mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2022/06/23 18:19:39

Browse source
This commit is contained in:
motikan2010-bot 2022-06-24 03:19:39 +09:00
parent 18537ae8c8
commit ebbd29dd5d
40 changed files with 288 additions and 210 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
2011/CVE-2011-3872.json
View file

@ -2,18 +2,18 @@
{
"id": 2588958,
"name": "puppetlabs-cve20113872",
"full_name": "puppetlabs\/puppetlabs-cve20113872",
"full_name": "puppetlabs-toy-chest\/puppetlabs-cve20113872",
"owner": {
"login": "puppetlabs",
"id": 234268,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/234268?v=4",
"html_url": "https:\/\/github.com\/puppetlabs"
"login": "puppetlabs-toy-chest",
"id": 88753164,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88753164?v=4",
"html_url": "https:\/\/github.com\/puppetlabs-toy-chest"
},
"html_url": "https:\/\/github.com\/puppetlabs\/puppetlabs-cve20113872",
"html_url": "https:\/\/github.com\/puppetlabs-toy-chest\/puppetlabs-cve20113872",
"description": "Puppet Module to help fix and migrate a Puppet deployment (CVE-2011-3872)",
"fork": false,
"created_at": "2011-10-17T01:26:34Z",
"updated_at": "2022-05-19T00:01:54Z",
"updated_at": "2022-06-23T17:35:52Z",
"pushed_at": "2020-01-04T23:15:54Z",
"stargazers_count": 6,
"watchers_count": 6,

8
2014/CVE-2014-4210.json
View file

@ -40,10 +40,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2022-06-23T03:15:25Z",
"updated_at": "2022-06-23T17:42:57Z",
"pushed_at": "2020-11-27T15:10:58Z",
"stargazers_count": 1400,
"watchers_count": 1400,
"stargazers_count": 1399,
"watchers_count": 1399,
"forks_count": 297,
"allow_forking": true,
"is_template": false,
@ -71,7 +71,7 @@
],
"visibility": "public",
"forks": 297,
"watchers": 1400,
"watchers": 1399,
"score": 0
},
{

2
2015/CVE-2015-2291.json
View file

@ -41,7 +41,7 @@
"fork": false,
"created_at": "2022-06-22T05:22:57Z",
"updated_at": "2022-06-22T05:23:02Z",
"pushed_at": "2022-06-23T08:20:37Z",
"pushed_at": "2022-06-23T17:39:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2016/CVE-2016-0638.json
View file

@ -13,10 +13,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2022-06-23T03:15:25Z",
"updated_at": "2022-06-23T17:42:57Z",
"pushed_at": "2020-11-27T15:10:58Z",
"stargazers_count": 1400,
"watchers_count": 1400,
"stargazers_count": 1399,
"watchers_count": 1399,
"forks_count": 297,
"allow_forking": true,
"is_template": false,
@ -44,7 +44,7 @@
],
"visibility": "public",
"forks": 297,
"watchers": 1400,
"watchers": 1399,
"score": 0
},
{

8
2016/CVE-2016-4977.json
View file

@ -40,17 +40,17 @@
"description": "burpsuite 的Spring漏洞扫描插件。SpringVulScan支持检测路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977",
"fork": false,
"created_at": "2022-06-19T13:16:55Z",
"updated_at": "2022-06-23T09:10:46Z",
"updated_at": "2022-06-23T12:20:27Z",
"pushed_at": "2022-06-20T13:23:23Z",
"stargazers_count": 15,
"watchers_count": 15,
"stargazers_count": 16,
"watchers_count": 16,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 15,
"watchers": 16,
"score": 0
}
]

4
2017/CVE-2017-15303.json
View file

@ -17,7 +17,7 @@
"pushed_at": "2018-02-25T08:49:07Z",
"stargazers_count": 99,
"watchers_count": 99,
"forks_count": 54,
"forks_count": 55,
"allow_forking": true,
"is_template": false,
"topics": [
@ -27,7 +27,7 @@
"loader"
],
"visibility": "public",
"forks": 54,
"forks": 55,
"watchers": 99,
"score": 0
}

8
2017/CVE-2017-3248.json
View file

@ -40,10 +40,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2022-06-23T03:15:25Z",
"updated_at": "2022-06-23T17:42:57Z",
"pushed_at": "2020-11-27T15:10:58Z",
"stargazers_count": 1400,
"watchers_count": 1400,
"stargazers_count": 1399,
"watchers_count": 1399,
"forks_count": 297,
"allow_forking": true,
"is_template": false,
@ -71,7 +71,7 @@
],
"visibility": "public",
"forks": 297,
"watchers": 1400,
"watchers": 1399,
"score": 0
},
{

