mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-28 18:44:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/09/23 12:08:45

Browse source
This commit is contained in:
motikan2010-bot 2020-09-23 12:08:45 +09:00
parent 4c5ff01557
commit e71a6b606e
27 changed files with 321 additions and 89 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
2006/CVE-2006-0450.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 289235311,
"name": "CVE-2006-0450-phpBB-2.0.15-Multiple-DoS-Vulnerabilities",
"full_name": "Parcer0\/CVE-2006-0450-phpBB-2.0.15-Multiple-DoS-Vulnerabilities",
"owner": {
"login": "Parcer0",
"id": 70012338,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/70012338?v=4",
"html_url": "https:\/\/github.com\/Parcer0"
},
"html_url": "https:\/\/github.com\/Parcer0\/CVE-2006-0450-phpBB-2.0.15-Multiple-DoS-Vulnerabilities",
"description": "CVE-2006-0450. phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service (application crash) by (1) registering many users through profile.php or (2) using search.php to search in a certain way that confuses the database.",
"fork": false,
"created_at": "2020-08-21T09:50:57Z",
"updated_at": "2020-08-28T14:58:56Z",
"pushed_at": "2020-08-28T14:58:54Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2006/CVE-2006-1236.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 168247796,
"name": "CVE-2006-1236",
"full_name": "Axua\/CVE-2006-1236",
"owner": {
"login": "Axua",
"id": 28788087,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28788087?v=4",
"html_url": "https:\/\/github.com\/Axua"
},
"html_url": "https:\/\/github.com\/Axua\/CVE-2006-1236",
"description": "Exploit script for Crossfire 1.9.0",
"fork": false,
"created_at": "2019-01-29T23:46:59Z",
"updated_at": "2019-01-29T23:50:30Z",
"pushed_at": "2019-01-29T23:50:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
}
]

48
2006/CVE-2006-3392.json Normal file
View file

@ -0,0 +1,48 @@
[
{
"id": 276101400,
"name": "CVE-2006-3392",
"full_name": "Ziani52\/CVE-2006-3392",
"owner": {
"login": "Ziani52",
"id": 53442065,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/53442065?v=4",
"html_url": "https:\/\/github.com\/Ziani52"
},
"html_url": "https:\/\/github.com\/Ziani52\/CVE-2006-3392",
"description": "Webmin < 1.290 \/ Usermin < 1.220 - Arbitrary File Disclosure (Python3)",
"fork": false,
"created_at": "2020-06-30T13:07:31Z",
"updated_at": "2020-08-05T16:17:06Z",
"pushed_at": "2020-06-30T22:21:46Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
},
{
"id": 293079568,
"name": "cve-2006-3392",
"full_name": "notclement\/cve-2006-3392",
"owner": {
"login": "notclement",
"id": 19283318,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19283318?v=4",
"html_url": "https:\/\/github.com\/notclement"
},
"html_url": "https:\/\/github.com\/notclement\/cve-2006-3392",
"description": "Read arbitrary files for servers running Webmin before 1.290 and Usermin before 1.220.",
"fork": false,
"created_at": "2020-09-05T13:17:44Z",
"updated_at": "2020-09-05T13:22:15Z",
"pushed_at": "2020-09-05T13:22:13Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

48
2006/CVE-2006-6184.json Normal file
View file

@ -0,0 +1,48 @@
[
{
"id": 63907042,
"name": "cve-2006-6184",
"full_name": "shauntdergrigorian\/cve-2006-6184",
"owner": {
"login": "shauntdergrigorian",
"id": 7718028,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/7718028?v=4",
"html_url": "https:\/\/github.com\/shauntdergrigorian"
},
"html_url": "https:\/\/github.com\/shauntdergrigorian\/cve-2006-6184",
"description": "This is a python-based standalone exploit for CVE-2006-6184. This exploit triggers a stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service or execute arbitrary code.",
"fork": false,
"created_at": "2016-07-21T22:43:43Z",
"updated_at": "2020-09-12T20:22:08Z",
"pushed_at": "2020-09-08T22:13:47Z",
"stargazers_count": 11,
"watchers_count": 11,
"forks_count": 10,
"forks": 10,
"watchers": 11,
"score": 0
},
{
"id": 205628184,
"name": "CVE-2006-6184",
"full_name": "b03902043\/CVE-2006-6184",
"owner": {
"login": "b03902043",
"id": 9023845,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/9023845?v=4",
"html_url": "https:\/\/github.com\/b03902043"
},
"html_url": "https:\/\/github.com\/b03902043\/CVE-2006-6184",
"description": "simplified version of https:\/\/github.com\/shauntdergrigorian\/cve-2006-6184",
"fork": false,
"created_at": "2019-09-01T04:18:53Z",
"updated_at": "2019-09-01T04:23:25Z",
"pushed_at": "2019-09-01T04:23:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
}
]

