From ec3f53311e165c5ee26eca5daa279eb901d8ae87 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 31 Jul 2020 00:09:57 +0900 Subject: [PATCH] Auto Update 2020/07/31 00:09:57 --- 2014/CVE-2014-4210.json | 8 ++++---- 2016/CVE-2016-0638.json | 8 ++++---- 2017/CVE-2017-11882.json | 8 ++++---- 2017/CVE-2017-3248.json | 8 ++++---- 2017/CVE-2017-5753.json | 4 ++-- 2017/CVE-2017-9248.json | 2 +- 2018/CVE-2018-15473.json | 8 ++++---- 2018/CVE-2018-2628.json | 8 ++++---- 2018/CVE-2018-5955.json | 8 ++++---- 2019/CVE-2019-0708.json | 32 ++++++++++++++++---------------- 2019/CVE-2019-12409.json | 8 ++++---- 2019/CVE-2019-15126.json | 8 ++++---- 2019/CVE-2019-17558.json | 12 ++++++------ 2019/CVE-2019-2215.json | 4 ++-- 2019/CVE-2019-2618.json | 8 ++++---- 2020/CVE-2020-0796.json | 24 ++++++++++++------------ 2020/CVE-2020-10713.json | 8 ++++---- 2020/CVE-2020-11579.json | 12 ++++++------ 2020/CVE-2020-1313.json | 12 ++++++------ 2020/CVE-2020-1350.json | 8 ++++---- 2020/CVE-2020-1362.json | 8 ++++---- 2020/CVE-2020-15906.json | 25 +++++++++++++++++++++++++ 2020/CVE-2020-2551.json | 8 ++++---- 2020/CVE-2020-5902.json | 20 ++++++++++---------- 2020/CVE-2020-6287.json | 8 ++++---- 2020/CVE-2020-7961.json | 8 ++++---- README.md | 8 ++++++++ 27 files changed, 158 insertions(+), 125 deletions(-) create mode 100644 2020/CVE-2020-15906.json diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index 3b0bb88b94..04368c751c 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -36,13 +36,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-30T06:54:54Z", + "updated_at": "2020-07-30T15:00:50Z", "pushed_at": "2020-07-30T05:31:08Z", - "stargazers_count": 599, - "watchers_count": 599, + "stargazers_count": 602, + "watchers_count": 602, "forks_count": 143, "forks": 143, - "watchers": 599, + "watchers": 602, "score": 0 }, { diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index 5ca6955992..26451518cc 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,13 +13,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-30T06:54:54Z", + "updated_at": "2020-07-30T15:00:50Z", "pushed_at": "2020-07-30T05:31:08Z", - "stargazers_count": 599, - "watchers_count": 599, + "stargazers_count": 602, + "watchers_count": 602, "forks_count": 143, "forks": 143, - "watchers": 599, + "watchers": 602, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-11882.json b/2017/CVE-2017-11882.json index b522879f5b..f226be9c02 100644 --- a/2017/CVE-2017-11882.json +++ b/2017/CVE-2017-11882.json @@ -59,13 +59,13 @@ "description": "CVE-2017-11882 from https:\/\/github.com\/embedi\/CVE-2017-11882", "fork": false, "created_at": "2017-11-21T05:55:53Z", - "updated_at": "2020-07-21T08:03:30Z", + "updated_at": "2020-07-30T09:31:40Z", "pushed_at": "2017-11-29T03:33:53Z", - "stargazers_count": 468, - "watchers_count": 468, + "stargazers_count": 469, + "watchers_count": 469, "forks_count": 243, "forks": 243, - "watchers": 468, + "watchers": 469, "score": 0 }, { diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 39c7d04298..544f799eb0 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -36,13 +36,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-30T06:54:54Z", + "updated_at": "2020-07-30T15:00:50Z", "pushed_at": "2020-07-30T05:31:08Z", - "stargazers_count": 599, - "watchers_count": 599, + "stargazers_count": 602, + "watchers_count": 602, "forks_count": 143, "forks": 143, - "watchers": 599, + "watchers": 602, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-5753.json b/2017/CVE-2017-5753.json index e2f02e1de5..20494dd433 100644 --- a/2017/CVE-2017-5753.json +++ b/2017/CVE-2017-5753.json @@ -17,8 +17,8 @@ "pushed_at": "2018-01-10T01:14:44Z", "stargazers_count": 674, "watchers_count": 674, - "forks_count": 180, - "forks": 180, + "forks_count": 181, + "forks": 