8
2017/CVE-2017-7494.json
View file

@ -424,17 +424,17 @@
"description": "SambaCry exploit (CVE-2017-7494) ",
"fork": false,
"created_at": "2022-05-07T11:42:40Z",
"updated_at": "2022-06-22T12:47:28Z",
"updated_at": "2022-06-23T15:50:46Z",
"pushed_at": "2022-05-08T09:02:36Z",
"stargazers_count": 25,
"watchers_count": 25,
"stargazers_count": 26,
"watchers_count": 26,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 25,
"watchers": 26,
"score": 0
}
]

8
2018/CVE-2018-14667.json
View file

@ -148,17 +148,17 @@
"description": "CVE-2018-14667-poc Richfaces漏洞环境及PoC",
"fork": false,
"created_at": "2019-09-23T07:45:01Z",
"updated_at": "2022-05-17T01:44:07Z",
"updated_at": "2022-06-23T12:57:34Z",
"pushed_at": "2019-09-24T05:00:40Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 5,
"watchers": 6,
"score": 0
}
]

4
2018/CVE-2018-16509.json
View file

@ -100,8 +100,8 @@
"description": "CVE-2018-16509 Docker Playground - Ghostscript command execution",
"fork": false,
"created_at": "2019-08-04T10:09:31Z",
"updated_at": "2019-08-04T10:16:52Z",
"pushed_at": "2019-08-04T10:14:27Z",
"updated_at": "2022-06-23T13:15:11Z",
"pushed_at": "2022-06-23T13:25:42Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2018/CVE-2018-2628.json
View file

@ -530,10 +530,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2022-06-23T03:15:25Z",
"updated_at": "2022-06-23T17:42:57Z",
"pushed_at": "2020-11-27T15:10:58Z",
"stargazers_count": 1400,
"watchers_count": 1400,
"stargazers_count": 1399,
"watchers_count": 1399,
"forks_count": 297,
"allow_forking": true,
"is_template": false,
@ -561,7 +561,7 @@
],
"visibility": "public",
"forks": 297,
"watchers": 1400,
"watchers": 1399,
"score": 0
},
{

8
2019/CVE-2019-1205.json
View file

@ -13,10 +13,10 @@
"description": "Microsoft vulnerability for CVE 2019-1205 in 2022.",
"fork": false,
"created_at": "2022-06-08T15:51:36Z",
"updated_at": "2022-06-15T20:52:16Z",
"updated_at": "2022-06-23T16:37:59Z",
"pushed_at": "2022-06-15T20:52:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
@ -27,7 +27,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0
}
]

8
2019/CVE-2019-17558.json
View file

@ -40,10 +40,10 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2022-06-23T10:08:52Z",
"updated_at": "2022-06-23T18:00:50Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 3382,
"watchers_count": 3382,
"stargazers_count": 3384,
"watchers_count": 3384,
"forks_count": 1010,
"allow_forking": true,
"is_template": false,
@ -70,7 +70,7 @@
],
"visibility": "public",
"forks": 1010,
"watchers": 3382,
"watchers": 3384,
"score": 0
},
{

8
2019/CVE-2019-2618.json
View file

@ -175,10 +175,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2022-06-23T03:15:25Z",
"updated_at": "2022-06-23T17:42:57Z",
"pushed_at": "2020-11-27T15:10:58Z",
"stargazers_count": 1400,
"watchers_count": 1400,
"stargazers_count": 1399,
"watchers_count": 1399,
"forks_count": 297,
"allow_forking": true,
"is_template": false,
@ -206,7 +206,7 @@
],
"visibility": "public",
"forks": 297,
"watchers": 1400,
"watchers": 1399,
"score": 0
}
]

12
2019/CVE-2019-6339.json
View file

@ -13,17 +13,17 @@
"description": "Drupal remote code execution vulnerabilty",
"fork": false,
"created_at": "2021-10-19T06:59:29Z",
"updated_at": "2021-11-03T08:48:27Z",
"updated_at": "2022-06-23T15:01:10Z",
"pushed_at": "2021-10-19T07:00:14Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 3,
"forks": 4,
"watchers": 4,
"score": 0
}
]

