mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/05/20 18:28:51

Browse source
This commit is contained in:
motikan2010-bot 2024-05-21 03:28:51 +09:00
parent f7094700a7
commit ed7d553975
34 changed files with 340 additions and 113 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2018/CVE-2018-6574.json
View file

@ -2565,8 +2565,8 @@
"description": "CVE-2018-6574-go-get-RCE",
"fork": false,
"created_at": "2024-05-17T17:30:06Z",
"updated_at": "2024-05-17T20:21:57Z",
"pushed_at": "2024-05-17T20:21:54Z",
"updated_at": "2024-05-20T16:29:28Z",
"pushed_at": "2024-05-20T16:29:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

2
2018/CVE-2018-7600.json
View file

@ -64,7 +64,7 @@
"forks": 117,
"watchers": 345,
"score": 0,
"subscribers_count": 77
"subscribers_count": 78
},
{
"id": 129319611,

2
2018/CVE-2018-8897.json
View file

@ -117,6 +117,6 @@
"forks": 24,
"watchers": 114,
"score": 0,
"subscribers_count": 5
"subscribers_count": 0
}
]

8
2019/CVE-2019-0708.json
View file

@ -3107,10 +3107,10 @@
"description": "CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7",
"fork": false,
"created_at": "2020-03-15T19:33:53Z",
"updated_at": "2024-04-22T02:32:49Z",
"updated_at": "2024-05-20T18:14:00Z",
"pushed_at": "2022-03-28T04:10:20Z",
"stargazers_count": 119,
"watchers_count": 119,
"stargazers_count": 120,
"watchers_count": 120,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@ -3119,7 +3119,7 @@
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 119,
"watchers": 120,
"score": 0,
"subscribers_count": 4
},

8
2019/CVE-2019-1405.json
View file

@ -13,10 +13,10 @@
"description": "Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322",
"fork": false,
"created_at": "2019-11-13T16:34:03Z",
"updated_at": "2024-04-29T00:45:47Z",
"updated_at": "2024-05-20T16:39:56Z",
"pushed_at": "2019-11-14T14:16:54Z",
"stargazers_count": 347,
"watchers_count": 347,
"stargazers_count": 348,
"watchers_count": 348,
"has_discussions": false,
"forks_count": 81,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 81,
"watchers": 347,
"watchers": 348,
"score": 0,
"subscribers_count": 12
}

4
2021/CVE-2021-22205.json
View file

@ -843,8 +843,8 @@
"description": "CVE-2021-22205 exploit script",
"fork": false,
"created_at": "2024-05-19T23:14:48Z",
"updated_at": "2024-05-19T23:26:25Z",
"pushed_at": "2024-05-19T23:26:22Z",
"updated_at": "2024-05-20T15:38:15Z",
"pushed_at": "2024-05-20T15:38:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

16
2021/CVE-2021-33739.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2021-06-09T11:40:56Z",
"updated_at": "2024-01-13T11:16:23Z",
"updated_at": "2024-05-20T17:12:28Z",
"pushed_at": "2021-06-09T06:58:20Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 56,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 56,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},
@ -43,10 +43,10 @@
"description": "CVE-2021-33739 PoC Analysis",
"fork": false,
"created_at": "2021-09-24T03:33:02Z",
"updated_at": "2023-09-21T23:01:05Z",
"updated_at": "2024-05-20T17:12:20Z",
"pushed_at": "2021-12-22T09:04:01Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}

8
2021/CVE-2021-34473.json
View file

@ -103,10 +103,10 @@
"description": "Proof of Concept for CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207",
"fork": false,
"created_at": "2021-09-04T15:34:03Z",
"updated_at": "2024-04-30T03:20:14Z",
"updated_at": "2024-05-20T12:39:20Z",
"pushed_at": "2023-08-25T22:42:24Z",
"stargazers_count": 104,
"watchers_count": 104,
"stargazers_count": 105,
"watchers_count": 105,
"has_discussions": false,
"forks_count": 36,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 36,
"watchers": 104,
"watchers": 105,
"score": 0,
"subscribers_count": 3
},

