_at": "2024-01-10T09:15:13Z", "pushed_at": "2023-02-26T14:06:05Z", - "stargazers_count": 1085, - "watchers_count": 1085, + "stargazers_count": 1086, + "watchers_count": 1086, "has_discussions": true, "forks_count": 185, "allow_forking": true, @@ -45,7 +45,7 @@ ], "visibility": "public", "forks": 185, - "watchers": 1085, + "watchers": 1086, "score": 0, "subscribers_count": 18 }, diff --git a/2022/CVE-2022-26809.json b/2022/CVE-2022-26809.json index 45267df139..38b36abb6b 100644 --- a/2022/CVE-2022-26809.json +++ b/2022/CVE-2022-26809.json @@ -43,10 +43,10 @@ "description": "Remote Code Execution Exploit in the RPC Library", "fork": false, "created_at": "2022-04-14T08:12:24Z", - "updated_at": "2024-01-04T13:09:14Z", + "updated_at": "2024-01-10T08:36:15Z", "pushed_at": "2022-04-19T17:04:04Z", - "stargazers_count": 30, - "watchers_count": 30, + "stargazers_count": 29, + "watchers_count": 29, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -57,7 +57,7 @@ ], "visibility": "public", "forks": 6, - "watchers": 30, + "watchers": 29, "score": 0, "subscribers_count": 19 }, diff --git a/2022/CVE-2022-28281.json b/2022/CVE-2022-28281.json index a4efc3117b..282c313974 100644 --- a/2022/CVE-2022-28281.json +++ b/2022/CVE-2022-28281.json @@ -13,10 +13,10 @@ "description": "PoC for CVE-2022-28281 a Mozilla Firefox Out of bounds write.", "fork": false, "created_at": "2022-04-08T02:49:09Z", - "updated_at": "2023-12-27T02:25:39Z", + "updated_at": "2024-01-10T08:26:04Z", "pushed_at": "2022-04-08T15:21:26Z", - "stargazers_count": 74, - "watchers_count": 74, + "stargazers_count": 73, + "watchers_count": 73, "has_discussions": false, "forks_count": 13, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 13, - "watchers": 74, + "watchers": 73, "score": 0, "subscribers_count": 3 } diff --git a/2023/CVE-2023-0297.json b/2023/CVE-2023-0297.json index ca75efc695..b2b32a7255 100644 --- a/2023/CVE-2023-0297.json +++ b/2023/CVE-2023-0297.json @@ -1,4 +1,34 @@ [ + { + "id": 586854096, + "name": "CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "full_name": "bAuh0lz\/CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "owner": { + "login": "bAuh0lz", + "id": 15223611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15223611?v=4", + "html_url": "https:\/\/github.com\/bAuh0lz" + }, + "html_url": "https:\/\/github.com\/bAuh0lz\/CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "description": "CVE-2023-0297: The Story of Finding Pre-auth RCE in pyLoad", + "fork": false, + "created_at": "2023-01-09T11:44:09Z", + "updated_at": "2023-11-20T11:52:23Z", + "pushed_at": "2023-01-14T04:40:47Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, { "id": 601937653, "name": "CVE-2023-0297", diff --git a/2023/CVE-2023-1454.json b/2023/CVE-2023-1454.json index bbdbf549f3..f22dbaad22 100644 --- a/2023/CVE-2023-1454.json +++ b/2023/CVE-2023-1454.json @@ -190,11 +190,11 @@ "html_url": "https:\/\/github.com\/shad0w0sec" }, "html_url": "https:\/\/github.com\/shad0w0sec\/CVE-2023-1454-EXP", - "description": "JeecgBoot SQL(CVE-2023-1454)", + "description": "JeecgBoot SQL(CVE-2023-1454)sqlmap 注入不出来的情况可以使用该脚本", "fork": false, "created_at": "2023-12-31T06:47:01Z", - "updated_at": "2023-12-31T06:49:23Z", - "pushed_at": "2023-12-31T06:53:32Z", + "updated_at": "2024-01-10T08:10:37Z", + "pushed_at": "2024-01-10T08:09:11Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2023/CVE-2023-21707.json b/2023/CVE-2023-21707.json index 83ab6c6bc9..547c0c2e86 100644 --- a/2023/CVE-2023-21707.json +++ b/2023/CVE-2023-21707.json @@ -13,10 +13,10 @@ "description": "CVE-2023-21707 