From eb136b9d3d3a12ba9d5c1be07b17c812d9930e1f Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 12 Aug 2022 15:17:33 +0900 Subject: [PATCH] Auto Update 2022/08/12 06:17:33 --- 2014/CVE-2014-4210.json | 8 +- 2016/CVE-2016-0638.json | 8 +- 2016/CVE-2016-10033.json | 4 +- 2017/CVE-2017-3248.json | 8 +- 2017/CVE-2017-8759.json | 8 +- 2018/CVE-2018-14847.json | 2 +- 2018/CVE-2018-16156.json | 4 +- 2018/CVE-2018-2628.json | 8 +- 2019/CVE-2019-0230.json | 28 ++++++ 2019/CVE-2019-17558.json | 36 ++++++- 2019/CVE-2019-2618.json | 16 ++-- 2019/CVE-2019-3980.json | 28 ++++++ 2019/CVE-2019-5427.json | 30 ++++++ 2020/CVE-2020-14882.json | 8 +- 2020/CVE-2020-14883.json | 8 +- 2020/CVE-2020-1938.json | 8 +- 2020/CVE-2020-2551.json | 8 +- 2020/CVE-2020-2883.json | 8 +- 2021/CVE-2021-25646.json | 8 +- 2021/CVE-2021-3129.json | 12 +-- 2021/CVE-2021-4034.json | 8 +- 2021/CVE-2021-4154.json | 8 +- 2022/CVE-2022-0185.json | 56 +++++++++++ 2022/CVE-2022-0219.json | 30 ++++++ 2022/CVE-2022-0236.json | 60 ++++++++++++ 2022/CVE-2022-0332.json | 30 ++++++ 2022/CVE-2022-1388.json | 8 +- 2022/CVE-2022-2022.json | 8 +- 2022/CVE-2022-20699.json | 58 +++++++++++ 2022/CVE-2022-21241.json | 35 +++++++ 2022/CVE-2022-21371.json | 30 ++++++ 2022/CVE-2022-21658.json | 34 +++++++ 2022/CVE-2022-21660.json | 28 ++++++ 2022/CVE-2022-21661.json | 56 +++++++++++ 2022/CVE-2022-2185.json | 8 +- 2022/CVE-2022-21877.json | 30 ++++++ 2022/CVE-2022-21882.json | 146 ++++++++++++++++++++++++++++ 2022/CVE-2022-21894.json | 8 +- 2022/CVE-2022-21907.json | 112 ++++++++++++++++++++++ 2022/CVE-2022-21999.json | 33 +++++++ 2022/CVE-2022-22296.json | 30 ++++++ 2022/CVE-2022-22828.json | 30 ++++++ 2022/CVE-2022-22850.json | 30 ++++++ 2022/CVE-2022-22851.json | 30 ++++++ 2022/CVE-2022-22852.json | 30 ++++++ 2022/CVE-2022-22965.json | 4 +- 2022/CVE-2022-23046.json | 56 +++++++++++ 2022/CVE-2022-23131.json | 112 ++++++++++++++++++++++ 2022/CVE-2022-23305.json | 30 ++++++ 2022/CVE-2022-23378.json | 30 ++++++ 2022/CVE-2022-23808.json | 48 ++++++++++ 2022/CVE-2022-23967.json | 30 ++++++ 2022/CVE-2022-24348.json | 30 ++++++ 2022/CVE-2022-25257.json | 28 ++++++ 2022/CVE-2022-25258.json | 30 ++++++ 2022/CVE-2022-25375.json | 30 ++++++ 2022/CVE-2022-2588.json | 12 +-- 2022/CVE-2022-26134.json | 8 +- 2022/CVE-2022-33891.json | 8 +- 2022/CVE-2022-33980.json | 8 +- 2022/CVE-2022-34918.json | 8 +- README.md | 202 +++++++++++++++++++++++++++++++++++++++ 62 files changed, 1743 insertions(+), 115 deletions(-) create mode 100644 2019/CVE-2019-5427.json create mode 100644 2022/CVE-2022-0219.json create mode 100644 2022/CVE-2022-0236.json create mode 100644 2022/CVE-2022-0332.json create mode 100644 2022/CVE-2022-20699.json create mode 100644 2022/CVE-2022-21241.json create mode 100644 2022/CVE-2022-21371.json create mode 100644 2022/CVE-2022-21658.json create mode 100644 2022/CVE-2022-21877.json create mode 100644 2022/CVE-2022-21882.json create mode 100644 2022/CVE-2022-21999.json create mode 100644 2022/CVE-2022-22296.json create mode 100644 2022/CVE-2022-22828.json create mode 100644 2022/CVE-2022-22850.json create mode 100644 2022/CVE-2022-22851.json create mode 100644 2022/CVE-2022-22852.json create mode 100644 2022/CVE-2022-23378.json create mode 100644 2022/CVE-2022-23808.json create mode 100644 2022/CVE-2022-23967.json create mode 100644 2022/CVE-2022-24348.json create mode 100644 2022/CVE-2022-25258.json create mode 100644 2022/CVE-2022-25375.json diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index c7a4653a54..eaec64a537 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -41,10 +41,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-08-11T07:33:57Z", + "updated_at": "2022-08-12T03:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1468, - "watchers_count": 1468, + "stargazers_count": 1469, + "watchers_count": 1469, "forks_count": 303, "allow_forking": true, "is_template": false, @@ -73,7 +73,7 @@ ], "visibility": "public", "forks": 303, - "watchers": 1468, + "watchers": 1469, "score": 0 }, { diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index befd8c9bf1..5f910d25b3 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-08-11T07:33:57Z", + "updated_at": "2022-08-12T03:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1468, - "watchers_count": 1468, + "stargazers_count": 1469, + "watchers_count": 1469, "forks_count": 303, "allow_forking": true, "is_template": false, @@ -45,7 +45,7 @@ ], "visibility": "public", "forks": 303, - "watchers": 1468, + "watchers": 1469, "score": 0 }, { diff --git a/2016/CVE-2016-10033.json b/2016/CVE-2016-10033.json index 84bbdea183..aba442907c 100644 --- a/2016/CVE-2016-10033.json +++ b/2016/CVE-2016-10033.json @@ -368,13 +368,13 @@ "pushed_at": "2022-08-05T08:25:28Z", "stargazers_count": 0, "watchers_count": 0, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 0, "score": 0 } diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 2232cf4605..9d327c8696 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -41,10 +41,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-08-11T07:33:57Z", + "updated_at": "2022-08-12T03:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1468, - "watchers_count": 1468, + "stargazers_count": 1469, + "watchers_count": 1469, "forks_count": 303, "allow_forking": true, "is_template": false, @@ -73,7 +73,7 @@ ], "visibility": "public", "forks": 303, - "watchers": 1468, + "watchers": 1469, "score": 0 }, { diff --git a/2017/CVE-2017-8759.json b/2017/CVE-2017-8759.json index 7dab854c25..df24b84046 100644 --- a/2017/CVE-2017-8759.json +++ b/2017/CVE-2017-8759.json @@ -13,10 +13,10 @@ "description": "Running CVE-2017-8759 exploit sample.", "fork": false, "created_at": "2017-09-13T09:50:04Z", - "updated_at": "2022-06-13T07:35:42Z", + "updated_at": "2022-08-12T00:09:58Z", "pushed_at": "2020-01-23T06:53:00Z", - "stargazers_count": 255, - "watchers_count": 255, + "stargazers_count": 256, + "watchers_count": 256, "forks_count": 110, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 110, - "watchers": 255, + "watchers": 256, "score": 0 }, { diff --git a/2018/CVE-2018-14847.json b/2018/CVE-2018-14847.json index 488d79b85d..e849143bcc 100644 --- a/2018/CVE-2018-14847.json +++ b/2018/CVE-2018-14847.json @@ -13,7 +13,7 @@ "description": "Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847)", "fork": false, "created_at": "2018-06-24T05:34:05Z", - "updated_at": "2022-08-07T18:07:56Z", + "updated_at": "2022-08-12T03:49:34Z", "pushed_at": "2020-10-16T12:09:45Z", "stargazers_count": 470, "watchers_count": 470, diff --git a/2018/CVE-2018-16156.json b/2018/CVE-2018-16156.json index 09262f954f..7fdc9b4945 100644 --- a/2018/CVE-2018-16156.json +++ b/2018/CVE-2018-16156.json @@ -17,13 +17,13 @@ "pushed_at": "2018-12-11T22:29:58Z", "stargazers_count": 1, "watchers_count": 1, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, + "forks": 2, "watchers": 1, "score": 0 } diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index f5f352e398..408031b89f 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -549,10 +549,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-08-11T07:33:57Z", + "updated_at": "2022-08-12T03:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1468, - "watchers_count": 1468, + "stargazers_count": 1469, + "watchers_count": 1469, "forks_count": 303, "allow_forking": true, "is_template": false, @@ -581,7 +581,7 @@ ], "visibility": "public", "forks": 303, - "watchers": 1468, + "watchers": 1469, "score": 0 }, { diff --git a/2019/CVE-2019-0230.json b/2019/CVE-2019-0230.json index 24e2386623..64b2693327 100644 --- a/2019/CVE-2019-0230.json +++ b/2019/CVE-2019-0230.json @@ -117,5 +117,33 @@ "forks": 2, "watchers": 9, "score": 0 + }, + { + "id": 320658849, + "name": "CVE-2019-0230_Struts2S2-059", + "full_name": "tw-eason-tseng\/CVE-2019-0230_Struts2S2-059", + "owner": { + "login": "tw-eason-tseng", + "id": 7005895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7005895?v=4", + "html_url": "https:\/\/github.com\/tw-eason-tseng" + }, + "html_url": "https:\/\/github.com\/tw-eason-tseng\/CVE-2019-0230_Struts2S2-059", + "description": null, + "fork": false, + "created_at": "2020-12-11T18:57:14Z", + "updated_at": "2021-08-27T17:41:18Z", + "pushed_at": "2020-12-11T19:32:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index 325de71720..b4e5c552fa 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -41,10 +41,10 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2022-08-11T07:18:24Z", + "updated_at": "2022-08-12T01:42:08Z", "pushed_at": "2021-04-04T09:13:57Z", - "stargazers_count": 3477, - "watchers_count": 3477, + "stargazers_count": 3478, + "watchers_count": 3478, "forks_count": 