4
2021/CVE-2021-34527.json
View file

@ -241,13 +241,13 @@
"stargazers_count": 757,
"watchers_count": 757,
"has_discussions": false,
"forks_count": 116,
"forks_count": 117,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 116,
"forks": 117,
"watchers": 757,
"score": 0,
"subscribers_count": 10

8
2021/CVE-2021-4034.json
View file

@ -1305,10 +1305,10 @@
"description": "Python exploit code for CVE-2021-4034 (pwnkit)",
"fork": false,
"created_at": "2022-01-26T17:53:16Z",
"updated_at": "2024-05-20T05:23:22Z",
"updated_at": "2024-05-20T17:56:23Z",
"pushed_at": "2022-01-28T00:29:15Z",
"stargazers_count": 138,
"watchers_count": 138,
"stargazers_count": 139,
"watchers_count": 139,
"has_discussions": false,
"forks_count": 37,
"allow_forking": true,
@ -1317,7 +1317,7 @@
"topics": [],
"visibility": "public",
"forks": 37,
"watchers": 138,
"watchers": 139,
"score": 0,
"subscribers_count": 2
},

16
2022/CVE-2022-0847.json
View file

@ -703,10 +703,10 @@
"description": "CVE-2022-0847",
"fork": false,
"created_at": "2022-03-09T02:47:08Z",
"updated_at": "2024-04-21T21:11:28Z",
"updated_at": "2024-05-20T14:32:23Z",
"pushed_at": "2022-03-09T02:47:32Z",
"stargazers_count": 65,
"watchers_count": 65,
"stargazers_count": 66,
"watchers_count": 66,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
@ -717,7 +717,7 @@
],
"visibility": "public",
"forks": 16,
"watchers": 65,
"watchers": 66,
"score": 0,
"subscribers_count": 5
},
@ -1185,10 +1185,10 @@
"description": "A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.",
"fork": false,
"created_at": "2022-03-12T20:57:24Z",
"updated_at": "2024-05-16T17:52:04Z",
"updated_at": "2024-05-20T14:32:16Z",
"pushed_at": "2023-05-20T05:55:45Z",
"stargazers_count": 508,
"watchers_count": 508,
"stargazers_count": 509,
"watchers_count": 509,
"has_discussions": false,
"forks_count": 137,
"allow_forking": true,
@ -1197,7 +1197,7 @@
"topics": [],
"visibility": "public",
"forks": 137,
"watchers": 508,
"watchers": 509,
"score": 0,
"subscribers_count": 15
},

8
2022/CVE-2022-26134.json
View file

@ -13,10 +13,10 @@
"description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。",
"fork": false,
"created_at": "2022-05-31T07:44:01Z",
"updated_at": "2024-05-18T02:15:47Z",
"updated_at": "2024-05-20T14:23:18Z",
"pushed_at": "2023-02-26T14:06:05Z",
"stargazers_count": 1133,
"watchers_count": 1133,
"stargazers_count": 1134,
"watchers_count": 1134,
"has_discussions": true,
"forks_count": 188,
"allow_forking": true,
@ -45,7 +45,7 @@
],
"visibility": "public",
"forks": 188,
"watchers": 1133,
"watchers": 1134,
"score": 0,
"subscribers_count": 19
},

8
2022/CVE-2022-30591.json
View file

@ -13,10 +13,10 @@
"description": "Attacks against QUIC (CVE-2022-30591)",
"fork": false,
"created_at": "2022-06-30T18:25:23Z",
"updated_at": "2024-04-04T14:00:13Z",
"updated_at": "2024-05-20T13:11:39Z",
"pushed_at": "2022-12-31T01:55:15Z",
"stargazers_count": 15,
"watchers_count": 15,
"stargazers_count": 16,
"watchers_count": 16,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 7,
"watchers": 15,
"watchers": 16,
"score": 0,
"subscribers_count": 1
}