4
2015/CVE-2015-3224.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2018-05-03T07:41:56Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 2,
"forks": 2,
"forks_count": 3,
"forks": 3,
"watchers": 1,
"score": 0
}

8
2018/CVE-2018-1273.json
View file

@ -105,13 +105,13 @@
"description": "Spring Data Commons RCE 远程命令执行漏洞",
"fork": false,
"created_at": "2019-04-29T03:43:15Z",
"updated_at": "2020-09-17T09:32:43Z",
"updated_at": "2020-09-23T02:08:56Z",
"pushed_at": "2019-04-29T04:25:35Z",
"stargazers_count": 50,
"watchers_count": 50,
"stargazers_count": 51,
"watchers_count": 51,
"forks_count": 13,
"forks": 13,
"watchers": 50,
"watchers": 51,
"score": 0
}
]

4
2018/CVE-2018-14847.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-03-08T00:08:20Z",
"stargazers_count": 385,
"watchers_count": 385,
"forks_count": 345,
"forks": 345,
"forks_count": 346,
"forks": 346,
"watchers": 385,
"score": 0
},

8
2018/CVE-2018-15982.json
View file

@ -59,13 +59,13 @@
"description": "exp of CVE-2018-15982",
"fork": false,
"created_at": "2018-12-10T04:53:31Z",
"updated_at": "2020-09-11T14:55:29Z",
"updated_at": "2020-09-23T00:49:51Z",
"pushed_at": "2019-01-04T09:29:01Z",
"stargazers_count": 174,
"watchers_count": 174,
"stargazers_count": 175,
"watchers_count": 175,
"forks_count": 64,
"forks": 64,
"watchers": 174,
"watchers": 175,
"score": 0
},
{

8
2018/CVE-2018-5955.json
View file

@ -36,13 +36,13 @@
"description": "一款功能强大的漏洞扫描器子域名爆破使用aioDNSasyncio异步快速扫描覆盖目标全方位资产进行批量漏洞扫描中间件信息收集自动收集ip代理探测Waf信息时自动使用来保护本机真实Ip在本机Ip被Waf杀死后自动切换代理Ip进行扫描Waf信息收集(国内外100+款waf信息)包括安全狗云锁阿里云云盾腾讯云等提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能",
"fork": false,
"created_at": "2019-12-21T22:45:55Z",
"updated_at": "2020-09-22T04:48:10Z",
"updated_at": "2020-09-23T02:27:42Z",
"pushed_at": "2020-01-05T21:46:25Z",
"stargazers_count": 308,
"watchers_count": 308,
"stargazers_count": 309,
"watchers_count": 309,
"forks_count": 71,
"forks": 71,
"watchers": 308,
"watchers": 309,
"score": 0
}
]

8
2018/CVE-2018-7691.json
View file

@ -13,13 +13,13 @@
"description": "The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities in Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 ",
"fork": false,
"created_at": "2018-11-26T13:54:08Z",
"updated_at": "2018-12-15T11:18:55Z",
"updated_at": "2020-09-22T21:17:40Z",
"pushed_at": "2018-12-15T11:18:54Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0
}
]