12
2020/CVE-2020-1034.json
View file

@ -13,17 +13,17 @@
"description": "PoC demonstrating the use of cve-2020-1034 for privilege escalation",
"fork": false,
"created_at": "2020-11-23T10:24:07Z",
"updated_at": "2022-06-12T12:00:49Z",
"updated_at": "2022-06-23T16:14:44Z",
"pushed_at": "2021-03-16T13:53:37Z",
"stargazers_count": 98,
"watchers_count": 98,
"forks_count": 33,
"stargazers_count": 100,
"watchers_count": 100,
"forks_count": 35,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 33,
"watchers": 98,
"forks": 35,
"watchers": 100,
"score": 0
},
{

8
2020/CVE-2020-1066.json
View file

@ -13,17 +13,17 @@
"description": "CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统",
"fork": false,
"created_at": "2020-06-01T04:44:05Z",
"updated_at": "2022-06-12T01:47:06Z",
"updated_at": "2022-06-23T13:48:30Z",
"pushed_at": "2020-06-17T00:56:08Z",
"stargazers_count": 173,
"watchers_count": 173,
"stargazers_count": 174,
"watchers_count": 174,
"forks_count": 48,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 48,
"watchers": 173,
"watchers": 174,
"score": 0
},
{

8
2020/CVE-2020-14882.json
View file

@ -13,10 +13,10 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2022-06-23T10:08:52Z",
"updated_at": "2022-06-23T18:00:50Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 3382,
"watchers_count": 3382,
"stargazers_count": 3384,
"watchers_count": 3384,
"forks_count": 1010,
"allow_forking": true,
"is_template": false,
@ -43,7 +43,7 @@
],
"visibility": "public",
"forks": 1010,
"watchers": 3382,
"watchers": 3384,
"score": 0
},
{

8
2020/CVE-2020-15368.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2020-15368, aka \"How to exploit a vulnerable driver\"",
"fork": false,
"created_at": "2021-06-29T04:38:24Z",
"updated_at": "2022-06-21T14:24:36Z",
"updated_at": "2022-06-23T16:09:03Z",
"pushed_at": "2022-04-14T03:17:44Z",
"stargazers_count": 333,
"watchers_count": 333,
"stargazers_count": 334,
"watchers_count": 334,
"forks_count": 35,
"allow_forking": true,
"is_template": false,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 35,
"watchers": 333,
"watchers": 334,
"score": 0
}
]

8
2020/CVE-2020-2551.json
View file

@ -13,10 +13,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2022-06-23T03:15:25Z",
"updated_at": "2022-06-23T17:42:57Z",
"pushed_at": "2020-11-27T15:10:58Z",
"stargazers_count": 1400,
"watchers_count": 1400,
"stargazers_count": 1399,
"watchers_count": 1399,
"forks_count": 297,
"allow_forking": true,
"is_template": false,
@ -44,7 +44,7 @@
],
"visibility": "public",
"forks": 297,
"watchers": 1400,
"watchers": 1399,
"score": 0
},
{

4
2020/CVE-2020-28243.json
View file

@ -17,7 +17,7 @@
"pushed_at": "2021-03-03T08:01:22Z",
"stargazers_count": 16,
"watchers_count": 16,
"forks_count": 3,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"topics": [
@ -28,7 +28,7 @@
"saltstack-minion"
],
"visibility": "public",
"forks": 3,
"forks": 4,
"watchers": 16,
"score": 0
}

8
2021/CVE-2021-1585.json
View file

@ -13,10 +13,10 @@
"description": "Proof of Concept for CVE-2021-1585: Cisco ASA Device Manager RCE",
"fork": false,
"created_at": "2022-02-10T21:52:24Z",
"updated_at": "2022-05-21T01:00:43Z",
"updated_at": "2022-06-23T14:55:38Z",
"pushed_at": "2022-05-05T14:49:16Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 7,
"watchers": 8,
"score": 0
}
]

8
2021/CVE-2021-3129.json
View file

@ -121,10 +121,10 @@
"description": "Exploit for CVE-2021-3129",
"fork": false,
"created_at": "2021-01-27T10:16:35Z",
"updated_at": "2022-06-08T04:30:43Z",
"updated_at": "2022-06-23T16:11:34Z",
"pushed_at": "2021-03-07T04:39:58Z",
"stargazers_count": 53,
"watchers_count": 53,
"stargazers_count": 54,
"watchers_count": 54,
"forks_count": 22,
"allow_forking": true,
"is_template": false,
@ -135,7 +135,7 @@
],
"visibility": "public",
"forks": 22,
"watchers": 53,
"watchers": 54,
"score": 0
},
{