2
2022/CVE-2022-39197.json
View file

@ -351,7 +351,7 @@
"description": "CVE-2022-39197 RCE POC",
"fork": false,
"created_at": "2022-10-22T10:11:37Z",
"updated_at": "2022-11-29T06:21:46Z",
"updated_at": "2024-05-20T14:01:29Z",
"pushed_at": "2022-10-22T11:13:59Z",
"stargazers_count": 13,
"watchers_count": 13,

30
2023/CVE-2023-27100.json
View file

@ -28,5 +28,35 @@
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 803311875,
"name": "CVE-2023-27100",
"full_name": "fabdotnet\/CVE-2023-27100",
"owner": {
"login": "fabdotnet",
"id": 169522306,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169522306?v=4",
"html_url": "https:\/\/github.com\/fabdotnet"
},
"html_url": "https:\/\/github.com\/fabdotnet\/CVE-2023-27100",
"description": null,
"fork": false,
"created_at": "2024-05-20T13:35:39Z",
"updated_at": "2024-05-20T13:37:25Z",
"pushed_at": "2024-05-20T13:37:21Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2023/CVE-2023-34992.json
View file

@ -13,19 +13,19 @@
"description": "CVE-2023-34992: Fortinet FortiSIEM Command Injection Proof of Concept Exploit",
"fork": false,
"created_at": "2024-05-17T12:07:14Z",
"updated_at": "2024-05-20T11:52:21Z",
"updated_at": "2024-05-20T12:37:55Z",
"pushed_at": "2024-05-17T12:20:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

32
2023/CVE-2023-38039.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 803348538,
"name": "CVE-2023-38039",
"full_name": "Smartkeyss\/CVE-2023-38039",
"owner": {
"login": "Smartkeyss",
"id": 106775982,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106775982?v=4",
"html_url": "https:\/\/github.com\/Smartkeyss"
},
"html_url": "https:\/\/github.com\/Smartkeyss\/CVE-2023-38039",
"description": "For all vicarius.io\/vsoviety analysis",
"fork": false,
"created_at": "2024-05-20T14:52:38Z",
"updated_at": "2024-05-20T15:29:08Z",
"pushed_at": "2024-05-20T15:27:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

2
2023/CVE-2023-38831.json
View file

@ -1234,7 +1234,7 @@
"description": "evil-winrar,CVE-2023-38831漏洞利用和社会工程学攻击框架 (evil-winrar, CVE-2023-38831 Vulnerability Exploitation and Social Engineering Attack Framework)",
"fork": false,
"created_at": "2024-03-25T14:05:24Z",
"updated_at": "2024-05-15T12:56:05Z",
"updated_at": "2024-05-20T16:55:05Z",
"pushed_at": "2024-03-25T14:38:29Z",
"stargazers_count": 9,
"watchers_count": 9,

32
2023/CVE-2023-4568.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 803424741,
"name": "CVE-2023-4568",
"full_name": "Cappricio-Securities\/CVE-2023-4568",
"owner": {
"login": "Cappricio-Securities",
"id": 102907425,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4",
"html_url": "https:\/\/github.com\/Cappricio-Securities"
},
"html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-4568",
"description": "PaperCut NG Unauthenticated XMLRPC Functionality",
"fork": false,
"created_at": "2024-05-20T17:41:47Z",
"updated_at": "2024-05-20T17:43:19Z",
"pushed_at": "2024-05-20T17:43:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-45866.json
View file

@ -13,10 +13,10 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
"updated_at": "2024-05-20T10:01:43Z",
"updated_at": "2024-05-20T16:52:31Z",
"pushed_at": "2024-05-16T21:12:20Z",
"stargazers_count": 706,
"watchers_count": 706,
"stargazers_count": 709,
"watchers_count": 709,
"has_discussions": false,
"forks_count": 121,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 121,
"watchers": 706,
"watchers": 709,
"score": 0,
"subscribers_count": 11
},