1023, "allow_forking": true, "is_template": false, @@ -72,7 +72,7 @@ ], "visibility": "public", "forks": 1023, - "watchers": 3477, + "watchers": 3478, "score": 0 }, { @@ -102,5 +102,33 @@ "forks": 1, "watchers": 2, "score": 0 + }, + { + "id": 321554194, + "name": "Exploit_CVE-2019-17558-RCE", + "full_name": "xkyrage\/Exploit_CVE-2019-17558-RCE", + "owner": { + "login": "xkyrage", + "id": 57317804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57317804?v=4", + "html_url": "https:\/\/github.com\/xkyrage" + }, + "html_url": "https:\/\/github.com\/xkyrage\/Exploit_CVE-2019-17558-RCE", + "description": "Apache Solr 1.4 Injection to get a shell", + "fork": false, + "created_at": "2020-12-15T04:38:06Z", + "updated_at": "2020-12-15T04:40:53Z", + "pushed_at": "2020-12-15T04:40:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 1c25d66aba..16ce63c498 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -97,10 +97,10 @@ "description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持", "fork": false, "created_at": "2019-06-21T09:22:43Z", - "updated_at": "2022-08-08T10:31:24Z", + "updated_at": "2022-08-12T03:59:17Z", "pushed_at": "2020-04-26T10:49:25Z", - "stargazers_count": 819, - "watchers_count": 819, + "stargazers_count": 820, + "watchers_count": 820, "forks_count": 172, "allow_forking": true, "is_template": false, @@ -108,7 +108,7 @@ "topics": [], "visibility": "public", "forks": 172, - "watchers": 819, + "watchers": 820, "score": 0 }, { @@ -181,10 +181,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-08-11T07:33:57Z", + "updated_at": "2022-08-12T03:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1468, - "watchers_count": 1468, + "stargazers_count": 1469, + "watchers_count": 1469, "forks_count": 303, "allow_forking": true, "is_template": false, @@ -213,7 +213,7 @@ ], "visibility": "public", "forks": 303, - "watchers": 1468, + "watchers": 1469, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-3980.json b/2019/CVE-2019-3980.json index 327ef07847..3fcd50416f 100644 --- a/2019/CVE-2019-3980.json +++ b/2019/CVE-2019-3980.json @@ -1,4 +1,32 @@ [ + { + "id": 284718304, + "name": "CVE-2019-3980", + "full_name": "warferik\/CVE-2019-3980", + "owner": { + "login": "warferik", + "id": 16766938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16766938?v=4", + "html_url": "https:\/\/github.com\/warferik" + }, + "html_url": "https:\/\/github.com\/warferik\/CVE-2019-3980", + "description": null, + "fork": false, + "created_at": "2020-08-03T14:12:56Z", + "updated_at": "2022-08-08T11:31:57Z", + "pushed_at": "2020-12-12T03:41:43Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 17, + "score": 0 + }, { "id": 419046445, "name": "CVE-2019-3980", diff --git a/2019/CVE-2019-5427.json b/2019/CVE-2019-5427.json new file mode 100644 index 0000000000..5ae8e8848c --- /dev/null +++ b/2019/CVE-2019-5427.json @@ -0,0 +1,30 @@ +[ + { + "id": 321055902, + "name": "cp30_XXE_partial_fix", + "full_name": "shanika04\/cp30_XXE_partial_fix", + "owner": { + "login": "shanika04", + "id": 73774345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4", + "html_url": "https:\/\/github.com\/shanika04" + }, + "html_url": "https:\/\/github.com\/shanika04\/cp30_XXE_partial_fix", + "description": "version between CVE-2018-20433 and CVE-2019-5427", + "fork": false, + "created_at": "2020-12-13T12:08:30Z", + "updated_at": "2020-12-13T12:10:34Z", + "pushed_at": "2020-12-13T12:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index e879a4feb2..9761eeabba 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -13,10 +13,10 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2022-08-11T07:18:24Z", + "updated_at": "2022-08-12T01:42:08Z", "pushed_at": "2021-04-04T09:13:57Z", - "stargazers_count": 3477, - "watchers_count": 3477, + "stargazers_count": 3478, + "watchers_count": 3478, "forks_count": 1023, "allow_forking": true, "is_template": false, @@ -44,7 +44,7 @@ ], "visibility": "public", "forks": 1023, - "watchers": 3477, + "watchers": 3478, "score": 0 }, { diff --git a/2020/CVE-2020-14883.json b/2020/CVE-2020-14883.json index 8292ce005c..cdb47e2e77 100644 --- a/2020/CVE-2020-14883.json +++ b/2020/CVE-2020-14883.json @@ -125,10 +125,10 @@ "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE", "fork": false, "created_at": "2021-03-11T22:49:17Z", - "updated_at": "2022-08-07T18:33:07Z", + "updated_at": "2022-08-12T05:58:52Z", "pushed_at": "2021-07-30T03:28:00Z", - "stargazers_count": 983, - "watchers_count": 983, + "stargazers_count": 984, + "watchers_count": 984, "forks_count": 312, "allow_forking": true, "is_template": false, @@ -140,7 +140,7 @@ ], "visibility": "public", "forks": 312, - "watchers": 983, + "watchers": 984, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 08360f9253..3ce021dba1 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -265,10 +265,10 @@ "description": "批量扫描TomcatAJP漏洞", "fork": false, "created_at": "2020-02-21T14:55:40Z", - "updated_at": "2021-12-05T20:47:57Z", + "updated_at": "2022-08-12T03:40:00Z", "pushed_at": "2020-02-22T01:58:22Z", - "stargazers_count": 12, - "watchers_count": 12, + "stargazers_count": 13, + "watchers_count": 13, "forks_count": 3, "allow_forking": true, "is_template": false, @@ -276,7 +276,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 12, + "watchers": 13, "score": 0 }, { diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 07dd43e376..9507b811a5 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2022-08-11T07:33:57Z", + "updated_at": "2022-08-12T03:21:58Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1468, - "watchers_count": 1468, + "stargazers_count": 1469, + "watchers_count": 1469, "forks_count": 303, "allow_forking": true, "is_template": false, @@ -45,7 +45,7 @@ ], "visibility": "public", "forks": 303, - "watchers": 1468, + "watchers": 1469, "score": 0 }, { diff --git a/2020/CVE-2020-2883.json b/2020/CVE-2020-2883.json index e9d9888f9d..d32ffbb5e2 100644 --- a/2020/CVE-2020-2883.json +++ b/2020/CVE-2020-2883.json @@ -13,10 +13,10 @@ "description": "Weblogic coherence.jar RCE", "fork": false, "created_at": "2020-05-10T09:04:43Z", - "updated_at": "2022-07-26T02:47:04Z", + "updated_at": "2022-08-12T02:41:48Z", "pushed_at": "2020-05-10T09:29:36Z", - "stargazers_count": 177, - "watchers_count": 177, + "stargazers_count": 178, + "watchers_count": 178, "forks_count": 41, "allow_forking": true, "is_template": false, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 41, - "watchers": 177, + "watchers": 178, "score": 0 }, { diff --git a/2021/CVE-2021-25646.json b/2021/CVE-2021-25646.json index 7cf9209122..43335fb8b5 100644 --- a/2021/CVE-2021-25646.json +++ b/2021/CVE-2021-25646.json @@ -125,10 +125,10 @@ "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE", "fork": false, "created_at": "2021-03-11T22:49:17Z", - "updated_at": "2022-08-07T18:33:07Z", + "updated_at": "2022-08-12T05:58:52Z", "pushed_at": "2021-07-30T03:28:00Z", - "stargazers_count": 983, - "watchers_count": 983, + "stargazers_count": 984, + "watchers_count": 984, "forks_count": 312, "allow_forking": true, "is_template": false, @@ -140,7 +140,7 @@ ], "visibility": "public", "forks": 312, - "watchers": 983, + "watchers": 984, "score": 0 }, { diff --git a/2021/CVE-2021-3129.json b/2021/CVE-2021-3129.json index 03a879b0ea..64e2c645a7 100644 --- a/2021/CVE-2021-3129.json +++ b/2021/CVE-2021-3129.json @@ -129,7 +129,7 @@ "pushed_at": "2021-03-07T04:39:58Z", "stargazers_count": 53, "watchers_count": 53, - "forks_count": 24, + "forks_count": 25, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -139,7 +139,7 @@ "security" ], "visibility": "public", - "forks": 24, + "forks": 25, "watchers": 53, "score": 0 }, @@ -213,10 +213,10 @@ "description": "CVE-2021-3129-Laravel Debug mode 远程代码执行漏洞", "fork": false, "created_at": "2021-02-21T06:27:18Z", - "updated_at": "2021-12-05T21:01:27Z", + "updated_at": "2022-08-12T03:18:26Z", "pushed_at": "2021-11-23T07:22:19Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "forks_count": 10, "allow_forking": true, "is_template": false, @@ -224,7 +224,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 4, + "watchers": 5, "score": 0 }, { diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index 8f50cfdab6..2356baa3ce 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -163,7 +163,7 @@ "pushed_at": "2022-02-12T05:22:58Z", "stargazers_count": 898, "watchers_count": 898, - "forks_count": 290, + "forks_count": 291, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -173,7 +173,7 @@ "poc" ], "visibility": "public", - "forks": 290, + "forks": 291, "watchers": 898, "score": 0 }, @@ -1253,13 +1253,13 @@ "pushed_at": "2022-01-28T00:29:15Z", "stargazers_count": 73, "watchers_count": 