diff --git a/2020/CVE-2020-0443.json b/2020/CVE-2020-0443.json index f2762176af..794ab4fb1e 100644 --- a/2020/CVE-2020-0443.json +++ b/2020/CVE-2020-0443.json @@ -13,10 +13,10 @@ "description": "Proof of concept app for Android permanent denial-of-service vulnerability CVE-2020-0443", "fork": false, "created_at": "2022-03-15T04:54:31Z", - "updated_at": "2023-02-26T18:36:30Z", + "updated_at": "2023-03-01T20:46:20Z", "pushed_at": "2022-03-15T05:15:48Z", - "stargazers_count": 13, - "watchers_count": 13, + "stargazers_count": 14, + "watchers_count": 14, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 13, + "watchers": 14, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 2d335d747b..7a5d3b5be4 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -1778,7 +1778,7 @@ "fork": false, "created_at": "2023-02-26T11:49:44Z", "updated_at": "2023-03-01T01:49:51Z", - "pushed_at": "2023-03-01T13:37:50Z", + "pushed_at": "2023-03-01T21:13:08Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, diff --git a/2021/CVE-2021-1675.json b/2021/CVE-2021-1675.json index 2ab397ce84..213cb06767 100644 --- a/2021/CVE-2021-1675.json +++ b/2021/CVE-2021-1675.json @@ -42,10 +42,10 @@ "description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527", "fork": false, "created_at": "2021-06-29T17:24:14Z", - "updated_at": "2023-03-01T16:30:51Z", + "updated_at": "2023-03-01T20:24:33Z", "pushed_at": "2021-07-20T15:28:13Z", - "stargazers_count": 1655, - "watchers_count": 1655, + "stargazers_count": 1656, + "watchers_count": 1656, "has_discussions": false, "forks_count": 581, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 581, - "watchers": 1655, + "watchers": 1656, "score": 0 }, { diff --git a/2021/CVE-2021-26855.json b/2021/CVE-2021-26855.json index 350406d17d..4a09202f3a 100644 --- a/2021/CVE-2021-26855.json +++ b/2021/CVE-2021-26855.json @@ -968,10 +968,10 @@ "description": "ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)", "fork": false, "created_at": "2021-03-17T03:56:54Z", - "updated_at": "2022-12-01T05:17:32Z", + "updated_at": "2023-03-02T00:09:52Z", "pushed_at": "2021-03-17T05:06:18Z", - "stargazers_count": 112, - "watchers_count": 112, + "stargazers_count": 113, + "watchers_count": 113, "has_discussions": false, "forks_count": 33, "allow_forking": true, @@ -991,7 +991,7 @@ ], "visibility": "public", "forks": 33, - "watchers": 112, + "watchers": 113, "score": 0 }, { diff --git a/2021/CVE-2021-35587.json b/2021/CVE-2021-35587.json index 13eb9be5a6..75c3df7932 100644 --- a/2021/CVE-2021-35587.json +++ b/2021/CVE-2021-35587.json @@ -18,13 +18,13 @@ "stargazers_count": 38, "watchers_count": 38, "has_discussions": false, - "forks_count": 9, + "forks_count": 10, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 9, + "forks": 10, "watchers": 38, "score": 0 } diff --git a/2021/CVE-2021-39670.json b/2021/CVE-2021-39670.json index 5feaeb6e81..9c0d56579a 100644 --- a/2021/CVE-2021-39670.json +++ b/2021/CVE-2021-39670.json @@ -13,10 +13,10 @@ "description": "Exploit app for CVE-2021-39670 and CVE-2021-39690, two permanent denial-of-service vulnerabilities in Android's wallpaper system", "fork": false, "created_at": "2023-02-23T06:36:47Z", - "updated_at": "2023-02-26T18:38:49Z", + "updated_at": "2023-03-01T20:23:57Z", "pushed_at": "2023-02-23T19:09:12Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -31,7 +31,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 6, + "watchers": 7, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index 464809539c..4dd6f1e2cc 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -77,10 +77,10 @@ "description": "CVE-2021-4034 1day", "fork": false, "created_at": "2022-01-25T23:51:37Z", - "updated_at": "2023-02-28T17:14:26Z", + "updated_at": "2023-03-01T23:25:04Z", "pushed_at": "2022-06-08T04:00:28Z", - "stargazers_count": 1752, - "watchers_count": 1752, + "stargazers_count": 1751, + "watchers_count": 1751, "has_discussions": false, "forks_count": 505, "allow_forking": true, @@ -89,7 +89,7 @@ "topics": [], "visibility": "public", "forks": 505, - "watchers": 1752, + "watchers": 1751, "score": 0 }, { @@ -164,10 +164,10 @@ "description": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)", "fork": false, "created_at": "2022-01-26T00:56:36Z", - "updated_at": "2023-02-28T17:13:53Z", + "updated_at": "2023-03-01T19:08:38Z", "pushed_at": "2022-02-12T05:22:58Z", - "stargazers_count": 953, - "watchers_count": 953, + "stargazers_count": 