EXP", "fork": false, "created_at": "2023-06-30T10:15:07Z", - "updated_at": "2023-12-17T03:49:26Z", + "updated_at": "2024-01-10T07:41:32Z", "pushed_at": "2023-07-06T07:43:24Z", - "stargazers_count": 25, - "watchers_count": 25, + "stargazers_count": 26, + "watchers_count": 26, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 25, + "watchers": 26, "score": 0, "subscribers_count": 3 } diff --git a/2023/CVE-2023-21752.json b/2023/CVE-2023-21752.json index b1137b9753..08f7f2aa98 100644 --- a/2023/CVE-2023-21752.json +++ b/2023/CVE-2023-21752.json @@ -1,4 +1,34 @@ [ + { + "id": 587377595, + "name": "CVE-2023-21752", + "full_name": "Wh04m1001\/CVE-2023-21752", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2023-21752", + "description": null, + "fork": false, + "created_at": "2023-01-10T15:59:26Z", + "updated_at": "2024-01-05T09:07:31Z", + "pushed_at": "2023-01-13T09:01:20Z", + "stargazers_count": 294, + "watchers_count": 294, + "has_discussions": false, + "forks_count": 67, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 67, + "watchers": 294, + "score": 0, + "subscribers_count": 5 + }, { "id": 677068156, "name": "CVE-2023-21752", diff --git a/2023/CVE-2023-23397.json b/2023/CVE-2023-23397.json index 4951ec0b48..8f40891f37 100644 --- a/2023/CVE-2023-23397.json +++ b/2023/CVE-2023-23397.json @@ -173,10 +173,10 @@ "description": null, "fork": false, "created_at": "2023-03-16T19:43:39Z", - "updated_at": "2024-01-04T17:21:56Z", + "updated_at": "2024-01-10T10:46:33Z", "pushed_at": "2023-03-17T07:47:40Z", - "stargazers_count": 342, - "watchers_count": 342, + "stargazers_count": 341, + "watchers_count": 341, "has_discussions": false, "forks_count": 64, "allow_forking": true, @@ -185,7 +185,7 @@ "topics": [], "visibility": "public", "forks": 64, - "watchers": 342, + "watchers": 341, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-23638.json b/2023/CVE-2023-23638.json index ea8b043fa3..4c0ca903c3 100644 --- a/2023/CVE-2023-23638.json +++ b/2023/CVE-2023-23638.json @@ -13,10 +13,10 @@ "description": "PoC of Apache Dubbo CVE-2023-23638", "fork": false, "created_at": "2023-03-22T11:23:44Z", - "updated_at": "2024-01-10T07:00:42Z", + "updated_at": "2024-01-10T12:33:45Z", "pushed_at": "2024-01-07T07:38:03Z", - "stargazers_count": 24, - "watchers_count": 24, + "stargazers_count": 25, + "watchers_count": 25, "has_discussions": false, "forks_count": 7, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 7, - "watchers": 24, + "watchers": 25, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-25136.json b/2023/CVE-2023-25136.json index 5524bdedbd..a6468fbf45 100644 --- a/2023/CVE-2023-25136.json +++ b/2023/CVE-2023-25136.json @@ -259,10 +259,10 @@ "description": "OpenSSH Pre-Auth Double Free CVE-2023-25136 – Writeup and Proof-of-Concept", "fork": false, "created_at": "2023-09-21T12:05:35Z", - "updated_at": "2023-10-09T11:23:16Z", + "updated_at": "2024-01-10T11:52:05Z", "pushed_at": "2023-09-21T12:35:55Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -271,7 +271,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-27163.json b/2023/CVE-2023-27163.json index e443efed6b..69a853cdb3 100644 --- a/2023/CVE-2023-27163.json +++ b/2023/CVE-2023-27163.json @@ -389,7 +389,7 @@ "fork": false, "created_at": "2023-12-28T11:36:37Z", "updated_at": "2023-12-28T11:45:13Z", - "pushed_at": "2023-12-28T11:45:47Z", + "pushed_at": "2024-01-10T07:57:35Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2023/CVE-2023-32233.json b/2023/CVE-2023-32233.json index 8d9618aa74..9df34fcba7 100644 --- a/2023/CVE-2023-32233.json +++ b/2023/CVE-2023-32233.json @@ -43,10 +43,10 @@ "description": "CVE-2023-32233: Linux内核中的安全漏洞", "fork": false, "created_at": "2023-05-16T03:06:40Z", - "updated_at": "2023-12-23T15:55:30Z", + "updated_at": "2024-01-10T11:47:35Z", "pushed_at": "2023-05-16T04:34:16Z", - "stargazers_count": 353, - "watchers_count": 353, + "stargazers_count": 352, + "watchers_count": 352, "has_discussions": false, "forks_count": 79, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 79, - "watchers": 353, + "watchers": 352, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-33246.json b/2023/CVE-2023-33246.json index b318200ecc..09ad4a5e45 100644 --- a/2023/CVE-2023-33246.json +++ b/2023/CVE-2023-33246.json @@ -183,36 +183,6 @@ "score": 0, "subscribers_count": 1 }, - { - "id": 649621148, - "name": "rocketMq_RCE", - "full_name": "cr1me0\/rocketMq_RCE", - "owner": { - "login": "cr1me0", - "id": 52963105, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52963105?v=4", - "html_url": "https:\/\/github.com\/cr1me0" - }, - "html_url": "https:\/\/github.com\/cr1me0\/rocketMq_RCE", - "description": "RocketMQ RCE (CVE-2023-33246) woodpecker 利用插件", - "fork": false, - "created_at": "2023-06-05T09:23:25Z", - "updated_at": "2023-09-08T03:50:38Z", - "pushed_at": "2023-06-15T11:20:48Z", - "stargazers_count": 19, - "watchers_count": 19, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 19, - "score": 0, - "subscribers_count": 1 - }, { "id": 652917441, "name": "CVE-2023-33246", diff --git a/2023/CVE-2023-36664.json b/2023/CVE-2023-36664.json index cf17809447..1f5ec90914 100644 --- a/2023/CVE-2023-36664.json +++ b/2023/CVE-2023-36664.json @@ -13,10 +13,10 @@ "description": "Ghostscript command injection vulnerability PoC (CVE-2023-36664)", "fork": false, "created_at": "2023-08-12T18:33:57Z", - "updated_at": "2024-01-09T14:10:28Z", + "updated_at": "2024-01-10T10:43:10Z", "pushed_at": "2023-09-07T08:37:04Z", - "stargazers_count": 90, - "watchers_count": 90, + "stargazers_count": 92, + "watchers_count": 92, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 15, - "watchers": 90, + "watchers": 92, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-38146.json b/2023/CVE-2023-38146.json index 6cdb846f22..bc1f7a7e7c 100644 --- a/2023/CVE-2023-38146.json +++ b/2023/CVE-2023-38146.json @@ -13,10 +13,10 @@ "description": "Proof-of-Concept for CVE-2023-38146 (\"ThemeBleed\")", "fork": false, "created_at": "2023-09-13T04:00:14Z", - "updated_at": "2024-01-09T15:02:16Z", + "updated_at": "2024-01-10T07:42:00Z", "pushed_at": "2023-09-13T04:50:29Z", - "stargazers_count": 168, - "watchers_count": 168, + "stargazers_count": 169, + "watchers_count": 169, "has_discussions": false, "forks_count": 36, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 36, - "watchers": 168, + "watchers": 169, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-38545.json b/2023/CVE-2023-38545.json index 2cf39ae9f7..98deae66c9 100644 --- a/2023/CVE-2023-38545.json +++ b/2023/CVE-2023-38545.json @@ -43,19 +43,19 @@ "description": "😄 CVE-2023-38545堆溢出的POC和分析文章", "fork": false, "created_at": "2023-10-12T07:16:49Z", - "updated_at": "2024-01-03T14:25:05Z", + "updated_at": "2024-01-10T09:09:22Z", "pushed_at": "2023-10-12T08:46:50Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 7, + "forks": 1, + "watchers": 8, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-38831.json b/2023/CVE-2023-38831.json index a5eafb5dbd..b3a00ae4b3 100644 --- a/2023/CVE-2023-38831.json +++ b/2023/CVE-2023-38831.json @@ -892,10 +892,10 @@ "description": "Proof-of-Concept (POC) of CVE-2023-38831 Zero-Day vulnerability in