73, - "forks_count": 23, + "forks_count": 24, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 23, + "forks": 24, "watchers": 73, "score": 0 }, diff --git a/2021/CVE-2021-4154.json b/2021/CVE-2021-4154.json index 29b29480c7..215f2008d5 100644 --- a/2021/CVE-2021-4154.json +++ b/2021/CVE-2021-4154.json @@ -13,10 +13,10 @@ "description": "CVE-2021-4154 exploit", "fork": false, "created_at": "2022-08-11T05:46:27Z", - "updated_at": "2022-08-11T06:00:13Z", + "updated_at": "2022-08-12T04:54:48Z", "pushed_at": "2022-08-11T06:00:10Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 2, + "watchers_count": 2, "forks_count": 1, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 0, + "watchers": 2, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0185.json b/2022/CVE-2022-0185.json index c4263ec81e..43853d4db5 100644 --- a/2022/CVE-2022-0185.json +++ b/2022/CVE-2022-0185.json @@ -27,6 +27,62 @@ "watchers": 329, "score": 0 }, + { + "id": 452351785, + "name": "cve-2022-0185-crash-poc", + "full_name": "discordianfish\/cve-2022-0185-crash-poc", + "owner": { + "login": "discordianfish", + "id": 275966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/275966?v=4", + "html_url": "https:\/\/github.com\/discordianfish" + }, + "html_url": "https:\/\/github.com\/discordianfish\/cve-2022-0185-crash-poc", + "description": null, + "fork": false, + "created_at": "2022-01-26T16:27:50Z", + "updated_at": "2022-06-21T02:30:36Z", + "pushed_at": "2022-01-26T16:45:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0 + }, + { + "id": 452756684, + "name": "CVE-2022-0185", + "full_name": "khaclep007\/CVE-2022-0185", + "owner": { + "login": "khaclep007", + "id": 45098044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45098044?v=4", + "html_url": "https:\/\/github.com\/khaclep007" + }, + "html_url": "https:\/\/github.com\/khaclep007\/CVE-2022-0185", + "description": null, + "fork": false, + "created_at": "2022-01-27T16:24:35Z", + "updated_at": "2022-01-27T16:25:54Z", + "pushed_at": "2022-01-27T16:25:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 460788495, "name": "CVE-2022-0185", diff --git a/2022/CVE-2022-0219.json b/2022/CVE-2022-0219.json new file mode 100644 index 0000000000..7d58635280 --- /dev/null +++ b/2022/CVE-2022-0219.json @@ -0,0 +1,30 @@ +[ + { + "id": 450128440, + "name": "CVE-2022-0219", + "full_name": "Haxatron\/CVE-2022-0219", + "owner": { + "login": "Haxatron", + "id": 76475453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76475453?v=4", + "html_url": "https:\/\/github.com\/Haxatron" + }, + "html_url": "https:\/\/github.com\/Haxatron\/CVE-2022-0219", + "description": null, + "fork": false, + "created_at": "2022-01-20T14:24:45Z", + "updated_at": "2022-01-20T14:24:45Z", + "pushed_at": "2022-01-20T14:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0236.json b/2022/CVE-2022-0236.json new file mode 100644 index 0000000000..4b43a93ec1 --- /dev/null +++ b/2022/CVE-2022-0236.json @@ -0,0 +1,60 @@ +[ + { + "id": 448514056, + "name": "CVE-2022-0236", + "full_name": "qurbat\/CVE-2022-0236", + "owner": { + "login": "qurbat", + "id": 37518297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37518297?v=4", + "html_url": "https:\/\/github.com\/qurbat" + }, + "html_url": "https:\/\/github.com\/qurbat\/CVE-2022-0236", + "description": "Proof of concept for unauthenticated sensitive data disclosure affecting the wp-import-export WordPress plugin (CVE-2022-0236)", + "fork": false, + "created_at": "2022-01-16T09:52:28Z", + "updated_at": "2022-07-07T07:47:57Z", + "pushed_at": "2022-01-18T17:14:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "wordpress-security" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 448893968, + "name": "CVE-2022-0236", + "full_name": "xiska62314\/CVE-2022-0236", + "owner": { + "login": "xiska62314", + "id": 97891523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4", + "html_url": "https:\/\/github.com\/xiska62314" + }, + "html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-0236", + "description": "CVE-2022-0236", + "fork": false, + "created_at": "2022-01-17T12:56:19Z", + "updated_at": "2022-01-17T12:56:19Z", + "pushed_at": "2022-01-17T12:56:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0332.json b/2022/CVE-2022-0332.json new file mode 100644 index 0000000000..506937b550 --- /dev/null +++ b/2022/CVE-2022-0332.json @@ -0,0 +1,30 @@ +[ + { + "id": 452082369, + "name": "CVE-2022-0332", + "full_name": "numanturle\/CVE-2022-0332", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2022-0332", + "description": null, + "fork": false, + "created_at": "2022-01-25T23:58:17Z", + "updated_at": "2022-08-07T22:41:26Z", + "pushed_at": "2022-01-26T00:18:26Z", + "stargazers_count": 31, + "watchers_count": 31, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 31, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1388.json b/2022/CVE-2022-1388.json index a605488a29..40847c0b0f 100644 --- a/2022/CVE-2022-1388.json +++ b/2022/CVE-2022-1388.json @@ -321,10 +321,10 @@ "description": "POC for CVE-2022-1388", "fork": false, "created_at": "2022-05-09T11:46:45Z", - "updated_at": "2022-08-08T04:07:33Z", + "updated_at": "2022-08-12T05:54:18Z", "pushed_at": "2022-05-09T20:52:07Z", - "stargazers_count": 214, - "watchers_count": 214, + "stargazers_count": 215, + "watchers_count": 215, "forks_count": 36, "allow_forking": true, "is_template": false, @@ -332,7 +332,7 @@ "topics": [], "visibility": "public", "forks": 36, - "watchers": 214, + "watchers": 215, "score": 0 }, { diff --git a/2022/CVE-2022-2022.json b/2022/CVE-2022-2022.json index db1c94ca58..79f4be8231 100644 --- a/2022/CVE-2022-2022.json +++ b/2022/CVE-2022-2022.json @@ -13,10 +13,10 @@ "description": "CVE-2022-2022", "fork": false, "created_at": "2021-11-22T12:57:22Z", - "updated_at": "2022-08-11T13:45:31Z", + "updated_at": "2022-08-12T03:36:29Z", "pushed_at": "2022-08-03T08:39:29Z", - "stargazers_count": 307, - "watchers_count": 307, + "stargazers_count": 309, + "watchers_count": 309, "forks_count": 130, "allow_forking": true, "is_template": false, @@ -24,7 +24,7 @@ "topics": [], "visibility": "public", "forks": 130, - "watchers": 307, + "watchers": 309, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-20699.json b/2022/CVE-2022-20699.json new file mode 100644 index 0000000000..b44de5c34d --- /dev/null +++ b/2022/CVE-2022-20699.json @@ -0,0 +1,58 @@ +[ + { + "id": 456573106, + "name": "CVE-2022-20699", + "full_name": "Audiobahn\/CVE-2022-20699", + "owner": { + "login": "Audiobahn", + "id": 98435709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98435709?v=4", + "html_url": "https:\/\/github.com\/Audiobahn" + }, + "html_url": "https:\/\/github.com\/Audiobahn\/CVE-2022-20699", + "description": "Cisco Anyconnect VPN unauth RCE (rwx stack)", + "fork": false, + "created_at": "2022-02-07T15:53:21Z", + "updated_at": "2022-08-07T12:56:13Z", + "pushed_at": "2022-02-07T15:55:03Z", + "stargazers_count": 234, + "watchers_count": 234, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 234, + "score": 0 + }, + { + "id": 459040811, + "name": "CVE-2022-20699", + "full_name": "rohankumardubey\/CVE-2022-20699", + "owner": { + "login": "rohankumardubey", + "id": 82864904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82864904?v=4", + "html_url": "https:\/\/github.com\/rohankumardubey" + }, + "html_url": "https:\/\/github.com\/rohankumardubey\/CVE-2022-20699", + "description": null, + "fork": false, + "created_at": "2022-02-14T06:23:06Z", + "updated_at": "2022-02-16T21:53:09Z", + "pushed_at": "2022-02-14T06:23:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21241.json b/2022/CVE-2022-21241.json new file mode 100644 index 0000000000..a64fd7abe8 --- /dev/null +++ b/2022/CVE-2022-21241.json @@ -0,0 +1,35 @@ +[ + { + "id": 379108906, + "name": "csv-plus_vulnerability", + "full_name": "satoki\/csv-plus_vulnerability", + "owner": { + "login": "satoki", + "id": 54702093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54702093?v=4", + "html_url": "https:\/\/github.com\/satoki" + }, + "html_url": "https:\/\/github.com\/satoki\/csv-plus_vulnerability", + "description": "👻 [PoC] CSV+ 0.8.0 - Arbitrary Code Execution (CVE-2022-21241)", + "fork": false, + "created_at": "2021-06-22T01:36:16Z", + "updated_at": "2022-05-08T09:30:58Z", + "pushed_at": "2022-02-11T13:59:14Z", + "stargazers_count": 25, + "watchers_count": 25, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cybersecurity", + "exploit", + "poc", + "security" + ], + "visibility": "public", + "forks": 7, + "watchers": 25, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21371.json b/2022/CVE-2022-21371.json new file mode 100644 index 0000000000..0e51b2b9f2 --- /dev/null +++ b/2022/CVE-2022-21371.json @@ -0,0 +1,30 @@ +[ + { + "id": 451918204, + "name": "CVE-2022-21371", + "full_name": "Mr-xn\/CVE-2022-21371", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-21371", + "description": "Oracle WebLogic Server 12.1.3.0.0 \/ 12.2.1.3.0 \/ 12.2.1.4.0 \/ 14.1.1.0.0 Local File Inclusion", + "fork": false, + "created_at": "2022-01-25T14:50:29Z", + "updated_at": "2022-06-01T14:50:07Z", + "pushed_at": "2022-01-25T14:52:21Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 26, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21658.json b/2022/CVE-2022-21658.json new file mode 100644 index 0000000000..002a36070c --- /dev/null +++ b/2022/CVE-2022-21658.json @@ -0,0 +1,34 @@ +[ + { + "id": 450374545, + "name": "cve-2022-21658", + "full_name": "sagittarius-a\/cve-2022-21658", + "owner": { + "login": "sagittarius-a", + "id": 8809698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8809698?v=4", + "html_url": "https:\/\/github.com\/sagittarius-a" + }, + "html_url": "https:\/\/github.com\/sagittarius-a\/cve-2022-21658", + "description": "POC for cve-2022-21658", + "fork": false, + "created_at": "2022-01-21T06:09:16Z", + "updated_at": "2022-01-21T06:10:05Z", + "pushed_at": "2022-01-21T06:09:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21658", + "poc", + "rust" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21660.json b/2022/CVE-2022-21660.json index cf79f82d84..c36acc089c 100644 --- a/2022/CVE-2022-21660.json +++ b/2022/CVE-2022-21660.json @@ -1,4 +1,32 @@ [ + { + "id": 446296593, + "name": "Gin-Vue-admin-poc-CVE-2022-21660", + "full_name": "UzJu\/Gin-Vue-admin-poc-CVE-2022-21660", + "owner": { + "login": "UzJu", + "id": 50813806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813806?v=4", + "html_url": "https:\/\/github.com\/UzJu" + }, + "html_url": "https:\/\/github.com\/UzJu\/Gin-Vue-admin-poc-CVE-2022-21660", + "description": "CVE-2022-21660", + "fork": false, + "created_at": "2022-01-10T05:50:35Z", + "updated_at": "2022-07-24T05:20:50Z", + "pushed_at": "2022-01-10T05:52:03Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 26, + "score": 0 + }, { "id": 462232980, "name": "CVE-2022-21660", diff --git a/2022/CVE-2022-21661.json b/2022/CVE-2022-21661.json index c901571c72..f23292222a 100644 --- a/2022/CVE-2022-21661.json +++ b/2022/CVE-2022-21661.json @@ -1,4 +1,60 @@ [ + { + "id": 449096712, + "name": "CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection", + "full_name": "TAPESH-TEAM\/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection", + "owner": { + "login": "TAPESH-TEAM", + "id": 83407483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83407483?v=4", + "html_url": "https:\/\/github.com\/TAPESH-TEAM" + }, + "html_url": "https:\/\/github.com\/TAPESH-TEAM\/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection", + "description": "WordPress Core 5.8.2 - 'WP_Query' SQL Injection", + "fork": false, + "created_at": "2022-01-18T01:05:04Z", + "updated_at": "2022-08-11T12:33:20Z", + "pushed_at": "2022-01-18T01:19:45Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0 + }, + { + "id": 458502807, + "name": "wordpress-CVE-2022-21661", + "full_name": "purple-WL\/wordpress-CVE-2022-21661", + "owner": { + "login": "purple-WL", + "id": 63894044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63894044?v=4", + "html_url": "https:\/\/github.com\/purple-WL" + }, + "html_url": "https:\/\/github.com\/purple-WL\/wordpress-CVE-2022-21661", + "description": null, + "fork": false, + "created_at": "2022-02-12T11:31:26Z", + "updated_at": "2022-08-11T12:56:20Z", + "pushed_at": "2022-02-17T03:59:18Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0 + }, { "id": 497289034, "name": "Wordpress-cve-CVE-2022-21661", diff --git a/2022/CVE-2022-2185.json b/2022/CVE-2022-2185.json index 058e39aef2..a61695830e 100644 --- a/2022/CVE-2022-2185.json +++ b/2022/CVE-2022-2185.json @@ -41,10 +41,10 @@ "description": "wo ee cve-2022-2185 gitlab authenticated rce", "fork": false, "created_at": "2022-07-29T11:14:03Z", - "updated_at": "2022-08-11T09:11:37Z", + "updated_at": "2022-08-12T01:33:38Z", "pushed_at": "2022-07-29T11:28:59Z", - "stargazers_count": 43, - "watchers_count": 43, + "stargazers_count": 44, + "watchers_count": 44, "forks_count": 5, "allow_forking": true, "is_template": false, @@ -52,7 +52,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 43, + "watchers": 44, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-21877.json b/2022/CVE-2022-21877.json new file mode 100644 index 0000000000..c0e60ff016 --- /dev/null +++ b/2022/CVE-2022-21877.json @@ -0,0 +1,30 @@ +[ + { + "id": 456710810, + "name": "cve-2022-21877", + "full_name": "Big5-sec\/cve-2022-21877", + "owner": { + "login": "Big5-sec", + "id": 29749118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29749118?v=4", + "html_url": "https:\/\/github.com\/Big5-sec" + }, + "html_url": "https:\/\/github.com\/Big5-sec\/cve-2022-21877", + "description": "a demonstration PoC for CVE-2022-21877 (storage spaces controller memory leak)", + "fork": false, + "created_at": "2022-02-07T23:18:17Z", + "updated_at": "2022-03-08T16:15:39Z", + "pushed_at": "2022-02-08T22:53:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21882.json b/2022/CVE-2022-21882.json new file mode 100644 index 0000000000..5f2d366837 --- /dev/null +++ b/2022/CVE-2022-21882.json @@ -0,0 +1,146 @@ +[ + { + "id": 452529582, + "name": "CVE-2022-21882", + "full_name": "KaLendsi\/CVE-2022-21882", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2022-21882", + "description": "win32k LPE ", + "fork": false, + "created_at": "2022-01-27T03:44:10Z", + "updated_at": "2022-08-08T04:02:10Z", + "pushed_at": "2022-01-27T04:18:18Z", + "stargazers_count": 428, + "watchers_count": 428, + "forks_count": 136, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 136, + "watchers": 428, + "score": 0 + }, + { + "id": 454493738, + "name": "CVE-2022-21882", + "full_name": "David-Honisch\/CVE-2022-21882", + "owner": { + "login": "David-Honisch", + "id": 35835504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35835504?v=4", + "html_url": "https:\/\/github.com\/David-Honisch" + }, + "html_url": "https:\/\/github.com\/David-Honisch\/CVE-2022-21882", + "description": "CVE-2022-21882", + "fork": false, + "created_at": "2022-02-01T17:58:29Z", + "updated_at": "2022-04-12T22:32:21Z", + "pushed_at": "2022-02-01T18:14:07Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0 + }, + { + "id": 455137692, + "name": "CVE-2022-21882", + "full_name": "L4ys\/CVE-2022-21882", + "owner": { + "login": "L4ys", + "id": 5360374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5360374?v=4", + "html_url": "https:\/\/github.com\/L4ys" + }, + "html_url": "https:\/\/github.com\/L4ys\/CVE-2022-21882", + "description": null, + "fork": false, + "created_at": "2022-02-03T11:25:14Z", + "updated_at": "2022-08-08T04:01:25Z", + "pushed_at": "2022-02-04T02:20:47Z", + "stargazers_count": 169, + "watchers_count": 169, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 169, + "score": 0 + }, + { + "id": 456348360, + "name": "cve-2022-21882-poc", + "full_name": "sailay1996\/cve-2022-21882-poc", + "owner": { + "login": "sailay1996", + "id": 16739401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16739401?v=4", + "html_url": "https:\/\/github.com\/sailay1996" + }, + "html_url": "https:\/\/github.com\/sailay1996\/cve-2022-21882-poc", + "description": "lpe poc for cve-2022-21882 ", + "fork": false, + "created_at": "2022-02-07T03:45:36Z", + "updated_at": "2022-06-12T09:32:22Z", + "pushed_at": "2022-02-07T03:49:37Z", + "stargazers_count": 34, + "watchers_count": 34, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21882", + "privilege-escalation", + "windows-exploitation" + ], + "visibility": "public", + "forks": 15, + "watchers": 34, + "score": 0 + }, + { + "id": 459331281, + "name": "CVE-2022-21882", + "full_name": "r1l4-i3pur1l4\/CVE-2022-21882", + "owner": { + "login": "r1l4-i3pur1l4", + "id": 76409019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76409019?v=4", + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4" + }, + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4\/CVE-2022-21882", + "description": null, + "fork": false, + "created_at": "2022-02-14T21:28:15Z", + "updated_at": "2022-05-06T17:45:49Z", + "pushed_at": "2022-02-15T08:29:26Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21894.json b/2022/CVE-2022-21894.json index 3133824411..1d58d844b9 100644 --- a/2022/CVE-2022-21894.json +++ b/2022/CVE-2022-21894.json @@ -13,10 +13,10 @@ "description": "baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability", "fork": false, "created_at": "2022-08-09T15:53:48Z", - "updated_at": "2022-08-11T23:40:12Z", + "updated_at": "2022-08-12T03:51:21Z", "pushed_at": "2022-08-10T15:34:50Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 13, + "watchers_count": 13, "forks_count": 3, "allow_forking": true, "is_template": false, @@ -30,7 +30,7 @@ ], "visibility": "public", "forks": 3, - "watchers": 11, + "watchers": 13, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-21907.json b/2022/CVE-2022-21907.json index 8447098443..67218e98b4 100644 --- a/2022/CVE-2022-21907.json +++ b/2022/CVE-2022-21907.json @@ -1,4 +1,32 @@ [ + { + "id": 446683592, + "name": "cve-2022-21907", + "full_name": "corelight\/cve-2022-21907", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight" + }, + "html_url": "https:\/\/github.com\/corelight\/cve-2022-21907", + "description": "cve-2022-21907", + "fork": false, + "created_at": "2022-01-11T05:00:55Z", + "updated_at": "2022-03-21T07:03:34Z", + "pushed_at": "2022-01-26T20:31:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0 + }, { "id": 448387955, "name": "CVE-2022-21907", @@ -47,6 +75,62 @@ "watchers": 24, "score": 0 }, + { + "id": 448729790, + "name": "CVE-2022-21907", + "full_name": "ZZ-SOCMAP\/CVE-2022-21907", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-21907", + "description": "HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907", + "fork": false, + "created_at": "2022-01-17T02:28:50Z", + "updated_at": "2022-07-27T10:17:05Z", + "pushed_at": "2022-01-20T02:07:59Z", + "stargazers_count": 365, + "watchers_count": 365, + "forks_count": 99, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 99, + "watchers": 365, + "score": 0 + }, + { + "id": 448909871, + "name": "CVE-2022-21907", + "full_name": "xiska62314\/CVE-2022-21907", + "owner": { + "login": "xiska62314", + "id": 97891523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4", + "html_url": "https:\/\/github.com\/xiska62314" + }, + "html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-21907", + "description": "CVE-2022-21907", + "fork": false, + "created_at": "2022-01-17T13:42:44Z", + "updated_at": "2022-01-17T13:42:44Z", + "pushed_at": "2022-01-17T13:42:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 448952968, "name": "CVE-2022-21907-http.sys", @@ -82,6 +166,34 @@ "watchers": 68, "score": 0 }, + { + "id": 451128086, + "name": "CVE-2022-21907-Vulnerability-PoC", + "full_name": "michelep\/CVE-2022-21907-Vulnerability-PoC", + "owner": { + "login": "michelep", + "id": 1425559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1425559?v=4", + "html_url": "https:\/\/github.com\/michelep" + }, + "html_url": "https:\/\/github.com\/michelep\/CVE-2022-21907-Vulnerability-PoC", + "description": "CVE-2022-21907 Vulnerability PoC", + "fork": false, + "created_at": "2022-01-23T14:25:12Z", + "updated_at": "2022-08-05T13:00:40Z", + "pushed_at": "2022-01-23T14:28:54Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0 + }, { "id": 461942989, "name": "CVE-2022-21907-RCE-POC", diff --git a/2022/CVE-2022-21999.json b/2022/CVE-2022-21999.json new file mode 100644 index 0000000000..a94945e41a --- /dev/null +++ b/2022/CVE-2022-21999.json @@ -0,0 +1,33 @@ +[ + { + "id": 457033886, + "name": "SpoolFool", + "full_name": "ly4k\/SpoolFool", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k" + }, + "html_url": "https:\/\/github.com\/ly4k\/SpoolFool", + "description": "Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)", + "fork": false, + "created_at": "2022-02-08T17:25:44Z", + "updated_at": "2022-08-12T01:40:28Z", + "pushed_at": "2022-02-09T16:54:09Z", + "stargazers_count": 630, + "watchers_count": 630, + "forks_count": 128, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21999", + "cve-2022-22718" + ], + "visibility": "public", + "forks": 128, + "watchers": 630, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22296.json b/2022/CVE-2022-22296.json new file mode 100644 index 0000000000..6cb081a458 --- /dev/null +++ b/2022/CVE-2022-22296.json @@ -0,0 +1,30 @@ +[ + { + "id": 450430110, + "name": "CVE-2022-22296", + "full_name": "vlakhani28\/CVE-2022-22296", + "owner": { + "login": "vlakhani28", + "id": 42069316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42069316?v=4", + "html_url": "https:\/\/github.com\/vlakhani28" + }, + "html_url": "https:\/\/github.com\/vlakhani28\/CVE-2022-22296", + "description": "All Details about CVE-2022-22296", + "fork": false, + "created_at": "2022-01-21T09:29:21Z", + "updated_at": "2022-01-21T09:29:21Z", + "pushed_at": "2022-01-21T09:45:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22828.json b/2022/CVE-2022-22828.json new file mode 100644 index 0000000000..dc5304f147 --- /dev/null +++ b/2022/CVE-2022-22828.json @@ -0,0 +1,30 @@ +[ + { + "id": 452487266, + "name": "CVE-2022-22828", + "full_name": "videnlabs\/CVE-2022-22828", + "owner": { + "login": "videnlabs", + "id": 97770137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97770137?v=4", + "html_url": "https:\/\/github.com\/videnlabs" + }, + "html_url": "https:\/\/github.com\/videnlabs\/CVE-2022-22828", + "description": "Write-up of CVE-2022-22828", + "fork": false, + "created_at": "2022-01-27T00:29:47Z", + "updated_at": "2022-01-27T01:53:47Z", + "pushed_at": "2022-01-27T01:32:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22850.json b/2022/CVE-2022-22850.json new file mode 100644 index 0000000000..ac803be335 --- /dev/null +++ b/2022/CVE-2022-22850.json @@ -0,0 +1,30 @@ +[ + { + "id": 451154958, + "name": "CVE-2022-22850", + "full_name": "Sant268\/CVE-2022-22850", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22850", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:00:34Z", + "updated_at": "2022-01-24T06:20:46Z", + "pushed_at": "2022-01-27T02:37:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22851.json b/2022/CVE-2022-22851.json new file mode 100644 index 0000000000..6e8a771d89 --- /dev/null +++ b/2022/CVE-2022-22851.json @@ -0,0 +1,30 @@ +[ + { + "id": 451155234, + "name": "CVE-2022-22851", + "full_name": "Sant268\/CVE-2022-22851", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22851", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:01:26Z", + "updated_at": "2022-01-24T06:20:47Z", + "pushed_at": "2022-01-27T03:04:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22852.json b/2022/CVE-2022-22852.json new file mode 100644 index 0000000000..81ac8c9755 --- /dev/null +++ b/2022/CVE-2022-22852.json @@ -0,0 +1,30 @@ +[ + { + "id": 451155350, + "name": "CVE-2022-22852", + "full_name": "Sant268\/CVE-2022-22852", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22852", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:01:49Z", + "updated_at": "2022-01-24T06:20:48Z", + "pushed_at": "2022-01-27T03:04:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22965.json b/2022/CVE-2022-22965.json index c34f0159e2..facdaf7d00 100644 --- a/2022/CVE-2022-22965.json +++ b/2022/CVE-2022-22965.json @@ -126,13 +126,13 @@ "pushed_at": "2022-08-04T18:26:18Z", "stargazers_count": 263, "watchers_count": 263, - "forks_count": 207, + "forks_count": 206, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 207, + "forks": 206, "watchers": 263, "score": 0 }, diff --git a/2022/CVE-2022-23046.json b/2022/CVE-2022-23046.json index e2a24e4f85..888f8bbb72 100644 --- a/2022/CVE-2022-23046.json +++ b/2022/CVE-2022-23046.json @@ -1,4 +1,60 @@ [ + { + "id": 450827017, + "name": "CVE-2022-23046", + "full_name": "jcarabantes\/CVE-2022-23046", + "owner": { + "login": "jcarabantes", + "id": 9590425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9590425?v=4", + "html_url": "https:\/\/github.com\/jcarabantes" + }, + "html_url": "https:\/\/github.com\/jcarabantes\/CVE-2022-23046", + "description": null, + "fork": false, + "created_at": "2022-01-22T13:35:40Z", + "updated_at": "2022-02-16T08:00:53Z", + "pushed_at": "2022-01-24T17:29:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 459366538, + "name": "CVE-2022-23046", + "full_name": "dnr6419\/CVE-2022-23046", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2022-23046", + "description": "SQL Injection Vulnerability on PhpIPAM v1.4.4", + "fork": false, + "created_at": "2022-02-15T00:00:22Z", + "updated_at": "2022-02-15T07:12:02Z", + "pushed_at": "2022-02-15T00:25:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0 + }, { "id": 495567632, "name": "CVE-2022-23046", diff --git a/2022/CVE-2022-23131.json b/2022/CVE-2022-23131.json index 6662cf1bda..1d76df75d9 100644 --- a/2022/CVE-2022-23131.json +++ b/2022/CVE-2022-23131.json @@ -1,4 +1,60 @@ [ + { + "id": 460689920, + "name": "CVE-2022-23131", + "full_name": "qq1549176285\/CVE-2022-23131", + "owner": { + "login": "qq1549176285", + "id": 