16
2019/CVE-2019-0708.json
View file

@ -1094,13 +1094,13 @@
"description": "Scanner PoC for CVE-2019-0708 RDP RCE vuln",
"fork": false,
"created_at": "2019-05-22T00:08:44Z",
"updated_at": "2020-09-22T01:54:44Z",
"updated_at": "2020-09-23T01:07:43Z",
"pushed_at": "2019-10-01T12:23:59Z",
"stargazers_count": 1116,
"watchers_count": 1116,
"stargazers_count": 1115,
"watchers_count": 1115,
"forks_count": 379,
"forks": 379,
"watchers": 1116,
"watchers": 1115,
"score": 0
},
{
@ -1577,13 +1577,13 @@
"description": "An Attempt to Port BlueKeep PoC from @Ekultek to actual exploits",
"fork": false,
"created_at": "2019-05-31T00:04:12Z",
"updated_at": "2020-09-17T15:50:38Z",
"updated_at": "2020-09-23T01:05:32Z",
"pushed_at": "2020-05-09T09:49:14Z",
"stargazers_count": 334,
"watchers_count": 334,
"stargazers_count": 335,
"watchers_count": 335,
"forks_count": 116,
"forks": 116,
"watchers": 334,
"watchers": 335,
"score": 0
},
{

8
2019/CVE-2019-11932.json
View file

@ -36,13 +36,13 @@
"description": "This is a Automated Generate Payload for CVE-2019-11932 (WhatsApp Remote Code Execution)",
"fork": false,
"created_at": "2019-10-04T13:45:44Z",
"updated_at": "2020-09-22T01:28:11Z",
"updated_at": "2020-09-23T00:03:11Z",
"pushed_at": "2019-12-13T19:07:53Z",
"stargazers_count": 70,
"watchers_count": 70,
"stargazers_count": 69,
"watchers_count": 69,
"forks_count": 30,
"forks": 30,
"watchers": 70,
"watchers": 69,
"score": 0
},
{

8
2019/CVE-2019-17558.json
View file

@ -36,13 +36,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-09-22T13:15:29Z",
"updated_at": "2020-09-23T01:01:28Z",
"pushed_at": "2020-08-03T04:37:30Z",
"stargazers_count": 1881,
"watchers_count": 1881,
"stargazers_count": 1882,
"watchers_count": 1882,
"forks_count": 483,
"forks": 483,
"watchers": 1881,
"watchers": 1882,
"score": 0
},
{

2
2019/CVE-2019-2729.json
View file

@ -36,7 +36,7 @@
"description": "CVE-2019-2729 Exploit Script",
"fork": false,
"created_at": "2020-02-19T03:49:51Z",
"updated_at": "2020-09-22T11:29:02Z",
"updated_at": "2020-09-23T01:49:27Z",
"pushed_at": "2020-02-19T08:48:02Z",
"stargazers_count": 10,
"watchers_count": 10,

4
2019/CVE-2019-6487.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2019-01-19T10:49:21Z",
"stargazers_count": 25,
"watchers_count": 25,
"forks_count": 13,
"forks": 13,
"forks_count": 12,
"forks": 12,
"watchers": 25,
"score": 0
}

8
2020/CVE-2020-0796.json
View file

@ -1094,13 +1094,13 @@
"description": "CVE-2020-0796 Remote Code Execution POC",
"fork": false,
"created_at": "2020-04-20T14:35:48Z",
"updated_at": "2020-09-21T10:04:50Z",
"updated_at": "2020-09-22T23:50:36Z",
"pushed_at": "2020-06-09T20:46:45Z",
"stargazers_count": 318,
"watchers_count": 318,
"stargazers_count": 319,
"watchers_count": 319,
"forks_count": 102,
"forks": 102,
"watchers": 318,
"watchers": 319,
"score": 0
},
{

8
2020/CVE-2020-11651.json
View file

@ -59,13 +59,13 @@
"description": null,
"fork": false,
"created_at": "2020-05-04T08:01:37Z",
"updated_at": "2020-09-04T14:43:05Z",
"updated_at": "2020-09-23T02:18:07Z",
"pushed_at": "2020-05-04T08:11:21Z",
"stargazers_count": 95,
"watchers_count": 95,
"stargazers_count": 96,
"watchers_count": 96,
"forks_count": 32,
"forks": 32,
"watchers": 95,
"watchers": 96,
"score": 0
},
{

8
2020/CVE-2020-1206.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2020-1206 Uninitialized Kernel Memory Read POC",
"fork": false,
"created_at": "2020-04-05T15:52:43Z",
"updated_at": "2020-09-09T14:06:59Z",
"updated_at": "2020-09-22T23:50:21Z",
"pushed_at": "2020-06-09T20:41:32Z",
"stargazers_count": 119,
"watchers_count": 119,
"stargazers_count": 120,
"watchers_count": 120,
"forks_count": 35,
"forks": 35,
"watchers": 119,
"watchers": 120,
"score": 0
},
{