29
2021/CVE-2021-39408.json Normal file
View file

@ -0,0 +1,29 @@
[
{
"id": 397327413,
"name": "CVE-2021-39408",
"full_name": "StefanDorresteijn\/CVE-2021-39408",
"owner": {
"login": "StefanDorresteijn",
"id": 2564735,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2564735?v=4",
"html_url": "https:\/\/github.com\/StefanDorresteijn"
},
"html_url": "https:\/\/github.com\/StefanDorresteijn\/CVE-2021-39408",
"description": "XSS vulnerability in Online Student Rate System1.0",
"fork": false,
"created_at": "2021-08-17T16:45:06Z",
"updated_at": "2022-06-23T15:06:29Z",
"pushed_at": "2022-06-23T15:04:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

29
2021/CVE-2021-39409.json Normal file
View file

@ -0,0 +1,29 @@
[
{
"id": 397328392,
"name": "CVE-2021-39409",
"full_name": "StefanDorresteijn\/CVE-2021-39409",
"owner": {
"login": "StefanDorresteijn",
"id": 2564735,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2564735?v=4",
"html_url": "https:\/\/github.com\/StefanDorresteijn"
},
"html_url": "https:\/\/github.com\/StefanDorresteijn\/CVE-2021-39409",
"description": "Admin account registration in Online Student Rate System",
"fork": false,
"created_at": "2021-08-17T16:48:53Z",
"updated_at": "2022-06-23T15:08:09Z",
"pushed_at": "2022-06-23T15:04:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

4
2021/CVE-2021-4034.json
View file

@ -2630,12 +2630,12 @@
"pushed_at": "2022-01-30T10:44:34Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 4,
"score": 0
},

16
2021/CVE-2021-42287.json
View file

@ -13,17 +13,17 @@
"description": "CVE-2021-42287\/CVE-2021-42278 Scanner & Exploiter.",
"fork": false,
"created_at": "2021-12-11T19:27:30Z",
"updated_at": "2022-06-21T14:14:16Z",
"updated_at": "2022-06-23T13:25:28Z",
"pushed_at": "2021-12-16T09:50:15Z",
"stargazers_count": 1109,
"watchers_count": 1109,
"stargazers_count": 1110,
"watchers_count": 1110,
"forks_count": 293,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 293,
"watchers": 1109,
"watchers": 1110,
"score": 0
},
{
@ -40,17 +40,17 @@
"description": "NoPacScan is a CVE-2021-42287\/CVE-2021-42278 Scanner,it scan for more domain controllers than other script",
"fork": false,
"created_at": "2022-01-07T11:59:55Z",
"updated_at": "2022-06-02T12:50:33Z",
"updated_at": "2022-06-23T16:16:37Z",
"pushed_at": "2022-02-17T04:12:08Z",
"stargazers_count": 65,
"watchers_count": 65,
"stargazers_count": 66,
"watchers_count": 66,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 65,
"watchers": 66,
"score": 0
},
{

27
2021/CVE-2021-43798.json
View file

@ -219,33 +219,6 @@
"watchers": 1,
"score": 0
},
{
"id": 437579874,
"name": "CVE-2021-43798",
"full_name": "gixxyboy\/CVE-2021-43798",
"owner": {
"login": "gixxyboy",
"id": 43948762,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43948762?v=4",
"html_url": "https:\/\/github.com\/gixxyboy"
},
"html_url": "https:\/\/github.com\/gixxyboy\/CVE-2021-43798",
"description": null,
"fork": false,
"created_at": "2021-12-12T15:16:55Z",
"updated_at": "2021-12-12T15:16:59Z",
"pushed_at": "2021-12-12T15:16:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 437761790,
"name": "Grafana-CVE-2021-43798",