38514188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38514188?v=4", + "html_url": "https:\/\/github.com\/qq1549176285" + }, + "html_url": "https:\/\/github.com\/qq1549176285\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-18T03:03:26Z", + "updated_at": "2022-02-18T03:03:26Z", + "pushed_at": "2022-02-18T03:03:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 460773028, + "name": "zabbix-saml-bypass-exp", + "full_name": "jweny\/zabbix-saml-bypass-exp", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny" + }, + "html_url": "https:\/\/github.com\/jweny\/zabbix-saml-bypass-exp", + "description": "cve-2022-23131 exp", + "fork": false, + "created_at": "2022-02-18T08:38:53Z", + "updated_at": "2022-07-21T09:34:39Z", + "pushed_at": "2022-02-21T04:27:48Z", + "stargazers_count": 90, + "watchers_count": 90, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 90, + "score": 0 + }, { "id": 460833137, "name": "cve-2022-23131", @@ -27,6 +83,34 @@ "watchers": 97, "score": 0 }, + { + "id": 460891453, + "name": "CVE-2022-23131", + "full_name": "1mxml\/CVE-2022-23131", + "owner": { + "login": "1mxml", + "id": 94277520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94277520?v=4", + "html_url": "https:\/\/github.com\/1mxml" + }, + "html_url": "https:\/\/github.com\/1mxml\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-18T14:48:53Z", + "updated_at": "2022-06-01T14:58:14Z", + "pushed_at": "2022-02-19T03:14:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 461658676, "name": "CVE-2022-23131", @@ -55,6 +139,34 @@ "watchers": 15, "score": 0 }, + { + "id": 461681428, + "name": "cve-2022-23131", + "full_name": "zwjjustdoit\/cve-2022-23131", + "owner": { + "login": "zwjjustdoit", + "id": 50495555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50495555?v=4", + "html_url": "https:\/\/github.com\/zwjjustdoit" + }, + "html_url": "https:\/\/github.com\/zwjjustdoit\/cve-2022-23131", + "description": "poc", + "fork": false, + "created_at": "2022-02-21T02:42:23Z", + "updated_at": "2022-02-22T06:40:01Z", + "pushed_at": "2022-02-21T04:55:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0 + }, { "id": 462095141, "name": "cve-2022-23131", diff --git a/2022/CVE-2022-23305.json b/2022/CVE-2022-23305.json index 036eade38c..39315a252a 100644 --- a/2022/CVE-2022-23305.json +++ b/2022/CVE-2022-23305.json @@ -45,5 +45,35 @@ "forks": 10, "watchers": 27, "score": 0 + }, + { + "id": 450360735, + "name": "CVE-2022-RCE", + "full_name": "AlphabugX\/CVE-2022-RCE", + "owner": { + "login": "AlphabugX", + "id": 27001865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27001865?v=4", + "html_url": "https:\/\/github.com\/AlphabugX" + }, + "html_url": "https:\/\/github.com\/AlphabugX\/CVE-2022-RCE", + "description": "test 反向辣鸡数据投放 CVE-2022-23305 工具 利用 教程 Exploit POC ", + "fork": false, + "created_at": "2022-01-21T05:07:59Z", + "updated_at": "2022-03-23T17:19:31Z", + "pushed_at": "2022-01-21T05:21:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-23378.json b/2022/CVE-2022-23378.json new file mode 100644 index 0000000000..5f05526f5e --- /dev/null +++ b/2022/CVE-2022-23378.json @@ -0,0 +1,30 @@ +[ + { + "id": 448138999, + "name": "CVE-2022-23378", + "full_name": "TheGetch\/CVE-2022-23378", + "owner": { + "login": "TheGetch", + "id": 7243819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7243819?v=4", + "html_url": "https:\/\/github.com\/TheGetch" + }, + "html_url": "https:\/\/github.com\/TheGetch\/CVE-2022-23378", + "description": "Authenticated reflected XSS in TastyIgniter version v3.2.2.", + "fork": false, + "created_at": "2022-01-14T23:54:36Z", + "updated_at": "2022-04-19T19:10:21Z", + "pushed_at": "2022-02-16T14:36:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23808.json b/2022/CVE-2022-23808.json new file mode 100644 index 0000000000..6028d29f53 --- /dev/null +++ b/2022/CVE-2022-23808.json @@ -0,0 +1,48 @@ +[ + { + "id": 454474679, + "name": "CVE-2022-23808", + "full_name": "dipakpanchal456\/CVE-2022-23808", + "owner": { + "login": "dipakpanchal456", + "id": 31427462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31427462?v=4", + "html_url": "https:\/\/github.com\/dipakpanchal456" + }, + "html_url": "https:\/\/github.com\/dipakpanchal456\/CVE-2022-23808", + "description": "phpMyAdmin XSS ", + "fork": false, + "created_at": "2022-02-01T17:02:03Z", + "updated_at": "2022-08-11T05:11:57Z", + "pushed_at": "2022-02-03T16:21:01Z", + "stargazers_count": 82, + "watchers_count": 82, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cross-site-scripting", + "database", + "exploit", + "exploitation", + "hacking", + "infosec", + "owasp", + "owasp-top-10", + "pentesting", + "phpmyadmin", + "poc", + "redteam", + "redteaming", + "vulnerability", + "xss", + "zeroday" + ], + "visibility": "public", + "forks": 15, + "watchers": 82, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23967.json b/2022/CVE-2022-23967.json new file mode 100644 index 0000000000..381556c17e --- /dev/null +++ b/2022/CVE-2022-23967.json @@ -0,0 +1,30 @@ +[ + { + "id": 452399615, + "name": "CVE-2022-23967", + "full_name": "MaherAzzouzi\/CVE-2022-23967", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-23967", + "description": "TightVNC Vulnerability.", + "fork": false, + "created_at": "2022-01-26T18:49:43Z", + "updated_at": "2022-07-11T05:11:48Z", + "pushed_at": "2022-01-26T18:53:03Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24348.json b/2022/CVE-2022-24348.json new file mode 100644 index 0000000000..0fed2d8176 --- /dev/null +++ b/2022/CVE-2022-24348.json @@ -0,0 +1,30 @@ +[ + { + "id": 456161456, + "name": "CVE-2022-24348-2", + "full_name": "jkroepke\/CVE-2022-24348-2", + "owner": { + "login": "jkroepke", + "id": 1560587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1560587?v=4", + "html_url": "https:\/\/github.com\/jkroepke" + }, + "html_url": "https:\/\/github.com\/jkroepke\/CVE-2022-24348-2", + "description": "Find similar issues like CVE-2022-24348", + "fork": false, + "created_at": "2022-02-06T13:39:57Z", + "updated_at": "2022-02-14T08:21:26Z", + "pushed_at": "2022-02-06T13:44:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25257.json b/2022/CVE-2022-25257.json index 55c7f6a61c..f3df53507e 100644 --- a/2022/CVE-2022-25257.json +++ b/2022/CVE-2022-25257.json @@ -1,4 +1,32 @@ [ + { + "id": 461406728, + "name": "CVE-2022-25257", + "full_name": "polling-repo-continua\/CVE-2022-25257", + "owner": { + "login": "polling-repo-continua", + "id": 68729769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68729769?v=4", + "html_url": "https:\/\/github.com\/polling-repo-continua" + }, + "html_url": "https:\/\/github.com\/polling-repo-continua\/CVE-2022-25257", + "description": null, + "fork": false, + "created_at": "2022-02-20T06:42:24Z", + "updated_at": "2022-02-23T15:48:49Z", + "pushed_at": "2022-02-17T13:54:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 467043457, "name": "CVE-2022-25257", diff --git a/2022/CVE-2022-25258.json b/2022/CVE-2022-25258.json new file mode 100644 index 0000000000..79ba13361d --- /dev/null +++ b/2022/CVE-2022-25258.json @@ -0,0 +1,30 @@ +[ + { + "id": 459503187, + "name": "d-os-descriptor", + "full_name": "szymonh\/d-os-descriptor", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh" + }, + "html_url": "https:\/\/github.com\/szymonh\/d-os-descriptor", + "description": "CVE-2022-25258 - Demo exploit targeting usb gadget's os descriptor handler", + "fork": false, + "created_at": "2022-02-15T09:04:25Z", + "updated_at": "2022-02-17T08:51:30Z", + "pushed_at": "2022-02-16T20:40:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25375.json b/2022/CVE-2022-25375.json new file mode 100644 index 0000000000..be02e5a7e1 --- /dev/null +++ b/2022/CVE-2022-25375.json @@ -0,0 +1,30 @@ +[ + { + "id": 460460049, + "name": "rndis-co", + "full_name": "szymonh\/rndis-co", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh" + }, + "html_url": "https:\/\/github.com\/szymonh\/rndis-co", + "description": "CVE-2022-25375 - Demo exploit of RNDIS USB Gadget", + "fork": false, + "created_at": "2022-02-17T14:02:58Z", + "updated_at": "2022-03-22T10:44:05Z", + "pushed_at": "2022-02-20T19:56:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2588.json b/2022/CVE-2022-2588.json index cc57b1f8a5..3c6113a58b 100644 --- a/2022/CVE-2022-2588.json +++ b/2022/CVE-2022-2588.json @@ -13,18 +13,18 @@ "description": "exploit for CVE-2022-2588", "fork": false, "created_at": "2022-08-11T06:01:24Z", - "updated_at": "2022-08-11T14:46:35Z", + "updated_at": "2022-08-12T03:28:56Z", "pushed_at": "2022-08-11T06:04:18Z", - "stargazers_count": 6, - "watchers_count": 6, - "forks_count": 0, + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 6, + "forks": 1, + "watchers": 12, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26134.json b/2022/CVE-2022-26134.json index f651143445..102833dcef 100644 --- a/2022/CVE-2022-26134.json +++ b/2022/CVE-2022-26134.json @@ -13,10 +13,10 @@ "description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。", "fork": false, "created_at": "2022-05-31T07:44:01Z", - "updated_at": "2022-08-11T19:24:29Z", + "updated_at": "2022-08-12T04:32:59Z", "pushed_at": "2022-08-11T09:35:18Z", - "stargazers_count": 625, - "watchers_count": 625, + "stargazers_count": 628, + "watchers_count": 628, "forks_count": 117, "allow_forking": true, "is_template": false, @@ -44,7 +44,7 @@ ], "visibility": "public", "forks": 117, - "watchers": 625, + "watchers": 628, "score": 0 }, { diff --git a/2022/CVE-2022-33891.json b/2022/CVE-2022-33891.json index c0ac6bda49..6b37cbc7af 100644 --- a/2022/CVE-2022-33891.json +++ b/2022/CVE-2022-33891.json @@ -71,10 +71,10 @@ "description": "Apache Spark Command Injection PoC Exploit for CVE-2022-33891", "fork": false, "created_at": "2022-07-19T23:16:27Z", - "updated_at": "2022-08-10T09:26:39Z", + "updated_at": "2022-08-12T06:01:45Z", "pushed_at": "2022-07-21T08:32:08Z", - "stargazers_count": 20, - "watchers_count": 20, + "stargazers_count": 21, + "watchers_count": 21, "forks_count": 6, "allow_forking": true, "is_template": false, @@ -90,7 +90,7 @@ ], "visibility": "public", "forks": 6, - "watchers": 20, + "watchers": 21, "score": 0 }, { diff --git a/2022/CVE-2022-33980.json b/2022/CVE-2022-33980.json index ec4e789949..8537717f5e 100644 --- a/2022/CVE-2022-33980.json +++ b/2022/CVE-2022-33980.json @@ -69,10 +69,10 @@ "description": "CVE", "fork": false, "created_at": "2022-08-10T03:21:19Z", - "updated_at": "2022-08-11T21:02:02Z", + "updated_at": "2022-08-12T06:03:49Z", "pushed_at": "2022-08-10T03:25:06Z", - "stargazers_count": 17, - "watchers_count": 17, + "stargazers_count": 19, + "watchers_count": 19, "forks_count": 5, "allow_forking": true, "is_template": false, @@ -80,7 +80,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 17, + "watchers": 19, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-34918.json b/2022/CVE-2022-34918.json index 5e3d7fdfa1..d9682286aa 100644 --- a/2022/CVE-2022-34918.json +++ b/2022/CVE-2022-34918.json @@ -153,10 +153,10 @@ "description": "CVE-2022-34918 netfilter nf_tables 本地提权 POC", "fork": false, "created_at": "2022-08-02T09:52:02Z", - "updated_at": "2022-08-11T10:14:21Z", + "updated_at": "2022-08-12T03:25:42Z", "pushed_at": "2022-08-05T14:46:52Z", - "stargazers_count": 127, - "watchers_count": 127, + "stargazers_count": 128, + "watchers_count": 128, "forks_count": 22, "allow_forking": true, "is_template": false, @@ -164,7 +164,7 @@ "topics": [], "visibility": "public", "forks": 22, - "watchers": 127, + "watchers": 128, "score": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index e69a46db95..cc74755f7a 100644 --- a/README.md +++ b/README.md @@ -8,11 +8,30 @@ A heap-based buffer overflow flaw was found in the way the legacy_parse_param fu - [Crusaders-of-Rust/CVE-2022-0185](https://github.com/Crusaders-of-Rust/CVE-2022-0185) +- [discordianfish/cve-2022-0185-crash-poc](https://github.com/discordianfish/cve-2022-0185-crash-poc) +- [khaclep007/CVE-2022-0185](https://github.com/khaclep007/CVE-2022-0185) - [chenaotian/CVE-2022-0185](https://github.com/chenaotian/CVE-2022-0185) - [shahparkhan/cve-2022-0185](https://github.com/shahparkhan/cve-2022-0185) - [veritas501/CVE-2022-0185-PipeVersion](https://github.com/veritas501/CVE-2022-0185-PipeVersion) - [featherL/CVE-2022-0185-exploit](https://github.com/featherL/CVE-2022-0185-exploit) +### CVE-2022-0219 (2022-01-20) + + +Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2. + + +- [Haxatron/CVE-2022-0219](https://github.com/Haxatron/CVE-2022-0219) + +### CVE-2022-0236 (2022-01-18) + + +The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15. + + +- [qurbat/CVE-2022-0236](https://github.com/qurbat/CVE-2022-0236) +- [xiska62314/CVE-2022-0236](https://github.com/xiska62314/CVE-2022-0236) + ### CVE-2022-0265 (2022-03-03) @@ -21,6 +40,14 @@ Improper Restriction of XML External Entity Reference in GitHub repository hazel - [achuna33/CVE-2022-0265](https://github.com/achuna33/CVE-2022-0265) +### CVE-2022-0332 (2022-01-25) + + +A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data. + + +- [numanturle/CVE-2022-0332](https://github.com/numanturle/CVE-2022-0332) + ### CVE-2022-0337 - [Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera](https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera) @@ -564,6 +591,15 @@ In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possib - [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2022-20142](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2022-20142) +### CVE-2022-20699 (2022-02-10) + + +Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. + + +- [Audiobahn/CVE-2022-20699](https://github.com/Audiobahn/CVE-2022-20699) +- [rohankumardubey/CVE-2022-20699](https://github.com/rohankumardubey/CVE-2022-20699) + ### CVE-2022-20829 (2022-06-24) @@ -580,6 +616,22 @@ A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Se - [CiscoPSIRT/CVE-2022-20866](https://github.com/CiscoPSIRT/CVE-2022-20866) +### CVE-2022-21241 (2022-02-08) + + +Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contains HTML a tag. + + +- [satoki/csv-plus_vulnerability](https://github.com/satoki/csv-plus_vulnerability) + +### CVE-2022-21371 (2022-01-19) + + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [Mr-xn/CVE-2022-21371](https://github.com/Mr-xn/CVE-2022-21371) + ### CVE-2022-21449 (2022-04-19) @@ -595,12 +647,21 @@ Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product o - [PyterSmithDarkGhost/CVE-2022-21449-I2P-TLS-POC](https://github.com/PyterSmithDarkGhost/CVE-2022-21449-I2P-TLS-POC) - [Skipper7718/CVE-2022-21449-showcase](https://github.com/Skipper7718/CVE-2022-21449-showcase) +### CVE-2022-21658 (2022-01-20) + + +Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don't have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being affected by this. Note that adding checks in your codebase before calling remove_dir_all will not mitigate the vulnerability, as they would also be vulnerable to race conditions like remove_dir_all itself. The existing mitigation is working as intended outside of race conditions. + + +- [sagittarius-a/cve-2022-21658](https://github.com/sagittarius-a/cve-2022-21658) + ### CVE-2022-21660 (2022-02-09) Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no known workarounds. +- [UzJu/Gin-Vue-admin-poc-CVE-2022-21660](https://github.com/UzJu/Gin-Vue-admin-poc-CVE-2022-21660) - [UzJu/CVE-2022-21660](https://github.com/UzJu/CVE-2022-21660) ### CVE-2022-21661 (2022-01-06) @@ -609,6 +670,8 @@ Gin-vue-admin is a backstage management system based on vue and gin. In versions WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability. +- [TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection](https://github.com/TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection) +- [purple-WL/wordpress-CVE-2022-21661](https://github.com/purple-WL/wordpress-CVE-2022-21661) - [0x4E0x650x6F/Wordpress-cve-CVE-2022-21661](https://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661) - [PyterSmithDarkGhost/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection-main](https://github.com/PyterSmithDarkGhost/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection-main) - [z92g/CVE-2022-21661](https://github.com/z92g/CVE-2022-21661) @@ -631,6 +694,14 @@ Tensorflow is an Open Source Machine Learning Framework. The implementation of s - [mwina/CVE-2022-21728-test](https://github.com/mwina/CVE-2022-21728-test) +### CVE-2022-21877 (2022-01-11) + + +Storage Spaces Controller Information Disclosure Vulnerability. + + +- [Big5-sec/cve-2022-21877](https://github.com/Big5-sec/cve-2022-21877) + ### CVE-2022-21881 (2022-01-11) @@ -639,6 +710,18 @@ Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from - [theabysslabs/CVE-2022-21881](https://github.com/theabysslabs/CVE-2022-21881) +### CVE-2022-21882 (2022-01-11) + + +Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21887. + + +- [KaLendsi/CVE-2022-21882](https://github.com/KaLendsi/CVE-2022-21882) +- [David-Honisch/CVE-2022-21882](https://github.com/David-Honisch/CVE-2022-21882) +- [L4ys/CVE-2022-21882](https://github.com/L4ys/CVE-2022-21882) +- [sailay1996/cve-2022-21882-poc](https://github.com/sailay1996/cve-2022-21882-poc) +- [r1l4-i3pur1l4/CVE-2022-21882](https://github.com/r1l4-i3pur1l4/CVE-2022-21882) + ### CVE-2022-21894 (2022-01-11) @@ -653,8 +736,12 @@ Secure Boot Security Feature Bypass Vulnerability. HTTP Protocol Stack Remote Code Execution Vulnerability. +- [corelight/cve-2022-21907](https://github.com/corelight/cve-2022-21907) - [mauricelambert/CVE-2022-21907](https://github.com/mauricelambert/CVE-2022-21907) +- [ZZ-SOCMAP/CVE-2022-21907](https://github.com/ZZ-SOCMAP/CVE-2022-21907) +- [xiska62314/CVE-2022-21907](https://github.com/xiska62314/CVE-2022-21907) - [p0dalirius/CVE-2022-21907-http.sys](https://github.com/p0dalirius/CVE-2022-21907-http.sys) +- [michelep/CVE-2022-21907-Vulnerability-PoC](https://github.com/michelep/CVE-2022-21907-Vulnerability-PoC) - [coconut20/CVE-2022-21907-RCE-POC](https://github.com/coconut20/CVE-2022-21907-RCE-POC) - [polakow/CVE-2022-21907](https://github.com/polakow/CVE-2022-21907) - [gpiechnik2/nmap-CVE-2022-21907](https://github.com/gpiechnik2/nmap-CVE-2022-21907) @@ -679,6 +766,14 @@ Roaming Security Rights Management Services Remote Code Execution Vulnerability. - [0vercl0k/CVE-2022-21974](https://github.com/0vercl0k/CVE-2022-21974) +### CVE-2022-21999 (2022-02-09) + + +Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-22717, CVE-2022-22718. + + +- [ly4k/SpoolFool](https://github.com/ly4k/SpoolFool) + ### CVE-2022-22029 (2022-07-12) @@ -687,6 +782,14 @@ Windows Network File System Remote Code Execution Vulnerability. This CVE ID is - [mchoudhary15/CVE-2022-22029-NFS-Server-](https://github.com/mchoudhary15/CVE-2022-22029-NFS-Server-) +### CVE-2022-22296 (2022-01-24) + + +Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed. + + +- [vlakhani28/CVE-2022-22296](https://github.com/vlakhani28/CVE-2022-22296) + ### CVE-2022-22536 (2022-02-09) @@ -749,6 +852,14 @@ addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer ove - [nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827](https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827) +### CVE-2022-22828 (2022-01-27) + + +An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string. + + +- [videnlabs/CVE-2022-22828](https://github.com/videnlabs/CVE-2022-22828) + ### CVE-2022-22845 (2022-01-09) @@ -757,6 +868,30 @@ QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e - [OmriBaso/CVE-2022-22845-Exploit](https://github.com/OmriBaso/CVE-2022-22845-Exploit) +### CVE-2022-22850 (2022-01-26) + + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types. + + +- [Sant268/CVE-2022-22850](https://github.com/Sant268/CVE-2022-22850) + +### CVE-2022-22851 (2022-01-26) + + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php + + +- [Sant268/CVE-2022-22851](https://github.com/Sant268/CVE-2022-22851) + +### CVE-2022-22852 (2022-01-26) + + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list. + + +- [Sant268/CVE-2022-22852](https://github.com/Sant268/CVE-2022-22852) + ### CVE-2022-22909 (2022-03-02) @@ -1029,6 +1164,8 @@ A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Qu PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php +- [jcarabantes/CVE-2022-23046](https://github.com/jcarabantes/CVE-2022-23046) +- [dnr6419/CVE-2022-23046](https://github.com/dnr6419/CVE-2022-23046) - [bernauers/CVE-2022-23046](https://github.com/bernauers/CVE-2022-23046) ### CVE-2022-23131 (2022-01-13) @@ -1037,8 +1174,12 @@ PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default). +- [qq1549176285/CVE-2022-23131](https://github.com/qq1549176285/CVE-2022-23131) +- [jweny/zabbix-saml-bypass-exp](https://github.com/jweny/zabbix-saml-bypass-exp) - [Mr-xn/cve-2022-23131](https://github.com/Mr-xn/cve-2022-23131) +- [1mxml/CVE-2022-23131](https://github.com/1mxml/CVE-2022-23131) - [0tt7/CVE-2022-23131](https://github.com/0tt7/CVE-2022-23131) +- [zwjjustdoit/cve-2022-23131](https://github.com/zwjjustdoit/cve-2022-23131) - [L0ading-x/cve-2022-23131](https://github.com/L0ading-x/cve-2022-23131) - [trganda/CVE-2022-23131](https://github.com/trganda/CVE-2022-23131) - [pykiller/CVE-2022-23131](https://github.com/pykiller/CVE-2022-23131) @@ -1081,6 +1222,7 @@ By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configu - [HynekPetrak/log4shell-finder](https://github.com/HynekPetrak/log4shell-finder) +- [AlphabugX/CVE-2022-RCE](https://github.com/AlphabugX/CVE-2022-RCE) ### CVE-2022-23342 (2022-06-21) @@ -1093,6 +1235,14 @@ The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase r ### CVE-2022-23361 - [ViNi0608/CVE-2022-23361](https://github.com/ViNi0608/CVE-2022-23361) +### CVE-2022-23378 (2022-02-09) + + +A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable. + + +- [TheGetch/CVE-2022-23378](https://github.com/TheGetch/CVE-2022-23378) + ### CVE-2022-23614 (2022-02-04) @@ -1133,6 +1283,14 @@ Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed serve - [fbusr/CVE-2022-23779](https://github.com/fbusr/CVE-2022-23779) +### CVE-2022-23808 (2022-01-21) + + +An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection. + + +- [dipakpanchal456/CVE-2022-23808](https://github.com/dipakpanchal456/CVE-2022-23808) + ### CVE-2022-23812 (2022-03-16) @@ -1173,6 +1331,14 @@ SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Auth - [manuelz120/CVE-2022-23940](https://github.com/manuelz120/CVE-2022-23940) +### CVE-2022-23967 (2022-01-26) + + +In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbproto.c (for the vncviewer component). There is no check on the size given to malloc, e.g., -1 is accepted. This allocates a chunk of size zero, which will give a heap pointer. However, one can send 0xffffffff bytes of data, which can have a DoS impact or lead to remote code execution. + + +- [MaherAzzouzi/CVE-2022-23967](https://github.com/MaherAzzouzi/CVE-2022-23967) + ### CVE-2022-23990 (2022-01-26) @@ -1252,6 +1418,14 @@ In JetBrains TeamCity before 2021.2.1, URL injection leading to CSRF was possibl - [yuriisanin/CVE-2022-24342](https://github.com/yuriisanin/CVE-2022-24342) +### CVE-2022-24348 (2022-02-04) + + +Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file. + + +- [jkroepke/CVE-2022-24348-2](https://github.com/jkroepke/CVE-2022-24348-2) + ### CVE-2022-24449 (2022-04-28) @@ -1515,8 +1689,17 @@ SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has - [RobertDra/CVE-2022-25256](https://github.com/RobertDra/CVE-2022-25256) ### CVE-2022-25257 +- [polling-repo-continua/CVE-2022-25257](https://github.com/polling-repo-continua/CVE-2022-25257) - [RobertDra/CVE-2022-25257](https://github.com/RobertDra/CVE-2022-25257) +### CVE-2022-25258 (2022-02-16) + + +An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur. + + +- [szymonh/d-os-descriptor](https://github.com/szymonh/d-os-descriptor) + ### CVE-2022-25262 (2022-02-25) @@ -1549,6 +1732,14 @@ In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNa - [ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315](https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315) +### CVE-2022-25375 (2022-02-20) + + +An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory. + + +- [szymonh/rndis-co](https://github.com/szymonh/rndis-co) + ### CVE-2022-25636 (2022-02-21) @@ -12845,6 +13036,7 @@ Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on r - [ramoncjs3/CVE-2019-0230](https://github.com/ramoncjs3/CVE-2019-0230) - [f8al/CVE-2019-0230-PoC](https://github.com/f8al/CVE-2019-0230-PoC) - [Al1ex/CVE-2019-0230](https://github.com/Al1ex/CVE-2019-0230) +- [tw-eason-tseng/CVE-2019-0230_Struts2S2-059](https://github.com/tw-eason-tseng/CVE-2019-0230_Struts2S2-059) ### CVE-2019-0232 (2019-04-15) @@ -13681,6 +13873,7 @@ The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco we The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account. +- [warferik/CVE-2019-3980](https://github.com/warferik/CVE-2019-3980) - [Barbarisch/CVE-2019-3980](https://github.com/Barbarisch/CVE-2019-3980) ### CVE-2019-5010 (2019-10-31) @@ -13749,6 +13942,14 @@ A remote code execution vulnerability in development mode Rails <5.2.2.1, < - [PenTestical/CVE-2019-5420](https://github.com/PenTestical/CVE-2019-5420) - [laffray/ruby-RCE-CVE-2019-5420-](https://github.com/laffray/ruby-RCE-CVE-2019-5420-) +### CVE-2019-5427 (2019-04-22) + + +c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration. + + +- [shanika04/cp30_XXE_partial_fix](https://github.com/shanika04/cp30_XXE_partial_fix) + ### CVE-2019-5454 (2019-07-30) @@ -16236,6 +16437,7 @@ Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution - [SDNDTeam/CVE-2019-17558_Solr_Vul_Tool](https://github.com/SDNDTeam/CVE-2019-17558_Solr_Vul_Tool) - [zhzyker/exphub](https://github.com/zhzyker/exphub) - [Ma1Dong/Solr_CVE-2019-17558](https://github.com/Ma1Dong/Solr_CVE-2019-17558) +- [xkyrage/Exploit_CVE-2019-17558-RCE](https://github.com/xkyrage/Exploit_CVE-2019-17558-RCE) ### CVE-2019-17564 (2020-04-01)