12
2023/CVE-2023-4863.json
View file

@ -13,19 +13,19 @@
"description": null,
"fork": false,
"created_at": "2023-09-21T05:22:51Z",
"updated_at": "2024-05-18T14:21:17Z",
"updated_at": "2024-05-20T18:29:17Z",
"pushed_at": "2023-12-18T04:25:00Z",
"stargazers_count": 299,
"watchers_count": 299,
"stargazers_count": 301,
"watchers_count": 301,
"has_discussions": false,
"forks_count": 47,
"forks_count": 48,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 47,
"watchers": 299,
"forks": 48,
"watchers": 301,
"score": 0,
"subscribers_count": 15
},

8
2023/CVE-2023-48788.json
View file

@ -13,10 +13,10 @@
"description": "Fortinet FortiClient EMS SQL Injection",
"fork": false,
"created_at": "2024-03-18T20:50:48Z",
"updated_at": "2024-05-19T11:24:40Z",
"updated_at": "2024-05-20T12:38:19Z",
"pushed_at": "2024-03-20T20:42:41Z",
"stargazers_count": 38,
"watchers_count": 38,
"stargazers_count": 39,
"watchers_count": 39,
"has_discussions": false,
"forks_count": 10,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 10,
"watchers": 38,
"watchers": 39,
"score": 0,
"subscribers_count": 5
}

4
2023/CVE-2023-49070.json
View file

@ -119,13 +119,13 @@
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1

2
2024/CVE-2024-1086.json
View file

@ -13,7 +13,7 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2024-05-20T06:19:12Z",
"updated_at": "2024-05-20T15:41:06Z",
"pushed_at": "2024-04-17T16:09:54Z",
"stargazers_count": 1937,
"watchers_count": 1937,

8
2024/CVE-2024-21413.json
View file

@ -43,10 +43,10 @@
"description": "Microsoft-Outlook-Remote-Code-Execution-Vulnerability",
"fork": false,
"created_at": "2024-02-16T15:17:59Z",
"updated_at": "2024-05-19T11:26:20Z",
"updated_at": "2024-05-20T13:10:28Z",
"pushed_at": "2024-02-19T20:00:35Z",
"stargazers_count": 613,
"watchers_count": 613,
"stargazers_count": 614,
"watchers_count": 614,
"has_discussions": false,
"forks_count": 136,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 136,
"watchers": 613,
"watchers": 614,
"score": 0,
"subscribers_count": 9
},

12
2024/CVE-2024-22120.json
View file

@ -13,12 +13,12 @@
"description": "Time Based SQL Injection in Zabbix Server Audit Log --> RCE",
"fork": false,
"created_at": "2024-05-20T03:29:09Z",
"updated_at": "2024-05-20T11:35:10Z",
"updated_at": "2024-05-20T17:12:37Z",
"pushed_at": "2024-05-20T10:04:49Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 24,
"watchers_count": 24,
"has_discussions": false,
"forks_count": 2,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -28,8 +28,8 @@
"zabbix"
],
"visibility": "public",
"forks": 2,
"watchers": 14,
"forks": 5,
"watchers": 24,
"score": 0,
"subscribers_count": 0
}

42
2024/CVE-2024-22243.json
View file

@ -1,4 +1,46 @@
[
{
"id": 761209664,
"name": "CVE-2024-22243",
"full_name": "SeanPesce\/CVE-2024-22243",
"owner": {
"login": "SeanPesce",
"id": 20076909,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20076909?v=4",
"html_url": "https:\/\/github.com\/SeanPesce"
},
"html_url": "https:\/\/github.com\/SeanPesce\/CVE-2024-22243",
"description": "Example exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).",
"fork": false,
"created_at": "2024-02-21T12:55:22Z",
"updated_at": "2024-05-20T13:15:03Z",
"pushed_at": "2024-05-20T13:15:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"ctf",
"cve-2024-22243",
"java",
"open-redirect",
"server-side-request-forgery",
"spring",
"ssrf",
"uri",
"url",
"vulnerability",
"web"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 762214516,
"name": "CVE-2024-22243-CVE-2024-22234",