181, "watchers": 674, "score": 0 }, diff --git a/2017/CVE-2017-9248.json b/2017/CVE-2017-9248.json index 5ded444280..a40feaa077 100644 --- a/2017/CVE-2017-9248.json +++ b/2017/CVE-2017-9248.json @@ -14,7 +14,7 @@ "fork": false, "created_at": "2018-01-16T00:23:34Z", "updated_at": "2020-07-24T17:56:51Z", - "pushed_at": "2020-05-23T12:33:39Z", + "pushed_at": "2020-07-30T14:10:44Z", "stargazers_count": 83, "watchers_count": 83, "forks_count": 30, diff --git a/2018/CVE-2018-15473.json b/2018/CVE-2018-15473.json index f8fe2c2d32..2ebeb951e5 100644 --- a/2018/CVE-2018-15473.json +++ b/2018/CVE-2018-15473.json @@ -59,13 +59,13 @@ "description": "Exploit written in Python for CVE-2018-15473 with threading and export formats", "fork": false, "created_at": "2018-08-21T00:09:56Z", - "updated_at": "2020-07-29T15:40:13Z", + "updated_at": "2020-07-30T11:52:48Z", "pushed_at": "2020-03-06T10:52:19Z", - "stargazers_count": 409, - "watchers_count": 409, + "stargazers_count": 410, + "watchers_count": 410, "forks_count": 133, "forks": 133, - "watchers": 409, + "watchers": 410, "score": 0 }, { diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index eff27779c1..02e3a1b096 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -450,13 +450,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-30T06:54:54Z", + "updated_at": "2020-07-30T15:00:50Z", "pushed_at": "2020-07-30T05:31:08Z", - "stargazers_count": 599, - "watchers_count": 599, + "stargazers_count": 602, + "watchers_count": 602, "forks_count": 143, "forks": 143, - "watchers": 599, + "watchers": 602, "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index c1eaae2790..19d8057897 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -36,13 +36,13 @@ "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", "fork": false, "created_at": "2019-12-21T22:45:55Z", - "updated_at": "2020-07-27T03:12:52Z", + "updated_at": "2020-07-30T13:54:19Z", "pushed_at": "2020-01-05T21:46:25Z", - "stargazers_count": 283, - "watchers_count": 283, + "stargazers_count": 284, + "watchers_count": 284, "forks_count": 64, "forks": 64, - "watchers": 283, + "watchers": 284, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index c6fb8ce755..07ca53171f 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1002,13 +1002,13 @@ "description": "dump", "fork": false, "created_at": "2019-05-21T06:57:19Z", - "updated_at": "2020-07-25T14:12:36Z", + "updated_at": "2020-07-30T12:07:48Z", "pushed_at": "2019-06-01T05:15:11Z", - "stargazers_count": 464, - "watchers_count": 464, + "stargazers_count": 463, + "watchers_count": 463, "forks_count": 187, "forks": 187, - "watchers": 464, + "watchers": 463, "score": 0 }, { @@ -1531,13 +1531,13 @@ "description": "Proof of concept for CVE-2019-0708", "fork": false, "created_at": "2019-05-29T16:53:54Z", - "updated_at": "2020-07-28T03:57:15Z", + "updated_at": "2020-07-30T12:07:46Z", "pushed_at": "2019-09-03T20:50:28Z", - "stargazers_count": 1038, - "watchers_count": 1038, + "stargazers_count": 1037, + "watchers_count": 1037, "forks_count": 347, "forks": 347, - "watchers": 1038, + "watchers": 1037, "score": 0 }, { @@ -1600,13 +1600,13 @@ "description": "An Attempt to Port BlueKeep PoC from @Ekultek to actual exploits", "fork": false, "created_at": "2019-05-31T00:04:12Z", - "updated_at": "2020-07-17T21:12:13Z", + "updated_at": "2020-07-30T12:09:34Z", "pushed_at": "2020-05-09T09:49:14Z", - "stargazers_count": 331, - "watchers_count": 331, + "stargazers_count": 330, + "watchers_count": 330, "forks_count": 116, "forks": 116, - "watchers": 331, + "watchers": 330, "score": 0 }, { @@ -1784,13 +1784,13 @@ "description": "CVE-2019-0708-PoC Notes and Pseudocodes.", "fork": false, "created_at": "2019-06-11T09:38:36Z", - "updated_at": "2020-05-16T19:37:09Z", + "updated_at": "2020-07-30T12:08:10Z", "pushed_at": "2020-05-16T19:37:06Z", - "stargazers_count": 