954, + "watchers_count": 954, "has_discussions": false, "forks_count": 311, "allow_forking": true, @@ -180,7 +180,7 @@ ], "visibility": "public", "forks": 311, - "watchers": 953, + "watchers": 954, "score": 0 }, { diff --git a/2021/CVE-2021-40449.json b/2021/CVE-2021-40449.json index 737168c419..e01b81ba66 100644 --- a/2021/CVE-2021-40449.json +++ b/2021/CVE-2021-40449.json @@ -191,10 +191,10 @@ "description": "Using CVE-2021-40449 to manual map kernel mode driver", "fork": false, "created_at": "2022-03-04T17:55:52Z", - "updated_at": "2023-02-20T18:06:06Z", + "updated_at": "2023-03-01T18:26:53Z", "pushed_at": "2022-03-05T18:34:25Z", - "stargazers_count": 71, - "watchers_count": 71, + "stargazers_count": 72, + "watchers_count": 72, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -203,7 +203,7 @@ "topics": [], "visibility": "public", "forks": 29, - "watchers": 71, + "watchers": 72, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json index 6e63711fd5..bfe81ebc89 100644 --- a/2021/CVE-2021-42278.json +++ b/2021/CVE-2021-42278.json @@ -47,10 +47,10 @@ "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", "fork": false, "created_at": "2021-12-13T10:28:12Z", - "updated_at": "2023-02-24T12:45:40Z", + "updated_at": "2023-03-01T21:46:17Z", "pushed_at": "2023-01-29T03:31:27Z", - "stargazers_count": 533, - "watchers_count": 533, + "stargazers_count": 534, + "watchers_count": 534, "has_discussions": false, "forks_count": 95, "allow_forking": true, @@ -59,7 +59,7 @@ "topics": [], "visibility": "public", "forks": 95, - "watchers": 533, + "watchers": 534, "score": 0 }, { diff --git a/2022/CVE-2022-21894.json b/2022/CVE-2022-21894.json index 1efef6032a..40e4e740d2 100644 --- a/2022/CVE-2022-21894.json +++ b/2022/CVE-2022-21894.json @@ -13,12 +13,12 @@ "description": "baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability", "fork": false, "created_at": "2022-08-09T15:53:48Z", - "updated_at": "2023-03-01T17:57:40Z", + "updated_at": "2023-03-02T00:18:09Z", "pushed_at": "2022-08-10T15:34:50Z", - "stargazers_count": 30, - "watchers_count": 30, + "stargazers_count": 39, + "watchers_count": 39, "has_discussions": false, - "forks_count": 7, + "forks_count": 10, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -30,8 +30,8 @@ "windows-boot" ], "visibility": "public", - "forks": 7, - "watchers": 30, + "forks": 10, + "watchers": 39, "score": 0 }, { @@ -48,10 +48,10 @@ "description": "Example payload for CVE-2022-21894", "fork": false, "created_at": "2022-08-18T23:45:47Z", - "updated_at": "2023-03-01T14:45:18Z", + "updated_at": "2023-03-01T18:40:10Z", "pushed_at": "2022-08-18T13:53:06Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -60,7 +60,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 4, + "watchers": 5, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-35841.json b/2022/CVE-2022-35841.json index 3784dd19dd..d90cbbdd5a 100644 --- a/2022/CVE-2022-35841.json +++ b/2022/CVE-2022-35841.json @@ -13,10 +13,10 @@ "description": "small writeup on EnterpriseModernAppManager::ProvisionApplication bug", "fork": false, "created_at": "2022-09-13T17:53:56Z", - "updated_at": "2023-01-30T20:01:10Z", + "updated_at": "2023-03-02T00:15:46Z", "pushed_at": "2022-09-13T18:05:35Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-42889.json b/2022/CVE-2022-42889.json index 45460b123b..b08cf7d14c 100644 --- a/2022/CVE-2022-42889.json +++ b/2022/CVE-2022-42889.json @@ -1032,7 +1032,7 @@ "fork": false, "created_at": "2023-02-19T19:49:41Z", "updated_at": "2023-02-19T20:21:31Z", - "pushed_at": "2023-02-20T02:36:28Z", + "pushed_at": "2023-03-01T23:53:55Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, @@ -1074,5 +1074,34 @@ "forks": 0, "watchers": 1, "score": 0 + }, + { + "id": 608352501, + "name": "text4shell", + "full_name": "hotblac\/text4shell", + "owner": { + "login": "hotblac", + "id": 4406140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4406140?v=4", + "html_url": "https:\/\/github.com\/hotblac" + }, + "html_url": "https:\/\/github.com\/hotblac\/text4shell", + "description": "A demonstration of CVE-2022-42889 (text4shell) remote code execution vulnerability", + "fork": false, + "created_at": "2023-03-01T20:56:37Z", + "updated_at": "2023-03-01T20:57:17Z", + "pushed_at": "2023-03-01T21:02:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-44268.json b/2022/CVE-2022-44268.json index 5620f8e63a..de1a6a19f9 100644 --- a/2022/CVE-2022-44268.json +++ b/2022/CVE-2022-44268.json @@ -190,19 +190,19 @@ "description": "A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read", "fork": false, "created_at": "2023-02-05T18:42:27Z", - "updated_at": "2023-03-01T05:51:01Z", + "updated_at": "2023-03-01T22:25:26Z", "pushed_at": "2023-02-05T19:35:03Z", - "stargazers_count": 102, - "watchers_count": 102, + "stargazers_count": 103, + "watchers_count": 103, "has_discussions": false, - "forks_count": 13, + "forks_count": 14, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 13, - "watchers": 102, + "forks": 14, + "watchers": 103, "score": 0 }, { diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index 2bbe351187..9d6724e7e0 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -71,10 +71,10 @@ "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", "fork": false, "created_at": "2022-12-26T06:56:35Z", - "updated_at": "2023-03-01T16:36:57Z", + "updated_at": "2023-03-01T20:38:12Z", "pushed_at": "2023-02-21T04:16:19Z", - "stargazers_count": 750, - "watchers_count": 750, + "stargazers_count": 751, + "watchers_count": 751, "has_discussions": false, "forks_count": 53, "allow_forking": true, @@ -83,7 +83,7 @@ "topics": [], "visibility": "public", "forks": 53, - "watchers": 750, + "watchers": 751, "score": 0 }, { @@ -349,10 +349,10 @@ "description": "CVE-2022-46689", "fork": false, "created_at": "2023-01-26T19:52:30Z", - "updated_at": "2023-03-01T17:13:56Z", + "updated_at": "2023-03-01T19:14:20Z", "pushed_at": "2023-03-01T07:20:02Z", - "stargazers_count": 130, - "watchers_count": 130, + "stargazers_count": 131, + "watchers_count": 131, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -361,7 +361,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 130, + "watchers": 131, "score": 0 }, { diff --git a/2022/CVE-2022-48309.json b/2022/CVE-2022-48309.json index 750d7c666b..a667cfedf7 100644 --- a/2022/CVE-2022-48309.json +++ b/2022/CVE-2022-48309.json @@ -14,7 +14,7 @@ "fork": false, "created_at": "2023-02-25T19:22:41Z", "updated_at": "2023-02-25T19:51:38Z", - "pushed_at": "2023-02-25T19:51:14Z", + "pushed_at": "2023-03-01T19:43:36Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2023/CVE-2023-0179.json b/2023/CVE-2023-0179.json index a0d180918b..07c742ba87 100644 --- a/2023/CVE-2023-0179.json +++ b/2023/CVE-2023-0179.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2023-01-21T01:02:01Z", - "updated_at": "2023-02-28T14:23:47Z", + "updated_at": "2023-03-01T22:07:20Z", "pushed_at": "2023-02-16T13:49:47Z", - "stargazers_count": 118, - "watchers_count": 118, + "stargazers_count": 119, + "watchers_count": 119, "has_discussions": false, "forks_count": 19, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 19, - "watchers": 118, + "watchers": 119, "score": 0 } ] \ No newline at end of file diff --git a/2023/CVE-2023-0669.json b/2023/CVE-2023-0669.json index 7d7db66030..b88e8046e9 100644 --- a/2023/CVE-2023-0669.json +++ b/2023/CVE-2023-0669.json @@ -13,10 +13,10 @@ "description": "CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.", "fork": false, "created_at": "2023-02-10T13:02:55Z", - "updated_at": "2023-03-01T13:39:30Z", + "updated_at": "2023-03-01T22:10:08Z", "pushed_at": "2023-02-13T07:15:28Z", - "stargazers_count": 57, - "watchers_count": 57, + "stargazers_count": 59, + "watchers_count": 59, "has_discussions": false, "forks_count": 12, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 12, - "watchers": 57, + "watchers": 59, "score": 0 }, { diff --git a/README.md b/README.md index b012d6df87..aaecb4193d 100644 --- a/README.md +++ b/README.md @@ -5477,6 +5477,7 @@ Apache Commons Text performs variable interpolation, allowing properties to be d - [f0ng/text4shellburpscanner](https://github.com/f0ng/text4shellburpscanner) - [WFS-Mend/vtrade-common](https://github.com/WFS-Mend/vtrade-common) - [devenes/text4shell-cve-2022-42889](https://github.com/devenes/text4shell-cve-2022-42889) +- [hotblac/text4shell](https://github.com/hotblac/text4shell) ### CVE-2022-42899 (2022-10-12) @@ -6051,7 +6052,12 @@ TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers - [ryan412/CVE-2022-48197](https://github.com/ryan412/CVE-2022-48197) -### CVE-2022-48309 +### CVE-2022-48309 (2023-03-01) + + +A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90. + + - [nitschSB/CVE-2022-48309-and-CVE-2022-48310](https://github.com/nitschSB/CVE-2022-48309-and-CVE-2022-48310) ### CVE-2022-48311 (2023-02-06)