37
2021/CVE-2021-44228.json
View file

@ -1616,33 +1616,6 @@
"watchers": 0,
"score": 0
},
{
"id": 437575607,
"name": "cve-2021-44228-qingteng-patch",
"full_name": "qingtengyun\/cve-2021-44228-qingteng-patch",
"owner": {
"login": "qingtengyun",
"id": 18526503,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18526503?v=4",
"html_url": "https:\/\/github.com\/qingtengyun"
},
"html_url": "https:\/\/github.com\/qingtengyun\/cve-2021-44228-qingteng-patch",
"description": null,
"fork": false,
"created_at": "2021-12-12T15:00:04Z",
"updated_at": "2022-02-07T10:46:07Z",
"pushed_at": "2021-12-12T16:03:21Z",
"stargazers_count": 9,
"watchers_count": 9,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 9,
"score": 0
},
{
"id": 437582859,
"name": "log4j-jndi-be-gone",
@ -7988,17 +7961,17 @@
"description": "Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more.",
"fork": false,
"created_at": "2021-12-24T13:18:49Z",
"updated_at": "2022-06-23T11:55:27Z",
"updated_at": "2022-06-23T17:13:27Z",
"pushed_at": "2022-03-23T00:35:16Z",
"stargazers_count": 73,
"watchers_count": 73,
"stargazers_count": 72,
"watchers_count": 72,
"forks_count": 19,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 73,
"watchers": 72,
"score": 0
},
{
@ -8070,7 +8043,7 @@
"fork": false,
"created_at": "2021-12-24T20:00:12Z",
"updated_at": "2022-01-06T13:31:29Z",
"pushed_at": "2022-05-19T17:26:06Z",
"pushed_at": "2022-06-23T17:39:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

4
2022/CVE-2022-21882.json
View file

@ -17,12 +17,12 @@
"pushed_at": "2022-01-27T04:18:18Z",
"stargazers_count": 417,
"watchers_count": 417,
"forks_count": 131,
"forks_count": 132,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 131,
"forks": 132,
"watchers": 417,
"score": 0
},

16
2022/CVE-2022-22965.json
View file

@ -893,17 +893,17 @@
"description": "Docker PoC for CVE-2022-22965 with Spring Boot version 2.6.5",
"fork": false,
"created_at": "2022-04-03T06:43:07Z",
"updated_at": "2022-06-08T18:19:35Z",
"updated_at": "2022-06-23T16:40:30Z",
"pushed_at": "2022-04-03T08:38:30Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 8,
"watchers": 9,
"score": 0
},
{
@ -1764,17 +1764,17 @@
"description": "burpsuite 的Spring漏洞扫描插件。SpringVulScan支持检测路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977",
"fork": false,
"created_at": "2022-06-19T13:16:55Z",
"updated_at": "2022-06-23T09:10:46Z",
"updated_at": "2022-06-23T12:20:27Z",
"pushed_at": "2022-06-20T13:23:23Z",
"stargazers_count": 15,
"watchers_count": 15,
"stargazers_count": 16,
"watchers_count": 16,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 15,
"watchers": 16,
"score": 0
}
]

24
2022/CVE-2022-22980.json
View file

@ -13,17 +13,17 @@
"description": "Poc of CVE-2022-22980",
"fork": false,
"created_at": "2022-06-21T11:39:13Z",
"updated_at": "2022-06-23T10:57:12Z",
"updated_at": "2022-06-23T14:34:35Z",
"pushed_at": "2022-06-23T09:53:01Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 18,
"watchers_count": 18,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 16,
"watchers": 18,
"score": 0
},
{
@ -40,17 +40,17 @@
"description": "CVE-2022-22980环境",
"fork": false,
"created_at": "2022-06-21T12:02:00Z",
"updated_at": "2022-06-23T09:02:37Z",
"updated_at": "2022-06-23T17:42:39Z",
"pushed_at": "2022-06-22T03:02:34Z",
"stargazers_count": 13,
"watchers_count": 13,
"stargazers_count": 14,
"watchers_count": 14,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 13,
"watchers": 14,
"score": 0
},
{
@ -94,17 +94,17 @@
"description": "CVE-2022-22980 exp demo可作为扫描器靶场",
"fork": false,
"created_at": "2022-06-22T07:51:22Z",
"updated_at": "2022-06-23T09:04:07Z",
"updated_at": "2022-06-23T13:30:04Z",
"pushed_at": "2022-06-22T08:20:35Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 4,
"watchers": 5,
"score": 0
}
]