16, - "watchers_count": 16, + "stargazers_count": 15, + "watchers_count": 15, "forks_count": 8, "forks": 8, - "watchers": 16, + "watchers": 15, "score": 0 }, { diff --git a/2019/CVE-2019-12409.json b/2019/CVE-2019-12409.json index b61a023692..f7e5964c1d 100644 --- a/2019/CVE-2019-12409.json +++ b/2019/CVE-2019-12409.json @@ -13,13 +13,13 @@ "description": "Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS=\"true\")", "fork": false, "created_at": "2019-11-19T08:53:56Z", - "updated_at": "2020-06-25T05:24:04Z", + "updated_at": "2020-07-30T09:26:34Z", "pushed_at": "2019-11-19T09:18:00Z", - "stargazers_count": 90, - "watchers_count": 90, + "stargazers_count": 91, + "watchers_count": 91, "forks_count": 32, "forks": 32, - "watchers": 90, + "watchers": 91, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-15126.json b/2019/CVE-2019-15126.json index 0bf6bd5581..db95134cbe 100644 --- a/2019/CVE-2019-15126.json +++ b/2019/CVE-2019-15126.json @@ -59,13 +59,13 @@ "description": "An experimental script PoC for Kr00k vulnerability (CVE-2019-15126)", "fork": false, "created_at": "2020-03-18T16:25:28Z", - "updated_at": "2020-07-13T02:08:10Z", + "updated_at": "2020-07-30T09:23:51Z", "pushed_at": "2020-04-03T20:21:46Z", - "stargazers_count": 43, - "watchers_count": 43, + "stargazers_count": 44, + "watchers_count": 44, "forks_count": 7, "forks": 7, - "watchers": 43, + "watchers": 44, "score": 0 }, { diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index f8c0fc068c..12495a4e53 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -36,13 +36,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-07-30T09:03:26Z", + "updated_at": "2020-07-30T11:34:20Z", "pushed_at": "2020-07-14T10:20:14Z", - "stargazers_count": 1388, - "watchers_count": 1388, - "forks_count": 352, - "forks": 352, - "watchers": 1388, + "stargazers_count": 1391, + "watchers_count": 1391, + "forks_count": 353, + "forks": 353, + "watchers": 1391, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-2215.json b/2019/CVE-2019-2215.json index 1a46d3ccea..f0311c90e4 100644 --- a/2019/CVE-2019-2215.json +++ b/2019/CVE-2019-2215.json @@ -63,8 +63,8 @@ "pushed_at": "2019-10-15T01:04:08Z", "stargazers_count": 51, "watchers_count": 51, - "forks_count": 36, - "forks": 36, + "forks_count": 37, + "forks": 37, "watchers": 51, "score": 0 }, diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 2b79b17daf..c354ca6a84 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -151,13 +151,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-30T06:54:54Z", + "updated_at": "2020-07-30T15:00:50Z", "pushed_at": "2020-07-30T05:31:08Z", - "stargazers_count": 599, - "watchers_count": 599, + "stargazers_count": 602, + "watchers_count": 602, "forks_count": 143, "forks": 143, - "watchers": 599, + "watchers": 602, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 2d35f07605..49b5e19a6d 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -82,13 +82,13 @@ "description": "Scanner for CVE-2020-0796 - SMBv3 RCE", "fork": false, "created_at": "2020-03-11T15:21:27Z", - "updated_at": "2020-07-30T00:41:22Z", + "updated_at": "2020-07-30T09:13:12Z", "pushed_at": "2020-03-13T09:54:16Z", - "stargazers_count": 518, - "watchers_count": 518, + "stargazers_count": 519, + "watchers_count": 519, "forks_count": 175, "forks": 175, - "watchers": 518, + "watchers": 519, "score": 0 }, { @@ -910,13 +910,13 @@ "description": "CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost", "fork": false, "created_at": "2020-03-30T11:42:56Z", - "updated_at": "2020-07-28T03:09:00Z", + "updated_at": "2020-07-30T12:30:02Z", "pushed_at": "2020-04-08T19:27:07Z", - "stargazers_count": 978, - "watchers_count": 978, + "stargazers_count": 977, + "watchers_count": 977, "forks_count": 