8
2020/CVE-2020-13162.json
View file

@ -13,13 +13,13 @@
"description": "Exploit for CVE-2020-13162",
"fork": false,
"created_at": "2020-09-02T17:58:32Z",
"updated_at": "2020-09-15T14:51:56Z",
"updated_at": "2020-09-22T21:14:36Z",
"pushed_at": "2020-09-02T19:14:21Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 6,
"forks": 6,
"watchers": 7,
"watchers": 8,
"score": 0
}
]

23
2020/CVE-2020-13933.json
View file

@ -21,5 +21,28 @@
"forks": 0,
"watchers": 4,
"score": 0
},
{
"id": 297823317,
"name": "cve-2020-13933",
"full_name": "Kamimuka\/cve-2020-13933",
"owner": {
"login": "Kamimuka",
"id": 19571618,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19571618?v=4",
"html_url": "https:\/\/github.com\/Kamimuka"
},
"html_url": "https:\/\/github.com\/Kamimuka\/cve-2020-13933",
"description": "cve-2020-13933 apache shiro权限绕过漏洞",
"fork": false,
"created_at": "2020-09-23T01:55:46Z",
"updated_at": "2020-09-23T02:00:15Z",
"pushed_at": "2020-09-23T02:00:13Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2020/CVE-2020-14386.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2020-09-17T21:25:18Z",
"updated_at": "2020-09-22T12:35:05Z",
"updated_at": "2020-09-23T00:10:46Z",
"pushed_at": "2020-09-18T00:01:00Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 4,
"forks": 4,
"watchers": 4,
"watchers": 5,
"score": 0
}
]

36
2020/CVE-2020-1472.json
View file

@ -36,13 +36,13 @@
"description": "Test tool for CVE-2020-1472",
"fork": false,
"created_at": "2020-09-08T08:58:37Z",
"updated_at": "2020-09-22T15:45:47Z",
"updated_at": "2020-09-23T01:44:51Z",
"pushed_at": "2020-09-17T08:18:25Z",
"stargazers_count": 1019,
"watchers_count": 1019,
"forks_count": 197,
"forks": 197,
"watchers": 1019,
"stargazers_count": 1021,
"watchers_count": 1021,
"forks_count": 200,
"forks": 200,
"watchers": 1021,
"score": 0
},
{
@ -82,13 +82,13 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2020-09-22T19:05:58Z",
"updated_at": "2020-09-23T01:18:45Z",
"pushed_at": "2020-09-15T15:50:03Z",
"stargazers_count": 552,
"watchers_count": 552,
"stargazers_count": 554,
"watchers_count": 554,
"forks_count": 149,
"forks": 149,
"watchers": 552,
"watchers": 554,
"score": 0
},
{
@ -151,13 +151,13 @@
"description": "Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.",
"fork": false,
"created_at": "2020-09-14T19:27:14Z",
"updated_at": "2020-09-22T09:01:51Z",
"updated_at": "2020-09-23T01:54:05Z",
"pushed_at": "2020-09-16T14:05:27Z",
"stargazers_count": 91,
"watchers_count": 91,
"stargazers_count": 93,
"watchers_count": 93,
"forks_count": 24,
"forks": 24,
"watchers": 91,
"watchers": 93,
"score": 0
},
{
@ -519,13 +519,13 @@
"description": "Test script for CVE-2020-1472 for both RPC\/TCP and RPC\/SMB",
"fork": false,
"created_at": "2020-09-17T16:53:17Z",
"updated_at": "2020-09-22T15:09:12Z",
"updated_at": "2020-09-22T21:33:33Z",
"pushed_at": "2020-09-19T09:46:30Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 0,
"forks": 0,
"watchers": 7,
"watchers": 8,
"score": 0
},
{

8
2020/CVE-2020-15148.json
View file

@ -13,13 +13,13 @@
"description": "几条关于CVE-2020-15148yii2反序列化的绕过",
"fork": false,
"created_at": "2020-09-21T03:55:55Z",
"updated_at": "2020-09-22T17:32:57Z",
"updated_at": "2020-09-23T02:41:34Z",
"pushed_at": "2020-09-21T04:04:39Z",
"stargazers_count": 37,
"watchers_count": 37,
"stargazers_count": 43,
"watchers_count": 43,
"forks_count": 2,
"forks": 2,
"watchers": 37,
"watchers": 43,
"score": 0
}
]