27
2022/CVE-2022-23222.json
View file

@ -25,5 +25,32 @@
"forks": 73,
"watchers": 438,
"score": 0
},
{
"id": 506271997,
"name": "CVE-2022-23222-POC",
"full_name": "PenteraIO\/CVE-2022-23222-POC",
"owner": {
"login": "PenteraIO",
"id": 60603602,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60603602?v=4",
"html_url": "https:\/\/github.com\/PenteraIO"
},
"html_url": "https:\/\/github.com\/PenteraIO\/CVE-2022-23222-POC",
"description": null,
"fork": false,
"created_at": "2022-06-22T14:01:50Z",
"updated_at": "2022-06-23T15:08:38Z",
"pushed_at": "2022-06-23T15:06:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0
}
]

4
2022/CVE-2022-24112.json
View file

@ -125,12 +125,12 @@
"pushed_at": "2022-03-16T09:19:30Z",
"stargazers_count": 9,
"watchers_count": 9,
"forks_count": 6,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 6,
"forks": 7,
"watchers": 9,
"score": 0
},

10
2022/CVE-2022-26134.json
View file

@ -13,10 +13,10 @@
"description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。",
"fork": false,
"created_at": "2022-05-31T07:44:01Z",
"updated_at": "2022-06-23T09:05:08Z",
"pushed_at": "2022-06-23T10:26:40Z",
"stargazers_count": 114,
"watchers_count": 114,
"updated_at": "2022-06-23T16:18:23Z",
"pushed_at": "2022-06-23T17:54:47Z",
"stargazers_count": 117,
"watchers_count": 117,
"forks_count": 26,
"allow_forking": true,
"is_template": false,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 26,
"watchers": 114,
"watchers": 117,
"score": 0
},
{

8
2022/CVE-2022-26809.json
View file

@ -258,10 +258,10 @@
"description": null,
"fork": false,
"created_at": "2022-05-01T13:19:10Z",
"updated_at": "2022-06-18T04:00:45Z",
"updated_at": "2022-06-23T14:19:51Z",
"pushed_at": "2022-05-25T00:57:52Z",
"stargazers_count": 47,
"watchers_count": 47,
"stargazers_count": 48,
"watchers_count": 48,
"forks_count": 24,
"allow_forking": true,
"is_template": false,
@ -270,7 +270,7 @@
],
"visibility": "public",
"forks": 24,
"watchers": 47,
"watchers": 48,
"score": 0
},
{

8
2022/CVE-2022-30136.json
View file

@ -13,17 +13,17 @@
"description": "CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System",
"fork": false,
"created_at": "2022-06-16T21:16:53Z",
"updated_at": "2022-06-23T00:26:41Z",
"updated_at": "2022-06-23T14:25:12Z",
"pushed_at": "2022-06-16T21:39:06Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0
},
{

20
2022/CVE-2022-30190.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2022-05-30T18:17:38Z",
"updated_at": "2022-06-22T07:04:10Z",
"updated_at": "2022-06-23T14:25:05Z",
"pushed_at": "2022-06-05T21:06:13Z",
"stargazers_count": 127,
"watchers_count": 127,
"stargazers_count": 128,
"watchers_count": 128,
"forks_count": 44,
"allow_forking": true,
"is_template": false,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 44,
"watchers": 127,
"watchers": 128,
"score": 0
},
{
@ -780,17 +780,17 @@
"description": "CVE-2022-30190-follina.py-修改版可以自定义word模板方便实战中钓鱼使用。",
"fork": false,
"created_at": "2022-06-02T12:33:18Z",
"updated_at": "2022-06-23T09:26:27Z",
"updated_at": "2022-06-23T12:53:05Z",
"pushed_at": "2022-06-06T07:19:53Z",
"stargazers_count": 284,
"watchers_count": 284,
"forks_count": 36,
"stargazers_count": 286,
"watchers_count": 286,
"forks_count": 37,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 36,
"watchers": 284,
"forks": 37,
"watchers": 286,
"score": 0
},
{

34
2022/CVE-2022-31749.json Normal file
View file

@ -0,0 +1,34 @@
[
{
"id": 504287436,
"name": "hook",
"full_name": "jbaines-r7\/hook",
"owner": {
"login": "jbaines-r7",
"id": 91965877,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4",
"html_url": "https:\/\/github.com\/jbaines-r7"
},
"html_url": "https:\/\/github.com\/jbaines-r7\/hook",
"description": "Proof of Concept for WatchGuard Authenticated Arbitrary File Read (CVE-2022-31749)",
"fork": false,
"created_at": "2022-06-16T19:51:28Z",
"updated_at": "2022-06-23T16:38:12Z",
"pushed_at": "2022-06-16T20:32:52Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [
"cve-2022-31749",
"exploit",
"poc",
"watchguard"
],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0
}
]