322, "forks": 322, - "watchers": 978, + "watchers": 977, "score": 0 }, { @@ -1163,13 +1163,13 @@ "description": "CVE-2020-0796 Remote Code Execution POC", "fork": false, "created_at": "2020-04-20T14:35:48Z", - "updated_at": "2020-07-29T15:29:54Z", + "updated_at": "2020-07-30T12:11:40Z", "pushed_at": "2020-06-09T20:46:45Z", - "stargazers_count": 299, - "watchers_count": 299, + "stargazers_count": 300, + "watchers_count": 300, "forks_count": 96, "forks": 96, - "watchers": 299, + "watchers": 300, "score": 0 }, { diff --git a/2020/CVE-2020-10713.json b/2020/CVE-2020-10713.json index 48fac79c36..7c0dfdbf60 100644 --- a/2020/CVE-2020-10713.json +++ b/2020/CVE-2020-10713.json @@ -13,13 +13,13 @@ "description": "BootHole vulnerability (CVE-2020-10713). detection script, links and other mitigation related materials", "fork": false, "created_at": "2020-07-29T00:01:41Z", - "updated_at": "2020-07-30T09:00:52Z", + "updated_at": "2020-07-30T12:28:10Z", "pushed_at": "2020-07-29T20:42:20Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "forks_count": 3, "forks": 3, - "watchers": 11, + "watchers": 12, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-11579.json b/2020/CVE-2020-11579.json index 283e9e6abf..bea4e65341 100644 --- a/2020/CVE-2020-11579.json +++ b/2020/CVE-2020-11579.json @@ -13,13 +13,13 @@ "description": "Exploit code for CVE-2020-11579, an arbitrary file disclosure through the MySQL client in PHPKB", "fork": false, "created_at": "2020-05-19T13:12:48Z", - "updated_at": "2020-07-30T08:11:38Z", + "updated_at": "2020-07-30T14:29:54Z", "pushed_at": "2020-07-28T12:46:21Z", - "stargazers_count": 6, - "watchers_count": 6, - "forks_count": 2, - "forks": 2, - "watchers": 6, + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1313.json b/2020/CVE-2020-1313.json index 19e118da62..154e5fa38f 100644 --- a/2020/CVE-2020-1313.json +++ b/2020/CVE-2020-1313.json @@ -13,13 +13,13 @@ "description": "Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability", "fork": false, "created_at": "2020-07-29T15:56:50Z", - "updated_at": "2020-07-30T08:04:58Z", + "updated_at": "2020-07-30T14:53:08Z", "pushed_at": "2020-07-30T07:48:40Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 2, - "forks": 2, - "watchers": 2, + "stargazers_count": 25, + "watchers_count": 25, + "forks_count": 4, + "forks": 4, + "watchers": 25, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json index 6a11490a1a..77f99c7353 100644 --- a/2020/CVE-2020-1350.json +++ b/2020/CVE-2020-1350.json @@ -13,13 +13,13 @@ "description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST", "fork": false, "created_at": "2020-03-11T17:51:29Z", - "updated_at": "2020-07-27T16:36:39Z", + "updated_at": "2020-07-30T09:37:39Z", "pushed_at": "2020-07-27T16:36:37Z", - "stargazers_count": 30, - "watchers_count": 30, + "stargazers_count": 31, + "watchers_count": 31, "forks_count": 7, "forks": 7, - "watchers": 30, + "watchers": 31, "score": 0 }, { diff --git a/2020/CVE-2020-1362.json b/2020/CVE-2020-1362.json index dc5d648c86..082580a892 100644 --- a/2020/CVE-2020-1362.json +++ b/2020/CVE-2020-1362.json @@ -13,13 +13,13 @@ "description": "writeup of CVE-2020-1362", "fork": false, "created_at": "2020-07-17T07:35:05Z", - "updated_at": "2020-07-30T06:56:35Z", + "updated_at": "2020-07-30T12:29:47Z", "pushed_at": "2020-07-17T07:54:26Z", - "stargazers_count": 186, - "watchers_count": 186, + "stargazers_count": 187, + "watchers_count": 187, "forks_count": 34, "forks": 34, - "watchers": 186, + "watchers": 187, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-15906.json b/2020/CVE-2020-15906.json new file mode 100644 index 0000000000..f99cc57cb6 --- /dev/null +++ b/2020/CVE-2020-15906.json @@ -0,0 +1,25 @@ +[ + { + "id": 281907147, + "name": "CVE-2020-15906", + "full_name": "S1lkys\/CVE-2020-15906", + "owner": { + "login": "S1lkys", + "id": 