WinRAR", "fork": false, "created_at": "2023-09-21T06:08:30Z", - "updated_at": "2023-10-09T11:23:27Z", + "updated_at": "2024-01-10T11:50:56Z", "pushed_at": "2023-09-21T09:30:59Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -904,7 +904,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-43770.json b/2023/CVE-2023-43770.json index b99be52398..a9330fc0e6 100644 --- a/2023/CVE-2023-43770.json +++ b/2023/CVE-2023-43770.json @@ -13,10 +13,10 @@ "description": "A Proof-Of-Concept for the CVE-2023-43770 vulnerability. ", "fork": false, "created_at": "2023-09-27T17:08:23Z", - "updated_at": "2023-12-13T19:46:46Z", + "updated_at": "2024-01-10T07:37:52Z", "pushed_at": "2023-10-02T17:41:10Z", - "stargazers_count": 30, - "watchers_count": 30, + "stargazers_count": 29, + "watchers_count": 29, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 30, + "watchers": 29, "score": 0, "subscribers_count": 3 }, diff --git a/2023/CVE-2023-49070.json b/2023/CVE-2023-49070.json index e78dffdc5b..f62702f14e 100644 --- a/2023/CVE-2023-49070.json +++ b/2023/CVE-2023-49070.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2023-12-14T09:32:41Z", - "updated_at": "2024-01-08T18:03:57Z", + "updated_at": "2024-01-10T08:22:51Z", "pushed_at": "2023-12-15T06:29:09Z", - "stargazers_count": 39, - "watchers_count": 39, + "stargazers_count": 40, + "watchers_count": 40, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 39, + "watchers": 40, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-50164.json b/2023/CVE-2023-50164.json index f22c760fa3..f50656da5e 100644 --- a/2023/CVE-2023-50164.json +++ b/2023/CVE-2023-50164.json @@ -13,10 +13,10 @@ "description": "A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate file upload parameters that can potentially lead to unauthorized path traversal and remote code execution (RCE).", "fork": false, "created_at": "2023-12-13T09:31:36Z", - "updated_at": "2024-01-10T05:56:59Z", + "updated_at": "2024-01-10T09:53:25Z", "pushed_at": "2023-12-13T13:18:18Z", - "stargazers_count": 63, - "watchers_count": 63, + "stargazers_count": 64, + "watchers_count": 64, "has_discussions": false, "forks_count": 16, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 16, - "watchers": 63, + "watchers": 64, "score": 0, "subscribers_count": 3 }, diff --git a/2023/CVE-2023-51467.json b/2023/CVE-2023-51467.json index 7f501b82c1..37769ea430 100644 --- a/2023/CVE-2023-51467.json +++ b/2023/CVE-2023-51467.json @@ -124,10 +124,10 @@ "description": "This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.", "fork": false, "created_at": "2024-01-02T14:20:10Z", - "updated_at": "2024-01-09T18:08:16Z", + "updated_at": "2024-01-10T11:03:21Z", "pushed_at": "2024-01-02T15:43:26Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 19, + "watchers_count": 19, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -136,7 +136,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 15, + "watchers": 19, "score": 0, "subscribers_count": 1 }, @@ -184,10 +184,10 @@ "description": "Apache Ofbiz CVE-2023-51467 图形化漏洞利用工具", "fork": false, "created_at": "2024-01-06T04:07:07Z", - "updated_at": "2024-01-09T15:38:41Z", + "updated_at": "2024-01-10T09:13:02Z", "pushed_at": "2024-01-06T10:33:34Z", - "stargazers_count": 25, - "watchers_count": 25, + "stargazers_count": 26, + "watchers_count": 26, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -196,7 +196,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 25, + "watchers": 26, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-5360.json b/2023/CVE-2023-5360.json index b56ad51325..adb3d838e0 100644 --- a/2023/CVE-2023-5360.json +++ b/2023/CVE-2023-5360.json @@ -236,7 +236,7 @@ "description": "CVE-2023-5360 