21
README.md
View file

@ -955,7 +955,12 @@ In Spring Security versions 5.5.6 and 5.6.3 and older unsupported versions, Rege
- [DeEpinGh0st/CVE-2022-22978](https://github.com/DeEpinGh0st/CVE-2022-22978)
- [ducluongtran9121/CVE-2022-22978-PoC](https://github.com/ducluongtran9121/CVE-2022-22978-PoC)
### CVE-2022-22980
### CVE-2022-22980 (2022-06-22)
<code>
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.
</code>
- [trganda/CVE-2022-22980](https://github.com/trganda/CVE-2022-22980)
- [kuron3k0/Spring-Data-Mongodb-Example](https://github.com/kuron3k0/Spring-Data-Mongodb-Example)
- [li8u99/Spring-Data-Mongodb-Demo](https://github.com/li8u99/Spring-Data-Mongodb-Demo)
@ -998,6 +1003,7 @@ kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to
</code>
- [tr3ee/CVE-2022-23222](https://github.com/tr3ee/CVE-2022-23222)
- [PenteraIO/CVE-2022-23222-POC](https://github.com/PenteraIO/CVE-2022-23222-POC)
### CVE-2022-23253 (2022-03-09)
@ -2408,6 +2414,9 @@ ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability
- [buff07/CVE-2022-31403](https://github.com/buff07/CVE-2022-31403)
### CVE-2022-31749
- [jbaines-r7/hook](https://github.com/jbaines-r7/hook)
### CVE-2022-31983 (2022-06-01)
<code>
@ -5403,6 +5412,12 @@ Cachet is an open source status page. With Cachet prior to and including 2.3.18,
- [W0rty/CVE-2021-39165](https://github.com/W0rty/CVE-2021-39165)
### CVE-2021-39408
- [StefanDorresteijn/CVE-2021-39408](https://github.com/StefanDorresteijn/CVE-2021-39408)
### CVE-2021-39409
- [StefanDorresteijn/CVE-2021-39409](https://github.com/StefanDorresteijn/CVE-2021-39409)
### CVE-2021-39623 (2022-01-14)
<code>
@ -6040,7 +6055,6 @@ Grafana is an open-source platform for monitoring and observability. Grafana ver
- [s1gh/CVE-2021-43798](https://github.com/s1gh/CVE-2021-43798)
- [fanygit/Grafana-CVE-2021-43798Exp](https://github.com/fanygit/Grafana-CVE-2021-43798Exp)
- [LongWayHomie/CVE-2021-43798](https://github.com/LongWayHomie/CVE-2021-43798)
- [gixxyboy/CVE-2021-43798](https://github.com/gixxyboy/CVE-2021-43798)
- [Awrrays/Grafana-CVE-2021-43798](https://github.com/Awrrays/Grafana-CVE-2021-43798)
- [Ryze-T/CVE-2021-43798](https://github.com/Ryze-T/CVE-2021-43798)
- [k3rwin/CVE-2021-43798-Grafana](https://github.com/k3rwin/CVE-2021-43798-Grafana)
@ -6212,7 +6226,6 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
- [authomize/log4j-log4shell-affected](https://github.com/authomize/log4j-log4shell-affected)
- [guardicode/CVE-2021-44228_IoCs](https://github.com/guardicode/CVE-2021-44228_IoCs)
- [fireflyingup/log4j-poc](https://github.com/fireflyingup/log4j-poc)
- [qingtengyun/cve-2021-44228-qingteng-patch](https://github.com/qingtengyun/cve-2021-44228-qingteng-patch)
- [nccgroup/log4j-jndi-be-gone](https://github.com/nccgroup/log4j-jndi-be-gone)
- [qingtengyun/cve-2021-44228-qingteng-online-patch](https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch)
- [tasooshi/horrors-log4shell](https://github.com/tasooshi/horrors-log4shell)
@ -25944,7 +25957,7 @@ Unspecified vulnerability in the Java Runtime Environment component in Oracle Ja
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka &quot;AltNames Vulnerability.&quot;
</code>
- [puppetlabs/puppetlabs-cve20113872](https://github.com/puppetlabs/puppetlabs-cve20113872)
- [puppetlabs-toy-chest/puppetlabs-cve20113872](https://github.com/puppetlabs-toy-chest/puppetlabs-cve20113872)
### CVE-2011-4107 (2011-11-17)