25
2020/CVE-2020-17382.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 297681106,
"name": "CVE-2020-17382",
"full_name": "fdiskyou\/CVE-2020-17382",
"owner": {
"login": "fdiskyou",
"id": 6840612,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6840612?v=4",
"html_url": "https:\/\/github.com\/fdiskyou"
},
"html_url": "https:\/\/github.com\/fdiskyou\/CVE-2020-17382",
"description": null,
"fork": false,
"created_at": "2020-09-22T14:50:14Z",
"updated_at": "2020-09-22T23:30:19Z",
"pushed_at": "2020-09-22T14:52:13Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
}
]

8
2020/CVE-2020-1938.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2020-1938",
"fork": false,
"created_at": "2020-02-20T16:32:52Z",
"updated_at": "2020-09-21T19:23:19Z",
"updated_at": "2020-09-23T02:09:24Z",
"pushed_at": "2020-02-25T02:04:16Z",
"stargazers_count": 196,
"watchers_count": 196,
"stargazers_count": 197,
"watchers_count": 197,
"forks_count": 92,
"forks": 92,
"watchers": 196,
"watchers": 197,
"score": 0
},
{

8
2020/CVE-2020-5902.json
View file

@ -13,13 +13,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-09-22T13:15:29Z",
"updated_at": "2020-09-23T01:01:28Z",
"pushed_at": "2020-08-03T04:37:30Z",
"stargazers_count": 1881,
"watchers_count": 1881,
"stargazers_count": 1882,
"watchers_count": 1882,
"forks_count": 483,
"forks": 483,
"watchers": 1881,
"watchers": 1882,
"score": 0
},
{

38
README.md
View file

@ -1969,6 +1969,7 @@ Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP req
</code>
- [lyy289065406/CVE-2020-13933](https://github.com/lyy289065406/CVE-2020-13933)
- [Kamimuka/cve-2020-13933](https://github.com/Kamimuka/cve-2020-13933)
### CVE-2020-13996
@ -2152,6 +2153,9 @@ ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unaut
### CVE-2020-16152
- [eriknl/CVE-2020-16152](https://github.com/eriknl/CVE-2020-16152)
### CVE-2020-17382
- [fdiskyou/CVE-2020-17382](https://github.com/fdiskyou/CVE-2020-17382)
### CVE-2020-17496
<code>
@ -15091,6 +15095,31 @@ March Networks DVR 3204 stores sensitive information under the web root with ins
## 2006
### CVE-2006-0450
<code>
phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service (application crash) by (1) registering many users through profile.php or (2) using search.php to search in a certain way that confuses the database.
</code>
- [Parcer0/CVE-2006-0450-phpBB-2.0.15-Multiple-DoS-Vulnerabilities](https://github.com/Parcer0/CVE-2006-0450-phpBB-2.0.15-Multiple-DoS-Vulnerabilities)
### CVE-2006-1236
<code>
Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010.
</code>
- [Axua/CVE-2006-1236](https://github.com/Axua/CVE-2006-1236)
### CVE-2006-3392
<code>
Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files, as demonstrated using &quot;..%01&quot; sequences, which bypass the removal of &quot;../&quot; sequences before bytes such as &quot;%01&quot; are removed from the filename. NOTE: This is a different issue than CVE-2006-3274.
</code>
- [Ziani52/CVE-2006-3392](https://github.com/Ziani52/CVE-2006-3392)
- [notclement/cve-2006-3392](https://github.com/notclement/cve-2006-3392)
### CVE-2006-3592
<code>
@ -15123,6 +15152,15 @@ The mincore function in the Linux kernel before 2.4.33.6 does not properly lock
- [tagatac/linux-CVE-2006-4814](https://github.com/tagatac/linux-CVE-2006-4814)
### CVE-2006-6184
<code>
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
</code>
- [shauntdergrigorian/cve-2006-6184](https://github.com/shauntdergrigorian/cve-2006-6184)
- [b03902043/CVE-2006-6184](https://github.com/b03902043/CVE-2006-6184)
## 2005
### CVE-2005-0603