Exploit\/POC", "fork": false, "created_at": "2023-11-13T12:51:34Z", - "updated_at": "2023-12-14T07:24:17Z", + "updated_at": "2024-01-10T11:23:58Z", "pushed_at": "2023-11-21T03:56:11Z", "stargazers_count": 2, "watchers_count": 2, diff --git a/2024/CVE-2024-21633.json b/2024/CVE-2024-21633.json index acc823c03d..b77892ce67 100644 --- a/2024/CVE-2024-21633.json +++ b/2024/CVE-2024-21633.json @@ -13,10 +13,10 @@ "description": "MobSF Remote code execution (via CVE-2024-21633)", "fork": false, "created_at": "2024-01-07T21:34:09Z", - "updated_at": "2024-01-10T04:52:21Z", + "updated_at": "2024-01-10T12:30:59Z", "pushed_at": "2024-01-07T21:34:51Z", - "stargazers_count": 26, - "watchers_count": 26, + "stargazers_count": 29, + "watchers_count": 29, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 26, + "watchers": 29, "score": 0, "subscribers_count": 1 } diff --git a/README.md b/README.md index 850b1d04ab..6e6801e4a9 100644 --- a/README.md +++ b/README.md @@ -66,6 +66,7 @@ Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. +- [bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad](https://github.com/bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad) - [Small-ears/CVE-2023-0297](https://github.com/Small-ears/CVE-2023-0297) - [JacobEbben/CVE-2023-0297](https://github.com/JacobEbben/CVE-2023-0297) - [overgrowncarrot1/CVE-2023-0297](https://github.com/overgrowncarrot1/CVE-2023-0297) @@ -1458,6 +1459,7 @@ Windows Backup Service Elevation of Privilege Vulnerability +- [Wh04m1001/CVE-2023-21752](https://github.com/Wh04m1001/CVE-2023-21752) - [yosef0x01/CVE-2023-21752](https://github.com/yosef0x01/CVE-2023-21752) ### CVE-2023-21766 (2023-01-10) @@ -3301,7 +3303,6 @@ - [SuperZero/CVE-2023-33246](https://github.com/SuperZero/CVE-2023-33246) - [Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT](https://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT) - [CKevens/CVE-2023-33246](https://github.com/CKevens/CVE-2023-33246) -- [cr1me0/rocketMq_RCE](https://github.com/cr1me0/rocketMq_RCE) - [Devil0ll/CVE-2023-33246](https://github.com/Devil0ll/CVE-2023-33246) - [d0rb/CVE-2023-33246](https://github.com/d0rb/CVE-2023-33246) - [vulncheck-oss/fetch-broker-conf](https://github.com/vulncheck-oss/fetch-broker-conf) @@ -5990,7 +5991,11 @@ - [brandon-t-elliott/CVE-2023-49438](https://github.com/brandon-t-elliott/CVE-2023-49438) -### CVE-2023-49471 +### CVE-2023-49471 (-) + +Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code. + + - [zunak/CVE-2023-49471](https://github.com/zunak/CVE-2023-49471) ### CVE-2023-49539 @@ -8408,6 +8413,7 @@ - [ColdFusionX/CVE-2022-24124](https://github.com/ColdFusionX/CVE-2022-24124) - [0xAbbarhSF/CVE-2022-24124](https://github.com/0xAbbarhSF/CVE-2022-24124) +- [b1gdog/CVE-2022-24124](https://github.com/b1gdog/CVE-2022-24124) ### CVE-2022-24125 (2022-03-19) @@ -13062,13 +13068,6 @@ - [Nate0634034090/bug-free-memory](https://github.com/Nate0634034090/bug-free-memory) -### CVE-2021-1647 (2021-01-12) - -Microsoft Defender Remote Code Execution Vulnerability - - -- [findcool/cve-2021-1647](https://github.com/findcool/cve-2021-1647) - ### CVE-2021-1656 (2021-01-12) TPM Device Driver Information Disclosure Vulnerability @@ -13213,8 +13212,6 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). -- [Al1ex/CVE-2021-2109](https://github.com/Al1ex/CVE-2021-2109) -- [rabbitsafe/CVE-2021-2109](https://github.com/rabbitsafe/CVE-2021-2109) - [yuaneuro/CVE-2021-2109_poc](https://github.com/yuaneuro/CVE-2021-2109_poc) - [dinosn/CVE-2021-2109](https://github.com/dinosn/CVE-2021-2109) - [coco0x0a/CVE-2021-2109](https://github.com/coco0x0a/CVE-2021-2109) @@ -13225,7 +13222,6 @@ Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). -- [Sauercloud/RWCTF21-VirtualBox-61-escape](https://github.com/Sauercloud/RWCTF21-VirtualBox-61-escape) - [chatbottesisgmailh/Sauercloude](https://github.com/chatbottesisgmailh/Sauercloude) - [shi10587s/Sauercloude](https://github.com/shi10587s/Sauercloude) @@ -13290,7 +13286,6 @@ - [B1anda0/CVE-2021-3019](https://github.com/B1anda0/CVE-2021-3019) - [0xf4n9x/CVE-2021-3019](https://github.com/0xf4n9x/CVE-2021-3019) -- [Maksim-venus/CVE-2021-3019](https://github.com/Maksim-venus/CVE-2021-3019) - [murataydemir/CVE-2021-3019](https://github.com/murataydemir/CVE-2021-3019) - [Aoyuh/cve-2021-3019](https://github.com/Aoyuh/cve-2021-3019) - [givemefivw/CVE-2021-3019](https://github.com/givemefivw/CVE-2021-3019) @@ -13349,20 +13344,6 @@ - [withmasday/CVE-2021-3129](https://github.com/withmasday/CVE-2021-3129) - [banyaksepuh/Mass-CVE-2021-3129-Scanner](https://github.com/banyaksepuh/Mass-CVE-2021-3129-Scanner) -### CVE-2021-3130 (2021-01-20) - -Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible. - - -- [jet-pentest/CVE-2021-3130](https://github.com/jet-pentest/CVE-2021-3130) - -### CVE-2021-3131 (2021-01-13) - -The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter. - - -- [jet-pentest/CVE-2021-3131](https://github.com/jet-pentest/CVE-2021-3131) - ### CVE-2021-3138 (2021-01-13) In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms. @@ -13449,13 +13430,6 @@ ### CVE-2021-3157 - [CrackerCat/cve-2021-3157](https://github.com/CrackerCat/cve-2021-3157) -### CVE-2021-3164 (2021-01-21) - -ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php. - - -- [rmccarth/cve-2021-3164](https://github.com/rmccarth/cve-2021-3164) - ### CVE-2021-3166 (2021-01-17) An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. An attacker can upload arbitrary file content as a firmware update when the filename Settings_DSL-N14U-B1.trx is used. Once this file is loaded, shutdown measures on a wide range of services are triggered as if it were a real update, resulting in a persistent outage of those services. @@ -17672,6 +17646,7 @@ - [safebuffer/sam-the-admin](https://github.com/safebuffer/sam-the-admin) +- [Ridter/noPac](https://github.com/Ridter/noPac) - [waterrr/noPac](https://github.com/waterrr/noPac) - [ly4k/Pachine](https://github.com/ly4k/Pachine) - [cybersecurityworks553/noPac-detection](https://github.com/cybersecurityworks553/noPac-detection) @@ -38243,9 +38218,12 @@ The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management. +- [amriunix/CVE-2007-2447](https://github.com/amriunix/CVE-2007-2447) - [Unix13/metasploitable2](https://github.com/Unix13/metasploitable2) - [b1fair/smb_usermap](https://github.com/b1fair/smb_usermap) - [JoseBarrios/CVE-2007-2447](https://github.com/JoseBarrios/CVE-2007-2447) +- [3x1t1um/CVE-2007-2447](https://github.com/3x1t1um/CVE-2007-2447) +- [xlcc4096/exploit-CVE-2007-2447](https://github.com/xlcc4096/exploit-CVE-2007-2447) - [WildfootW/CVE-2007-2447_Samba_3.0.25rc3](https://github.com/WildfootW/CVE-2007-2447_Samba_3.0.25rc3) - [Ziemni/CVE-2007-2447-in-Python](https://github.com/Ziemni/CVE-2007-2447-in-Python) - [0xKn/CVE-2007-2447](https://github.com/0xKn/CVE-2007-2447) @@ -38276,6 +38254,13 @@ - [alt3kx/CVE-2007-3830](https://github.com/alt3kx/CVE-2007-3830) +### CVE-2007-3831 (2007-07-17) + +PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. + + +- [alt3kx/CVE-2007-3831](https://github.com/alt3kx/CVE-2007-3831) + ### CVE-2007-4559 (2007-08-27) Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.