8
2024/CVE-2024-27130.json
View file

@ -13,10 +13,10 @@
"description": "PoC for CVE-2024-27130",
"fork": false,
"created_at": "2024-05-17T07:58:01Z",
"updated_at": "2024-05-20T01:14:09Z",
"updated_at": "2024-05-20T14:30:43Z",
"pushed_at": "2024-05-17T10:27:07Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 10,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 10,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 0
}

12
2024/CVE-2024-27804.json
View file

@ -13,19 +13,19 @@
"description": "POC for CVE-2024-27804",
"fork": false,
"created_at": "2024-05-14T14:17:06Z",
"updated_at": "2024-05-19T15:30:08Z",
"updated_at": "2024-05-20T15:36:52Z",
"pushed_at": "2024-05-14T14:55:23Z",
"stargazers_count": 98,
"watchers_count": 98,
"stargazers_count": 100,
"watchers_count": 100,
"has_discussions": false,
"forks_count": 20,
"forks_count": 21,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 98,
"forks": 21,
"watchers": 100,
"score": 0,
"subscribers_count": 3
}

32
2024/CVE-2024-32002.json
View file

@ -43,12 +43,12 @@
"description": "Exploit PoC for CVE-2024-32002",
"fork": false,
"created_at": "2024-05-17T19:33:08Z",
"updated_at": "2024-05-20T12:26:29Z",
"updated_at": "2024-05-20T17:56:44Z",
"pushed_at": "2024-05-19T07:12:00Z",
"stargazers_count": 25,
"watchers_count": 25,
"stargazers_count": 34,
"watchers_count": 34,
"has_discussions": false,
"forks_count": 15,
"forks_count": 17,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -59,8 +59,8 @@
"rce"
],
"visibility": "public",
"forks": 15,
"watchers": 25,
"forks": 17,
"watchers": 34,
"score": 0,
"subscribers_count": 1
},
@ -145,12 +145,12 @@
"description": "CVE-2024-32002 RCE PoC",
"fork": false,
"created_at": "2024-05-18T15:05:28Z",
"updated_at": "2024-05-20T12:27:04Z",
"updated_at": "2024-05-20T18:02:08Z",
"pushed_at": "2024-05-18T15:12:59Z",
"stargazers_count": 42,
"watchers_count": 42,
"stargazers_count": 50,
"watchers_count": 50,
"has_discussions": false,
"forks_count": 13,
"forks_count": 16,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -160,8 +160,8 @@
"rce"
],
"visibility": "public",
"forks": 13,
"watchers": 42,
"forks": 16,
"watchers": 50,
"score": 0,
"subscribers_count": 1
},
@ -479,10 +479,10 @@
"description": null,
"fork": false,
"created_at": "2024-05-20T02:52:42Z",
"updated_at": "2024-05-20T06:46:29Z",
"updated_at": "2024-05-20T13:46:47Z",
"pushed_at": "2024-05-20T03:12:00Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -491,7 +491,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 0
},

30
2024/CVE-2024-32004.json
View file

@ -28,5 +28,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 803351666,
"name": "CVE-2024-32004-POC",
"full_name": "10cks\/CVE-2024-32004-POC",
"owner": {
"login": "10cks",
"id": 47177550,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4",
"html_url": "https:\/\/github.com\/10cks"
},
"html_url": "https:\/\/github.com\/10cks\/CVE-2024-32004-POC",
"description": null,
"fork": false,
"created_at": "2024-05-20T14:59:16Z",
"updated_at": "2024-05-20T15:02:51Z",
"pushed_at": "2024-05-20T15:02:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-3400.json
View file