40408435, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/40408435?v=4", + "html_url": "https:\/\/github.com\/S1lkys" + }, + "html_url": "https:\/\/github.com\/S1lkys\/CVE-2020-15906", + "description": "Writeup of CVE-2020-15906", + "fork": false, + "created_at": "2020-07-23T09:20:53Z", + "updated_at": "2020-07-30T10:25:33Z", + "pushed_at": "2020-07-23T13:33:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 1473b4925d..faab21ce46 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,13 +13,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-30T06:54:54Z", + "updated_at": "2020-07-30T15:00:50Z", "pushed_at": "2020-07-30T05:31:08Z", - "stargazers_count": 599, - "watchers_count": 599, + "stargazers_count": 602, + "watchers_count": 602, "forks_count": 143, "forks": 143, - "watchers": 599, + "watchers": 602, "score": 0 }, { diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index 12f3411a11..a7b1b95c65 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -13,13 +13,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-07-30T09:03:26Z", + "updated_at": "2020-07-30T11:34:20Z", "pushed_at": "2020-07-14T10:20:14Z", - "stargazers_count": 1388, - "watchers_count": 1388, - "forks_count": 352, - "forks": 352, - "watchers": 1388, + "stargazers_count": 1391, + "watchers_count": 1391, + "forks_count": 353, + "forks": 353, + "watchers": 1391, "score": 0 }, { @@ -128,13 +128,13 @@ "description": "Proof of concept for CVE-2020-5902", "fork": false, "created_at": "2020-07-05T17:01:27Z", - "updated_at": "2020-07-24T22:12:42Z", + "updated_at": "2020-07-30T12:49:12Z", "pushed_at": "2020-07-06T17:47:17Z", - "stargazers_count": 68, - "watchers_count": 68, + "stargazers_count": 69, + "watchers_count": 69, "forks_count": 20, "forks": 20, - "watchers": 68, + "watchers": 69, "score": 0 }, { diff --git a/2020/CVE-2020-6287.json b/2020/CVE-2020-6287.json index 4f9fe98d0f..65c1fd89ac 100644 --- a/2020/CVE-2020-6287.json +++ b/2020/CVE-2020-6287.json @@ -13,13 +13,13 @@ "description": "PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)", "fork": false, "created_at": "2020-07-15T15:20:09Z", - "updated_at": "2020-07-30T06:16:30Z", + "updated_at": "2020-07-30T12:47:49Z", "pushed_at": "2020-07-23T19:45:25Z", - "stargazers_count": 107, - "watchers_count": 107, + "stargazers_count": 108, + "watchers_count": 108, "forks_count": 36, "forks": 36, - "watchers": 107, + "watchers": 108, "score": 0 }, { diff --git a/2020/CVE-2020-7961.json b/2020/CVE-2020-7961.json index d979ecc40f..bf659fe2fb 100644 --- a/2020/CVE-2020-7961.json +++ b/2020/CVE-2020-7961.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-03-26T01:34:38Z", - "updated_at": "2020-07-29T10:24:19Z", + "updated_at": "2020-07-30T13:16:10Z", "pushed_at": "2020-04-14T12:31:19Z", - "stargazers_count": 98, - "watchers_count": 98, + "stargazers_count": 99, + "watchers_count": 99, "forks_count": 37, "forks": 37, - "watchers": 98, + "watchers": 99, "score": 0 }, { diff --git a/README.md b/README.md index 319237de52..2497bbcce8 100644 --- a/README.md +++ b/README.md @@ -1362,6 +1362,11 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee - [Al1ex/CVE-2020-10673](https://github.com/Al1ex/CVE-2020-10673) ### CVE-2020-10713 + + +A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. + + - [eclypsium/BootHole](https://github.com/eclypsium/BootHole) ### CVE-2020-10749 @@ -1847,6 +1852,9 @@ scp in OpenSSH through 8.3p1 allows command injection in scp.c remote function, - [cpandya2909/CVE-2020-15778](https://github.com/cpandya2909/CVE-2020-15778) +### CVE-2020-15906 +- [S1lkys/CVE-2020-15906](https://github.com/S1lkys/CVE-2020-15906) + ### CVE-2020-72381 - [jdordonezn/CVE-2020-72381](https://github.com/jdordonezn/CVE-2020-72381)