@ -73,10 +73,10 @@
"description": "CVE-2024-3400",
"fork": false,
"created_at": "2024-04-13T14:00:31Z",
"updated_at": "2024-05-15T14:30:07Z",
"updated_at": "2024-05-20T14:08:31Z",
"pushed_at": "2024-04-18T07:11:17Z",
"stargazers_count": 42,
"watchers_count": 42,
"stargazers_count": 43,
"watchers_count": 43,
"has_discussions": false,
"forks_count": 19,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 42,
"watchers": 43,
"score": 0,
"subscribers_count": 2
},

37
2024/CVE-2024-4323.json Normal file
View file

@ -0,0 +1,37 @@
[
{
"id": 803353937,
"name": "CVE-2024-4323-Exploit-POC",
"full_name": "skilfoy\/CVE-2024-4323-Exploit-POC",
"owner": {
"login": "skilfoy",
"id": 20802814,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20802814?v=4",
"html_url": "https:\/\/github.com\/skilfoy"
},
"html_url": "https:\/\/github.com\/skilfoy\/CVE-2024-4323-Exploit-POC",
"description": "This proof-of-concept script demonstrates how to exploit CVE-2024-4323, a memory corruption vulnerability in Fluent Bit, enabling remote code execution.",
"fork": false,
"created_at": "2024-05-20T15:04:13Z",
"updated_at": "2024-05-20T15:30:30Z",
"pushed_at": "2024-05-20T15:28:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2024-4323",
"cve-2024-4323-exploit-poc",
"exploit",
"exploit-poc"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

24
README.md
View file

@ -510,6 +510,13 @@
- [gotr00t0day/CVE-2024-4040](https://github.com/gotr00t0day/CVE-2024-4040)
- [1ncendium/CVE-2024-4040](https://github.com/1ncendium/CVE-2024-4040)
### CVE-2024-4323 (2024-05-20)
<code>A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http servers parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.
</code>
- [skilfoy/CVE-2024-4323-Exploit-POC](https://github.com/skilfoy/CVE-2024-4323-Exploit-POC)
### CVE-2024-4352 (2024-05-16)
<code>The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the year parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
@ -807,6 +814,7 @@
<code>Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.\n
</code>
- [SeanPesce/CVE-2024-22243](https://github.com/SeanPesce/CVE-2024-22243)
- [shellfeel/CVE-2024-22243-CVE-2024-22234](https://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234)
### CVE-2024-22369 (2024-02-20)
@ -1909,6 +1917,7 @@
</code>
- [Wadewfsssss/CVE-2024-32004](https://github.com/Wadewfsssss/CVE-2024-32004)
- [10cks/CVE-2024-32004-POC](https://github.com/10cks/CVE-2024-32004-POC)
### CVE-2024-32136 (2024-04-15)
@ -2967,6 +2976,13 @@
- [b0marek/CVE-2023-4549](https://github.com/b0marek/CVE-2023-4549)
### CVE-2023-4568 (2023-09-13)
<code>PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.
</code>
- [Cappricio-Securities/CVE-2023-4568](https://github.com/Cappricio-Securities/CVE-2023-4568)
### CVE-2023-4596 (2023-08-30)
<code>The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
@ -4751,6 +4767,7 @@
</code>
- [DarokNET/CVE-2023-27100](https://github.com/DarokNET/CVE-2023-27100)
- [fabdotnet/CVE-2023-27100](https://github.com/fabdotnet/CVE-2023-27100)
### CVE-2023-27163 (2023-03-31)
@ -7038,6 +7055,13 @@
- [LeakIX/sentryexploit](https://github.com/LeakIX/sentryexploit)
- [mind2hex/CVE-2023-38035](https://github.com/mind2hex/CVE-2023-38035)
### CVE-2023-38039 (2023-09-15)
<code>When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory.
</code>
- [Smartkeyss/CVE-2023-38039](https://github.com/Smartkeyss/CVE-2023-38039)
### CVE-2023-38041 (2023-10-25)
<code>A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.